@agent-native/core 0.48.4 → 0.49.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. package/dist/agent/context-xray/actions/context-evict.d.ts +1 -1
  2. package/dist/agent/context-xray/actions/context-pin.d.ts +1 -1
  3. package/dist/agent/context-xray/actions/context-report.d.ts +4 -4
  4. package/dist/agent/context-xray/actions/context-restore.d.ts +1 -1
  5. package/dist/application-state/handlers.d.ts +2 -2
  6. package/dist/application-state/handlers.d.ts.map +1 -1
  7. package/dist/cli/app-skill.d.ts +157 -0
  8. package/dist/cli/app-skill.d.ts.map +1 -0
  9. package/dist/cli/app-skill.js +17 -7
  10. package/dist/cli/app-skill.js.map +1 -1
  11. package/dist/cli/audit-agent-web.d.ts +2 -0
  12. package/dist/cli/audit-agent-web.d.ts.map +1 -0
  13. package/dist/cli/code-agent-connector.d.ts +17 -0
  14. package/dist/cli/code-agent-connector.d.ts.map +1 -0
  15. package/dist/cli/code.d.ts +66 -0
  16. package/dist/cli/code.d.ts.map +1 -0
  17. package/dist/cli/connect.d.ts +168 -0
  18. package/dist/cli/connect.d.ts.map +1 -0
  19. package/dist/cli/connect.js +118 -30
  20. package/dist/cli/connect.js.map +1 -1
  21. package/dist/cli/context-xray-local.d.ts +16 -0
  22. package/dist/cli/context-xray-local.d.ts.map +1 -0
  23. package/dist/cli/create-workspace.d.ts +8 -0
  24. package/dist/cli/create-workspace.d.ts.map +1 -0
  25. package/dist/cli/index.d.ts +3 -0
  26. package/dist/cli/index.d.ts.map +1 -0
  27. package/dist/cli/info.d.ts +2 -0
  28. package/dist/cli/info.d.ts.map +1 -0
  29. package/dist/cli/mcp-config-writers.d.ts +108 -0
  30. package/dist/cli/mcp-config-writers.d.ts.map +1 -0
  31. package/dist/cli/mcp-config-writers.js +143 -0
  32. package/dist/cli/mcp-config-writers.js.map +1 -1
  33. package/dist/cli/mcp.d.ts +16 -0
  34. package/dist/cli/mcp.d.ts.map +1 -0
  35. package/dist/cli/mcp.js +10 -10
  36. package/dist/cli/mcp.js.map +1 -1
  37. package/dist/cli/migrate.d.ts +38 -0
  38. package/dist/cli/migrate.d.ts.map +1 -0
  39. package/dist/cli/plan-local.d.ts +43 -0
  40. package/dist/cli/plan-local.d.ts.map +1 -0
  41. package/dist/cli/plan-publish-store.d.ts +62 -0
  42. package/dist/cli/plan-publish-store.d.ts.map +1 -0
  43. package/dist/cli/pr-visual-recap-workflow.d.ts +11 -0
  44. package/dist/cli/pr-visual-recap-workflow.d.ts.map +1 -0
  45. package/dist/cli/pr-visual-recap-workflow.js +1 -1
  46. package/dist/cli/pr-visual-recap-workflow.js.map +1 -1
  47. package/dist/cli/recap.d.ts +453 -0
  48. package/dist/cli/recap.d.ts.map +1 -0
  49. package/dist/cli/recap.js +228 -95
  50. package/dist/cli/recap.js.map +1 -1
  51. package/dist/cli/skills.d.ts +193 -0
  52. package/dist/cli/skills.d.ts.map +1 -0
  53. package/dist/cli/skills.js +369 -171
  54. package/dist/cli/skills.js.map +1 -1
  55. package/dist/cli/telemetry.d.ts +13 -0
  56. package/dist/cli/telemetry.d.ts.map +1 -0
  57. package/dist/cli/telemetry.js +115 -0
  58. package/dist/cli/telemetry.js.map +1 -0
  59. package/dist/cli/workspace-dev.d.ts +96 -0
  60. package/dist/cli/workspace-dev.d.ts.map +1 -0
  61. package/dist/client/blocks/library/AnnotatedCodeBlock.d.ts.map +1 -1
  62. package/dist/client/blocks/library/AnnotatedCodeBlock.js +15 -7
  63. package/dist/client/blocks/library/AnnotatedCodeBlock.js.map +1 -1
  64. package/dist/client/blocks/library/DiffBlock.d.ts.map +1 -1
  65. package/dist/client/blocks/library/DiffBlock.js +17 -10
  66. package/dist/client/blocks/library/DiffBlock.js.map +1 -1
  67. package/dist/client/blocks/library/annotation-rail.d.ts +5 -0
  68. package/dist/client/blocks/library/annotation-rail.d.ts.map +1 -1
  69. package/dist/client/blocks/library/annotation-rail.js +6 -0
  70. package/dist/client/blocks/library/annotation-rail.js.map +1 -1
  71. package/dist/client/blocks/types.d.ts +5 -0
  72. package/dist/client/blocks/types.d.ts.map +1 -1
  73. package/dist/client/blocks/types.js.map +1 -1
  74. package/dist/extensions/schema.d.ts +54 -54
  75. package/dist/extensions/slots/schema.d.ts +13 -13
  76. package/dist/file-upload/actions/upload-image.d.ts +4 -4
  77. package/dist/mcp/actions/create-org-service-token.d.ts +1 -1
  78. package/dist/mcp/actions/list-org-service-tokens.d.ts +7 -7
  79. package/dist/mcp/build-server.d.ts +12 -12
  80. package/dist/mcp/build-server.d.ts.map +1 -1
  81. package/dist/mcp/build-server.js.map +1 -1
  82. package/dist/mcp/connect-route.js +1 -1
  83. package/dist/mcp/connect-route.js.map +1 -1
  84. package/dist/mcp/oauth-route.d.ts +10 -0
  85. package/dist/mcp/oauth-route.d.ts.map +1 -1
  86. package/dist/mcp/oauth-route.js +34 -3
  87. package/dist/mcp/oauth-route.js.map +1 -1
  88. package/dist/mcp/oauth-store.d.ts +15 -1
  89. package/dist/mcp/oauth-store.d.ts.map +1 -1
  90. package/dist/mcp/oauth-store.js +60 -4
  91. package/dist/mcp/oauth-store.js.map +1 -1
  92. package/dist/mcp/oauth-token.d.ts +3 -1
  93. package/dist/mcp/oauth-token.d.ts.map +1 -1
  94. package/dist/mcp/oauth-token.js +78 -6
  95. package/dist/mcp/oauth-token.js.map +1 -1
  96. package/dist/mcp/server.d.ts.map +1 -1
  97. package/dist/mcp/server.js +8 -6
  98. package/dist/mcp/server.js.map +1 -1
  99. package/dist/observability/routes.d.ts +11 -11
  100. package/dist/org/handlers.d.ts +7 -11
  101. package/dist/org/handlers.d.ts.map +1 -1
  102. package/dist/secrets/schema.d.ts +7 -7
  103. package/dist/server/csrf.d.ts +1 -1
  104. package/dist/server/csrf.d.ts.map +1 -1
  105. package/dist/server/poll-events.d.ts +1 -1
  106. package/dist/server/security-headers.d.ts +1 -1
  107. package/dist/server/security-headers.d.ts.map +1 -1
  108. package/dist/sharing/actions/list-resource-shares.d.ts +3 -3
  109. package/dist/sharing/actions/set-resource-visibility.d.ts +2 -2
  110. package/dist/sharing/actions/share-resource.d.ts +4 -4
  111. package/dist/sharing/actions/unshare-resource.d.ts +1 -1
  112. package/dist/sharing/schema.d.ts +12 -12
  113. package/dist/templates/workspace-core/.agents/skills/authentication/SKILL.md +2 -2
  114. package/dist/templates/workspace-core/.agents/skills/external-agents/SKILL.md +6 -6
  115. package/dist/templates/workspace-core/.agents/skills/external-agents/references/mcp-apps-embedding.md +2 -2
  116. package/dist/workspace-files/schema.d.ts +8 -8
  117. package/docs/content/deployment.md +32 -8
  118. package/docs/content/drop-in-agent.md +24 -17
  119. package/docs/content/external-agents.md +14 -0
  120. package/docs/content/plan-plugin.md +22 -7
  121. package/docs/content/template-content.md +36 -0
  122. package/docs/content/template-plan.md +22 -0
  123. package/package.json +5 -1
  124. package/src/templates/workspace-core/.agents/skills/authentication/SKILL.md +2 -2
  125. package/src/templates/workspace-core/.agents/skills/external-agents/SKILL.md +6 -6
  126. package/src/templates/workspace-core/.agents/skills/external-agents/references/mcp-apps-embedding.md +2 -2
package/dist/mcp/oauth-token.js CHANGED
@@ -1,12 +1,28 @@
1
1
  import * as jose from "jose";
2
2
  import { randomUUID } from "node:crypto";
3
3
  import { getAuthSecret } from "../server/better-auth-instance.js";
4
- import { MCP_OAUTH_ACCESS_TOKEN_TTL } from "./oauth-store.js";
4
+ import { MCP_OAUTH_ACCESS_TOKEN_TTL, MCP_OAUTH_ACCESS_TOKEN_TTL_SECONDS, } from "./oauth-store.js";
5
+ export { MCP_OAUTH_ACCESS_TOKEN_TTL, MCP_OAUTH_ACCESS_TOKEN_TTL_SECONDS };
5
6
  export const MCP_OAUTH_SCOPES = ["mcp:read", "mcp:write", "mcp:apps"];
6
7
  export const MCP_OAUTH_DEFAULT_SCOPE = MCP_OAUTH_SCOPES.join(" ");
8
+ /** Primary signing secret: A2A_SECRET when set, else the better-auth secret. */
7
9
  function signingSecret() {
8
10
  return new TextEncoder().encode(process.env.A2A_SECRET?.trim() || getAuthSecret());
9
11
  }
12
+ /**
13
+ * All candidate verify secrets in priority order.
14
+ * Mint always uses the primary; verify tries all to survive secret rotation
15
+ * (e.g. A2A_SECRET being added or removed from a deploy without a redeploy).
16
+ */
17
+ function verifySecrets() {
18
+ const enc = new TextEncoder();
19
+ const a2a = process.env.A2A_SECRET?.trim();
20
+ const auth = getAuthSecret();
21
+ if (a2a && a2a !== auth) {
22
+ return [enc.encode(a2a), enc.encode(auth)];
23
+ }
24
+ return [enc.encode(a2a || auth)];
25
+ }
10
26
  export function normalizeOAuthScope(input) {
11
27
  const requested = typeof input === "string"
12
28
  ? input
@@ -50,16 +66,72 @@ export async function signMcpOAuthAccessToken(params) {
50
66
  .setExpirationTime(params.expiresIn ?? MCP_OAUTH_ACCESS_TOKEN_TTL)
51
67
  .sign(signingSecret());
52
68
  }
53
- export async function verifyMcpOAuthAccessToken(token, resource) {
69
+ /**
70
+ * Normalise a trailing slash so that audience comparisons are not sensitive to
71
+ * whether the resource URL was written with or without a trailing slash.
72
+ */
73
+ function normaliseResource(r) {
74
+ return r.replace(/\/+$/, "");
75
+ }
76
+ /**
77
+ * Deduplicate an audience list after normalising trailing slashes.
78
+ * Accepts a single string or an array; always returns a non-empty array or
79
+ * `null` when the input was empty / undefined.
80
+ */
81
+ function buildAudienceList(resource) {
54
82
  if (!resource)
55
83
  return null;
84
+ const raw = Array.isArray(resource) ? resource : [resource];
85
+ const seen = new Set();
86
+ const out = [];
87
+ for (const r of raw) {
88
+ const n = normaliseResource(r);
89
+ if (n && !seen.has(n)) {
90
+ seen.add(n);
91
+ out.push(n);
92
+ }
93
+ }
94
+ return out.length ? out : null;
95
+ }
96
+ export async function verifyMcpOAuthAccessToken(token, resource) {
97
+ const audiences = buildAudienceList(resource);
98
+ if (!audiences)
99
+ return null;
100
+ // Try each candidate secret in priority order. We only fall through to the
101
+ // next secret on a signature failure (JWSSignatureVerificationFailed /
102
+ // JWSInvalid). Expired or wrong-audience errors are definitive — no retry.
103
+ const secrets = verifySecrets();
104
+ let payload = null;
105
+ outer: for (const audience of audiences) {
106
+ for (const secret of secrets) {
107
+ try {
108
+ const result = await jose.jwtVerify(token, secret, { audience });
109
+ payload = result.payload;
110
+ break outer;
111
+ }
112
+ catch (err) {
113
+ const code = err?.code ?? "";
114
+ // Signature failures → try next secret; all other errors → bail.
115
+ if (code === "ERR_JWS_SIGNATURE_VERIFICATION_FAILED" ||
116
+ code === "ERR_JWS_INVALID") {
117
+ continue;
118
+ }
119
+ // Expired, wrong audience, or malformed → this audience+secret pair is
120
+ // structurally incompatible; try the next audience.
121
+ break;
122
+ }
123
+ }
124
+ }
125
+ if (!payload)
126
+ return null;
56
127
  try {
57
- const { payload } = await jose.jwtVerify(token, signingSecret(), {
58
- audience: resource,
59
- });
60
128
  if (payload.typ !== "agent-native-mcp-oauth")
61
129
  return null;
62
- if (payload.resource !== resource)
130
+ // The embedded `resource` claim must match one of the accepted audiences.
131
+ if (typeof payload.resource !== "string")
132
+ return null;
133
+ const embeddedResource = normaliseResource(payload.resource);
134
+ if (!audiences.includes(embeddedResource))
63
135
  return null;
64
136
  if (typeof payload.sub !== "string" || !payload.sub)
65
137
  return null;
package/dist/mcp/oauth-token.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth-token.js","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,UAAU,CAAU,CAAC;AAE/E,MAAM,CAAC,MAAM,uBAAuB,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAalE,SAAS,aAAa;IACpB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAC7B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,aAAa,EAAE,CAClD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,MAAM,SAAS,GACb,OAAO,KAAK,KAAK,QAAQ;QACvB,CAAC,CAAC,KAAK;aACF,KAAK,CAAC,KAAK,CAAC;aACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,OAAO,CAAC;QACpB,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;IAClD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,uBAAuB,CAAC;IAC3D,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAyB;IACjD,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;SACjB,KAAK,CAAC,KAAK,CAAC;SACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,MAA4B,EAC5B,KAAwC;IAExC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAiB7C;IACC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC;QACtB,GAAG,EAAE,wBAAwB;QAC7B,GAAG,EAAE,MAAM,CAAC,UAAU;QACtB,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACrE,CAAC;SACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;SACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;SAC5B,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;SAClC,WAAW,EAAE;SACb,iBAAiB,CAAC,MAAM,CAAC,SAAS,IAAI,0BAA0B,CAAC;SACjE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAa,EACb,QAA4B;IAY5B,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,aAAa,EAAE,EAAE;YAC/D,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QACH,IAAI,OAAO,CAAC,GAAG,KAAK,wBAAwB;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC/C,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAQ,CAAC,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,GAAG;YACtB,KAAK,EAAE,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACtE,SAAS,EACP,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;YACzE,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,GAAG,EAAE,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;YAC9D,GAAG,CAAC,OAAO,CAAC,aAAa,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import * as jose from \"jose\";\nimport { randomUUID } from \"node:crypto\";\nimport { getAuthSecret } from \"../server/better-auth-instance.js\";\nimport { MCP_OAUTH_ACCESS_TOKEN_TTL } from \"./oauth-store.js\";\n\nexport const MCP_OAUTH_SCOPES = [\"mcp:read\", \"mcp:write\", \"mcp:apps\"] as const;\n\nexport const MCP_OAUTH_DEFAULT_SCOPE = MCP_OAUTH_SCOPES.join(\" \");\n\nexport interface McpOAuthAccessTokenClaims {\n sub: string;\n org_id?: string;\n org_domain?: string;\n scope: string;\n client_id: string;\n resource: string;\n jti?: string;\n typ: \"agent-native-mcp-oauth\";\n}\n\nfunction signingSecret(): Uint8Array {\n return new TextEncoder().encode(\n process.env.A2A_SECRET?.trim() || getAuthSecret(),\n );\n}\n\nexport function normalizeOAuthScope(input: unknown): string | null {\n const requested =\n typeof input === \"string\"\n ? input\n .split(/\\s+/)\n .map((s) => s.trim())\n .filter(Boolean)\n : [];\n const allowed = new Set<string>(MCP_OAUTH_SCOPES);\n if (requested.length === 0) return MCP_OAUTH_DEFAULT_SCOPE;\n const selected = requested.filter((scope) => allowed.has(scope));\n return selected.length ? [...new Set(selected)].join(\" \") : null;\n}\n\nexport function scopeList(scope: string | undefined): string[] {\n return (scope ?? \"\")\n .split(/\\s+/)\n .map((s) => s.trim())\n .filter(Boolean);\n}\n\nexport function hasMcpOAuthScope(\n scopes: string[] | undefined,\n scope: (typeof MCP_OAUTH_SCOPES)[number],\n): boolean {\n if (!scopes) return true;\n return scopes.includes(scope);\n}\n\nexport async function signMcpOAuthAccessToken(params: {\n ownerEmail: string;\n orgId?: string | null;\n orgDomain?: string | null;\n clientId: string;\n scope: string;\n resource: string;\n issuer: string;\n jti?: string;\n expiresIn?: string | number;\n /**\n * When `\"full\"`, embed a `catalog_scope: \"full\"` custom claim so that on\n * hosted multi-tenant deployments (AGENT_NATIVE_CONNECTOR_CATALOG=1) this\n * token bypasses the connector-catalog tier filter. Used when the connect\n * flow is initiated with `--full-catalog`.\n */\n catalogScope?: \"full\";\n}): Promise<string> {\n return new jose.SignJWT({\n typ: \"agent-native-mcp-oauth\",\n sub: params.ownerEmail,\n ...(params.orgId ? { org_id: params.orgId } : {}),\n ...(params.orgDomain ? { org_domain: params.orgDomain } : {}),\n scope: params.scope,\n client_id: params.clientId,\n resource: params.resource,\n ...(params.catalogScope === \"full\" ? { catalog_scope: \"full\" } : {}),\n })\n .setProtectedHeader({ alg: \"HS256\" })\n .setIssuer(params.issuer)\n .setAudience(params.resource)\n .setJti(params.jti ?? randomUUID())\n .setIssuedAt()\n .setExpirationTime(params.expiresIn ?? MCP_OAUTH_ACCESS_TOKEN_TTL)\n .sign(signingSecret());\n}\n\nexport async function verifyMcpOAuthAccessToken(\n token: string,\n resource: string | undefined,\n): Promise<{\n userEmail: string;\n orgId?: string;\n orgDomain?: string;\n scopes: string[];\n clientId: string;\n jti?: string;\n /** Present when the token was minted with `--full-catalog`; bypasses the\n * connector-catalog tier filter on hosted multi-tenant deployments. */\n catalogScope?: \"full\";\n} | null> {\n if (!resource) return null;\n try {\n const { payload } = await jose.jwtVerify(token, signingSecret(), {\n audience: resource,\n });\n if (payload.typ !== \"agent-native-mcp-oauth\") return null;\n if (payload.resource !== resource) return null;\n if (typeof payload.sub !== \"string\" || !payload.sub) return null;\n if (typeof payload.client_id !== \"string\" || !payload.client_id) {\n return null;\n }\n const scope = typeof payload.scope === \"string\" ? payload.scope : \"\";\n const scopes = scopeList(scope);\n if (!scopes.some((s) => MCP_OAUTH_SCOPES.includes(s as any))) {\n return null;\n }\n return {\n userEmail: payload.sub,\n orgId: typeof payload.org_id === \"string\" ? payload.org_id : undefined,\n orgDomain:\n typeof payload.org_domain === \"string\" ? payload.org_domain : undefined,\n scopes,\n clientId: payload.client_id,\n jti: typeof payload.jti === \"string\" ? payload.jti : undefined,\n ...(payload.catalog_scope === \"full\" ? { catalogScope: \"full\" } : {}),\n };\n } catch {\n return null;\n }\n}\n"]}
1
+ {"version":3,"file":"oauth-token.js","sourceRoot":"","sources":["../../src/mcp/oauth-token.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAClE,OAAO,EACL,0BAA0B,EAC1B,kCAAkC,GACnC,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,0BAA0B,EAAE,kCAAkC,EAAE,CAAC;AAE1E,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,WAAW,EAAE,UAAU,CAAU,CAAC;AAE/E,MAAM,CAAC,MAAM,uBAAuB,GAAG,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAalE,gFAAgF;AAChF,SAAS,aAAa;IACpB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAC7B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,aAAa,EAAE,CAClD,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa;IACpB,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;IAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAG,aAAa,EAAE,CAAC;IAC7B,IAAI,GAAG,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,MAAM,SAAS,GACb,OAAO,KAAK,KAAK,QAAQ;QACvB,CAAC,CAAC,KAAK;aACF,KAAK,CAAC,KAAK,CAAC;aACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,OAAO,CAAC;QACpB,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;IAClD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,uBAAuB,CAAC;IAC3D,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IACjE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACnE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,KAAyB;IACjD,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;SACjB,KAAK,CAAC,KAAK,CAAC;SACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,MAA4B,EAC5B,KAAwC;IAExC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,MAiB7C;IACC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC;QACtB,GAAG,EAAE,wBAAwB;QAC7B,GAAG,EAAE,MAAM,CAAC,UAAU;QACtB,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS,EAAE,MAAM,CAAC,QAAQ;QAC1B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACrE,CAAC;SACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC;SACxB,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;SAC5B,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;SAClC,WAAW,EAAE;SACb,iBAAiB,CAAC,MAAM,CAAC,SAAS,IAAI,0BAA0B,CAAC;SACjE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,CAAS;IAClC,OAAO,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAC/B,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CACxB,QAAuC;IAEvC,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,MAAM,CAAC,IAAI,GAAG,EAAE,CAAC;QACpB,MAAM,CAAC,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACtB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACZ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAa,EACb,QAAuC;IAYvC,MAAM,SAAS,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC9C,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE5B,4EAA4E;IAC5E,uEAAuE;IACvE,4EAA4E;IAC5E,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC;IAChC,IAAI,OAAO,GAA2B,IAAI,CAAC;IAE3C,KAAK,EAAE,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACxC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;gBACjE,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;gBACzB,MAAM,KAAK,CAAC;YACd,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,IAAI,GAAW,GAAG,EAAE,IAAI,IAAI,EAAE,CAAC;gBACrC,iEAAiE;gBACjE,IACE,IAAI,KAAK,uCAAuC;oBAChD,IAAI,KAAK,iBAAiB,EAC1B,CAAC;oBACD,SAAS;gBACX,CAAC;gBACD,uEAAuE;gBACvE,oDAAoD;gBACpD,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,IAAI,CAAC;QACH,IAAI,OAAO,CAAC,GAAG,KAAK,wBAAwB;YAAE,OAAO,IAAI,CAAC;QAC1D,0EAA0E;QAC1E,IAAI,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACtD,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC7D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAAE,OAAO,IAAI,CAAC;QACvD,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAQ,CAAC,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,GAAG;YACtB,KAAK,EAAE,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACtE,SAAS,EACP,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;YACzE,MAAM;YACN,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,GAAG,EAAE,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;YAC9D,GAAG,CAAC,OAAO,CAAC,aAAa,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import * as jose from \"jose\";\nimport { randomUUID } from \"node:crypto\";\nimport { getAuthSecret } from \"../server/better-auth-instance.js\";\nimport {\n MCP_OAUTH_ACCESS_TOKEN_TTL,\n MCP_OAUTH_ACCESS_TOKEN_TTL_SECONDS,\n} from \"./oauth-store.js\";\n\nexport { MCP_OAUTH_ACCESS_TOKEN_TTL, MCP_OAUTH_ACCESS_TOKEN_TTL_SECONDS };\n\nexport const MCP_OAUTH_SCOPES = [\"mcp:read\", \"mcp:write\", \"mcp:apps\"] as const;\n\nexport const MCP_OAUTH_DEFAULT_SCOPE = MCP_OAUTH_SCOPES.join(\" \");\n\nexport interface McpOAuthAccessTokenClaims {\n sub: string;\n org_id?: string;\n org_domain?: string;\n scope: string;\n client_id: string;\n resource: string;\n jti?: string;\n typ: \"agent-native-mcp-oauth\";\n}\n\n/** Primary signing secret: A2A_SECRET when set, else the better-auth secret. */\nfunction signingSecret(): Uint8Array {\n return new TextEncoder().encode(\n process.env.A2A_SECRET?.trim() || getAuthSecret(),\n );\n}\n\n/**\n * All candidate verify secrets in priority order.\n * Mint always uses the primary; verify tries all to survive secret rotation\n * (e.g. A2A_SECRET being added or removed from a deploy without a redeploy).\n */\nfunction verifySecrets(): Uint8Array[] {\n const enc = new TextEncoder();\n const a2a = process.env.A2A_SECRET?.trim();\n const auth = getAuthSecret();\n if (a2a && a2a !== auth) {\n return [enc.encode(a2a), enc.encode(auth)];\n }\n return [enc.encode(a2a || auth)];\n}\n\nexport function normalizeOAuthScope(input: unknown): string | null {\n const requested =\n typeof input === \"string\"\n ? input\n .split(/\\s+/)\n .map((s) => s.trim())\n .filter(Boolean)\n : [];\n const allowed = new Set<string>(MCP_OAUTH_SCOPES);\n if (requested.length === 0) return MCP_OAUTH_DEFAULT_SCOPE;\n const selected = requested.filter((scope) => allowed.has(scope));\n return selected.length ? [...new Set(selected)].join(\" \") : null;\n}\n\nexport function scopeList(scope: string | undefined): string[] {\n return (scope ?? \"\")\n .split(/\\s+/)\n .map((s) => s.trim())\n .filter(Boolean);\n}\n\nexport function hasMcpOAuthScope(\n scopes: string[] | undefined,\n scope: (typeof MCP_OAUTH_SCOPES)[number],\n): boolean {\n if (!scopes) return true;\n return scopes.includes(scope);\n}\n\nexport async function signMcpOAuthAccessToken(params: {\n ownerEmail: string;\n orgId?: string | null;\n orgDomain?: string | null;\n clientId: string;\n scope: string;\n resource: string;\n issuer: string;\n jti?: string;\n expiresIn?: string | number;\n /**\n * When `\"full\"`, embed a `catalog_scope: \"full\"` custom claim so that on\n * hosted multi-tenant deployments (AGENT_NATIVE_CONNECTOR_CATALOG=1) this\n * token bypasses the connector-catalog tier filter. Used when the connect\n * flow is initiated with `--full-catalog`.\n */\n catalogScope?: \"full\";\n}): Promise<string> {\n return new jose.SignJWT({\n typ: \"agent-native-mcp-oauth\",\n sub: params.ownerEmail,\n ...(params.orgId ? { org_id: params.orgId } : {}),\n ...(params.orgDomain ? { org_domain: params.orgDomain } : {}),\n scope: params.scope,\n client_id: params.clientId,\n resource: params.resource,\n ...(params.catalogScope === \"full\" ? { catalog_scope: \"full\" } : {}),\n })\n .setProtectedHeader({ alg: \"HS256\" })\n .setIssuer(params.issuer)\n .setAudience(params.resource)\n .setJti(params.jti ?? randomUUID())\n .setIssuedAt()\n .setExpirationTime(params.expiresIn ?? MCP_OAUTH_ACCESS_TOKEN_TTL)\n .sign(signingSecret());\n}\n\n/**\n * Normalise a trailing slash so that audience comparisons are not sensitive to\n * whether the resource URL was written with or without a trailing slash.\n */\nfunction normaliseResource(r: string): string {\n return r.replace(/\\/+$/, \"\");\n}\n\n/**\n * Deduplicate an audience list after normalising trailing slashes.\n * Accepts a single string or an array; always returns a non-empty array or\n * `null` when the input was empty / undefined.\n */\nfunction buildAudienceList(\n resource: string | string[] | undefined,\n): string[] | null {\n if (!resource) return null;\n const raw = Array.isArray(resource) ? resource : [resource];\n const seen = new Set<string>();\n const out: string[] = [];\n for (const r of raw) {\n const n = normaliseResource(r);\n if (n && !seen.has(n)) {\n seen.add(n);\n out.push(n);\n }\n }\n return out.length ? out : null;\n}\n\nexport async function verifyMcpOAuthAccessToken(\n token: string,\n resource: string | string[] | undefined,\n): Promise<{\n userEmail: string;\n orgId?: string;\n orgDomain?: string;\n scopes: string[];\n clientId: string;\n jti?: string;\n /** Present when the token was minted with `--full-catalog`; bypasses the\n * connector-catalog tier filter on hosted multi-tenant deployments. */\n catalogScope?: \"full\";\n} | null> {\n const audiences = buildAudienceList(resource);\n if (!audiences) return null;\n\n // Try each candidate secret in priority order. We only fall through to the\n // next secret on a signature failure (JWSSignatureVerificationFailed /\n // JWSInvalid). Expired or wrong-audience errors are definitive — no retry.\n const secrets = verifySecrets();\n let payload: jose.JWTPayload | null = null;\n\n outer: for (const audience of audiences) {\n for (const secret of secrets) {\n try {\n const result = await jose.jwtVerify(token, secret, { audience });\n payload = result.payload;\n break outer;\n } catch (err: any) {\n const code: string = err?.code ?? \"\";\n // Signature failures → try next secret; all other errors → bail.\n if (\n code === \"ERR_JWS_SIGNATURE_VERIFICATION_FAILED\" ||\n code === \"ERR_JWS_INVALID\"\n ) {\n continue;\n }\n // Expired, wrong audience, or malformed → this audience+secret pair is\n // structurally incompatible; try the next audience.\n break;\n }\n }\n }\n\n if (!payload) return null;\n\n try {\n if (payload.typ !== \"agent-native-mcp-oauth\") return null;\n // The embedded `resource` claim must match one of the accepted audiences.\n if (typeof payload.resource !== \"string\") return null;\n const embeddedResource = normaliseResource(payload.resource);\n if (!audiences.includes(embeddedResource)) return null;\n if (typeof payload.sub !== \"string\" || !payload.sub) return null;\n if (typeof payload.client_id !== \"string\" || !payload.client_id) {\n return null;\n }\n const scope = typeof payload.scope === \"string\" ? payload.scope : \"\";\n const scopes = scopeList(scope);\n if (!scopes.some((s) => MCP_OAUTH_SCOPES.includes(s as any))) {\n return null;\n }\n return {\n userEmail: payload.sub,\n orgId: typeof payload.org_id === \"string\" ? payload.org_id : undefined,\n orgDomain:\n typeof payload.org_domain === \"string\" ? payload.org_domain : undefined,\n scopes,\n clientId: payload.client_id,\n jti: typeof payload.jti === \"string\" ? payload.jti : undefined,\n ...(payload.catalog_scope === \"full\" ? { catalogScope: \"full\" } : {}),\n };\n } catch {\n return null;\n }\n}\n"]}
package/dist/mcp/server.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAYlC,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,KAAK,SAAS,EACd,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACpB,MAAM,mBAAmB,CAAC;AAW3B,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AACF,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,CAAC;AAoM7D;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,OAAO,EACd,MAAM,EAAE,SAAS,GAChB,OAAO,CACR,QAAQ,GAAG,MAAM,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAC5E,CAkKA;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,GAAG,EACb,MAAM,EAAE,SAAS,EACjB,WAAW,SAAmB,GAC7B,IAAI,CAYN"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAYlC,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,KAAK,SAAS,EACd,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACpB,MAAM,mBAAmB,CAAC;AAY3B,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AACF,YAAY,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,CAAC;AAsM7D;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,OAAO,EACd,MAAM,EAAE,SAAS,GAChB,OAAO,CACR,QAAQ,GAAG,MAAM,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAC5E,CAkKA;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,GAAG,EACb,MAAM,EAAE,SAAS,EACjB,WAAW,SAAmB,GAC7B,IAAI,CAYN"}
package/dist/mcp/server.js CHANGED
@@ -4,7 +4,7 @@ import { readBody } from "../server/h3-helpers.js";
4
4
  import { isLoopbackRequest } from "../server/auth.js";
5
5
  import { getConfiguredAppBasePath } from "../server/app-base-path.js";
6
6
  import { createMCPServerForRequest, verifyAuth, getAccessTokens, resolveOrgIdFromDomain, buildLinkArtifacts, } from "./build-server.js";
7
- import { buildMcpOAuthChallenge, getMcpOAuthIssuer, getMcpOAuthProtectedResourceMetadataUrl, getMcpOAuthResource, } from "./oauth-route.js";
7
+ import { buildMcpOAuthChallenge, getMcpOAuthAudiences, getMcpOAuthIssuer, getMcpOAuthProtectedResourceMetadataUrl, getMcpOAuthResource, } from "./oauth-route.js";
8
8
  // Re-export the shared MCP server builder + types so the stdio transport and
9
9
  // any (future) external importer of `@agent-native/core/mcp` keep resolving
10
10
  // against `./server.js` exactly as before this refactor.
@@ -137,17 +137,19 @@ function buildUnauthorizedBody(event) {
137
137
  const issuer = getMcpOAuthIssuer(event);
138
138
  const mcpUrl = getMcpOAuthResource(event);
139
139
  const resourceMetadataUrl = getMcpOAuthProtectedResourceMetadataUrl(event);
140
- const command = issuer ? `agent-native reconnect ${issuer}` : undefined;
140
+ const command = issuer
141
+ ? `npx @agent-native/core@latest reconnect ${issuer}`
142
+ : undefined;
141
143
  const firstTimeCommand = issuer
142
- ? `agent-native connect ${issuer}`
144
+ ? `npx @agent-native/core@latest connect ${issuer}`
143
145
  : undefined;
144
146
  const authorizeUrl = issuer
145
147
  ? `${issuer}/_agent-native/mcp/oauth/authorize`
146
148
  : undefined;
147
149
  const message = command
148
150
  ? `Authentication required. Run \`${command}\` to re-authenticate this ` +
149
- `MCP connector without reinstalling it (or, in an OAuth-capable host, ` +
150
- `re-run /mcp and choose Authenticate), then retry. For first-time ` +
151
+ `MCP connector without reinstalling it (or, in a Claude Code host, ` +
152
+ `run /mcp and choose Authenticate), then retry. For first-time ` +
151
153
  `setup, run \`${firstTimeCommand}\`.`
152
154
  : "Authentication required. Authenticate the MCP connector in your host, " +
153
155
  "then retry.";
@@ -217,7 +219,7 @@ export async function handleMcpRequest(event, config) {
217
219
  const requestMeta = deriveRequestMeta(event);
218
220
  const authResult = await verifyAuth(authHeader, ownerEmailHeader, {
219
221
  allowDevOpen: isLoopbackRequest(event) && isLoopbackOrigin(requestMeta.origin),
220
- resourceUrl: getMcpOAuthResource(event),
222
+ resourceUrl: getMcpOAuthAudiences(event),
221
223
  });
222
224
  if (!authResult.authed) {
223
225
  setResponseStatus(event, 401);
package/dist/mcp/server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,wCAAwC,CAAC;AAClE,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,iBAAiB,EACjB,SAAS,EACT,gBAAgB,GACjB,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GAInB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,uCAAuC,EACvC,mBAAmB,GACpB,MAAM,kBAAkB,CAAC;AAE1B,6EAA6E;AAC7E,4EAA4E;AAC5E,yDAAyD;AACzD,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AAGF,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;;;GAMG;AACH,SAAS,aAAa,CAAC,KAAc;IAInC,MAAM,CAAC,GAAG,KAAY,CAAC;IACvB,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC;IACzD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC;IACzD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAc;IAC3C,IAAI,OAAO,CAAC,GAAG,CAAC,+BAA+B,KAAK,GAAG;QAAE,OAAO,KAAK,CAAC;IACtE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClD,OAAO,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC;AACrC,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,KAAc;IACvC,MAAM,cAAc,GAAG,gBAAgB,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAC;IACpE,MAAM,IAAI,GACR,gBAAgB,CAAC,KAAK,EAAE,kBAAkB,CAAC;QAC3C,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAClC,MAAM,KAAK,GACT,cAAc,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;QACrC,CAAC,IAAI,IAAI,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACvD,MAAM,YAAY,GAAG,gBAAgB,CACnC,KAAK,EACL,4BAA4B,CAC7B,EAAE,WAAW,EAAE,CAAC;IACjB,MAAM,MAAM,GACV,YAAY,KAAK,SAAS;QAC1B,YAAY,KAAK,UAAU;QAC3B,YAAY,KAAK,SAAS;QACxB,CAAC,CAAE,YAAyC;QAC5C,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;IAC9E,MAAM,UAAU,GACd,gBAAgB,CAAC,KAAK,EAAE,2BAA2B,CAAC,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;IAC5E,MAAM,iBAAiB,GAAG,gBAAgB,CACxC,KAAK,EACL,iCAAiC,CAClC,EAAE,WAAW,EAAE,CAAC;IACjB,MAAM,WAAW,GACf,iBAAiB,KAAK,GAAG;QACzB,iBAAiB,KAAK,MAAM;QAC5B,iBAAiB,KAAK,KAAK,CAAC;IAC9B,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAC5C,OAAO;QACL,MAAM;QACN,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjC,MAAM;QACN,UAAU;QACV,UAAU;QACV,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,MAA0B;IAClD,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC;QAC1C,OAAO,CACL,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,KAAK;YAClB,QAAQ,KAAK,OAAO;YACpB,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAC5B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,eAAe,CAAC,KAAc,EAAE,MAAc;IACrD,MAAM,GAAG,GAAI,KAAa,CAAC,GAA0B,CAAC;IAEtD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,IAAI,GAAG,EAAE,OAAO,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;QAC9D,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,MAAM,UAAU,GAAI,KAAa,CAAC,IAAI,EAAE,GAAG,EAAE,OAEhC,CAAC;QACd,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,IAAI,KAAK,IAAI,IAAI;oBAAE,SAAS;gBAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,wEAAwE;IACxE,qEAAqE;IACrE,iEAAiE;IAEjE,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC;IACxE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACxD,MAAM,KAAK,GACT,cAAc,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;QACrC,CAAC,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAC5C,MAAM,GAAG,GAAG,GAAG,KAAK,MAAM,IAAI,GAAG,QAAQ,oBAAoB,CAAC;IAE9D,qEAAqE;IACrE,yEAAyE;IACzE,oDAAoD;IACpD,OAAO,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,KAAc;IAW3C,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,mBAAmB,GAAG,uCAAuC,CAAC,KAAK,CAAC,CAAC;IAC3E,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACxE,MAAM,gBAAgB,GAAG,MAAM;QAC7B,CAAC,CAAC,wBAAwB,MAAM,EAAE;QAClC,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,YAAY,GAAG,MAAM;QACzB,CAAC,CAAC,GAAG,MAAM,oCAAoC;QAC/C,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,OAAO,GAAG,OAAO;QACrB,CAAC,CAAC,kCAAkC,OAAO,6BAA6B;YACtE,uEAAuE;YACvE,mEAAmE;YACnE,gBAAgB,gBAAgB,KAAK;QACvC,CAAC,CAAC,wEAAwE;YACxE,aAAa,CAAC;IAClB,OAAO;QACL,KAAK,EAAE,cAAc;QACrB,OAAO;QACP,YAAY,EAAE;YACZ,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/B,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,0DAA0D;AAC1D,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAc,EACd,MAAiB;IAIjB,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,EAAE,QAAQ,IAAI,GAAG,CAAC;IAC5C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjE,IAAI,OAAO,EAAE,CAAC;QACZ,yEAAyE;QACzE,uEAAuE;QACvE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IAEhC,2EAA2E;IAC3E,uDAAuD;IACvD,+DAA+D;IAC/D,4EAA4E;IAC5E,iDAAiD;IACjD,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IAC5D,MAAM,gBAAgB,GAAG,gBAAgB,CACvC,KAAK,EACL,4BAA4B,CAC7B,CAAC;IACF,oEAAoE;IACpE,4DAA4D;IAC5D,uEAAuE;IACvE,yEAAyE;IACzE,uEAAuE;IACvE,MAAM,WAAW,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,gBAAgB,EAAE;QAChE,YAAY,EACV,iBAAiB,CAAC,KAAK,CAAC,IAAI,gBAAgB,CAAC,WAAW,CAAC,MAAM,CAAC;QAClE,WAAW,EAAE,mBAAmB,CAAC,KAAK,CAAC;KACxC,CAAC,CAAC;IACH,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACvB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,iBAAiB,CAAC,KAAK,EAAE,kBAAkB,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5E,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC;IAED,8EAA8E;IAC9E,0EAA0E;IAC1E,6EAA6E;IAC7E,mEAAmE;IACnE,8EAA8E;IAC9E,wEAAwE;IACxE,mDAAmD;IACnD,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IACzC,CAAC;IAED,0EAA0E;IAC1E,sEAAsE;IACtE,kCAAkC;IAClC,MAAM,IAAI,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEnE,yEAAyE;IACzE,4EAA4E;IAC5E,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,IAAI,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CACpB,CAAC,CAAC,EAAsE,EAAE,CACxE,OAAO,CAAC,KAAK,QAAQ;YACrB,CAAC,KAAK,IAAI;YACT,CAA0B,CAAC,MAAM,KAAK,YAAY,CACtD,CAAC;QACF,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,KAAK,CACX,8BAA8B,EAC9B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,EACvC,eAAe,EACf,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAC1C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,qEAAqE;IACrE,qEAAqE;IACrE,gEAAgE;IAChE,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,MAAM,EAAE,UAAU,CAAC,QAAQ,EAAE;QAC1E,GAAG,WAAW;QACd,WAAW,EAAE,UAAU,CAAC,WAAW,KAAK,IAAI;QAC5C,yEAAyE;QACzE,+DAA+D;QAC/D,GAAG,CAAC,UAAU,CAAC,WAAW,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAClE,CAAC,CAAC;IAEH,IAAI,qBAAqB,CAAC,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAClD,2EAA2E;QAC3E,MAAM,EAAE,6BAA6B,EAAE,GACrC,MAAM,MAAM,CAAC,oDAAoD,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;YAClD,kBAAkB,EAAE,SAAS,EAAE,YAAY;YAC3C,sEAAsE;YACtE,yEAAyE;YACzE,wEAAwE;YACxE,wEAAwE;YACxE,sEAAsE;YACtE,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC;YACH,uEAAuE;YACvE,iEAAiE;YACjE,MAAM,SAAS,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,wEAAwE;YACxE,mEAAmE;YACnE,sEAAsE;YACtE,uEAAuE;YACvE,qEAAqE;YACrE,6DAA6D;YAC7D,IAAI,GAAG,EAAE,IAAI,KAAK,4BAA4B;gBAAE,MAAM,GAAG,CAAC;YAC1D,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK;gBACnB,OAAO,CAAC,GAAG,CACT,2EAA2E,CAC5E,CAAC;QACN,CAAC;QACD,8CAA8C;QAC7C,KAAa,CAAC,QAAQ,GAAG,IAAI,CAAC;QAC/B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,6EAA6E;IAC7E,6EAA6E;IAC7E,EAAE;IACF,qEAAqE;IACrE,uEAAuE;IACvE,wEAAwE;IACxE,2EAA2E;IAC3E,yEAAyE;IACzE,4EAA4E;IAC5E,qEAAqE;IACrE,uEAAuE;IACvE,qBAAqB;IACrB,MAAM,EAAE,wCAAwC,EAAE,GAChD,MAAM,MAAM,CAAC,+DAA+D,CAAC,CAAC;IAChF,MAAM,SAAS,GAAG,IAAI,wCAAwC,CAAC;QAC7D,kBAAkB,EAAE,SAAS,EAAE,oCAAoC;QACnE,uEAAuE;QACvE,2EAA2E;QAC3E,2EAA2E;QAC3E,kBAAkB,EAAE,IAAI;KACzB,CAAC,CAAC;IACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAClD,2EAA2E;IAC3E,2EAA2E;IAC3E,wEAAwE;IACxE,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,aAAa,CAC5C,UAAU,EACV,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CACrD,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,QAAQ,CACtB,QAAa,EACb,MAAiB,EACjB,WAAW,GAAG,gBAAgB;IAE9B,QAAQ,CAAC,QAAQ,CAAC,CAAC,GAAG,CACpB,GAAG,WAAW,MAAM,EACpB,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;QACjC,OAAO,gBAAgB,CAAC,KAAgB,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC,CAAC,CACH,CAAC;IAEF,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK;QACnB,OAAO,CAAC,GAAG,CACT,+BAA+B,WAAW,SAAS,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,SAAS,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,CACvI,CAAC;AACN,CAAC","sourcesContent":["import type { H3Event } from \"h3\";\nimport { getH3App } from \"../server/framework-request-handler.js\";\nimport {\n defineEventHandler,\n setResponseStatus,\n setResponseHeader,\n getMethod,\n getRequestHeader,\n} from \"h3\";\nimport { readBody } from \"../server/h3-helpers.js\";\nimport { isLoopbackRequest } from \"../server/auth.js\";\nimport { getConfiguredAppBasePath } from \"../server/app-base-path.js\";\nimport {\n createMCPServerForRequest,\n verifyAuth,\n getAccessTokens,\n resolveOrgIdFromDomain,\n buildLinkArtifacts,\n type MCPConfig,\n type MCPCallerIdentity,\n type MCPRequestMeta,\n} from \"./build-server.js\";\nimport {\n buildMcpOAuthChallenge,\n getMcpOAuthIssuer,\n getMcpOAuthProtectedResourceMetadataUrl,\n getMcpOAuthResource,\n} from \"./oauth-route.js\";\n\n// Re-export the shared MCP server builder + types so the stdio transport and\n// any (future) external importer of `@agent-native/core/mcp` keep resolving\n// against `./server.js` exactly as before this refactor.\nexport {\n createMCPServerForRequest,\n verifyAuth,\n getAccessTokens,\n resolveOrgIdFromDomain,\n buildLinkArtifacts,\n};\nexport type { MCPConfig, MCPCallerIdentity, MCPRequestMeta };\n\n// ---------------------------------------------------------------------------\n// Runtime detection — Node fast-path vs. web-standard fallback\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve the underlying Node `http` req/res pair if (and only if) we're\n * running on a real Node HTTP server (local dev, `node` Nitro preset). On the\n * web-standard runtime (Nitro 3 / Netlify web runtime, Cloudflare, Deno, Bun)\n * BOTH of these are undefined — that's the signal to take the web fallback\n * instead of returning 501.\n */\nfunction getNodeReqRes(event: H3Event): {\n nodeReq: any | undefined;\n nodeRes: any | undefined;\n} {\n const e = event as any;\n const nodeReq = e.node?.req ?? e.req?.runtime?.node?.req;\n const nodeRes = e.node?.res ?? e.req?.runtime?.node?.res;\n return { nodeReq, nodeRes };\n}\n\nfunction shouldUseNodeFastPath(event: H3Event): boolean {\n if (process.env.AGENT_NATIVE_MCP_NODE_FAST_PATH !== \"1\") return false;\n const { nodeReq, nodeRes } = getNodeReqRes(event);\n return Boolean(nodeReq && nodeRes);\n}\n\n/**\n * Derive the request origin + the markdown deep-link target from the inbound\n * headers. Identical logic for both the Node and web paths so the absolute\n * deep-link URLs in tool results are computed the same way regardless of\n * runtime.\n */\nfunction deriveRequestMeta(event: H3Event): MCPRequestMeta {\n const forwardedProto = getRequestHeader(event, \"x-forwarded-proto\");\n const host =\n getRequestHeader(event, \"x-forwarded-host\") ||\n getRequestHeader(event, \"host\");\n const proto =\n forwardedProto?.split(\",\")[0]?.trim() ||\n (host && /^(localhost|127\\.0\\.0\\.1)(:|$)/.test(host) ? \"http\" : \"https\");\n const origin = host ? `${proto}://${host}` : undefined;\n const targetHeader = getRequestHeader(\n event,\n \"x-agent-native-open-target\",\n )?.toLowerCase();\n const target =\n targetHeader === \"desktop\" ||\n targetHeader === \"terminal\" ||\n targetHeader === \"browser\"\n ? (targetHeader as MCPRequestMeta[\"target\"])\n : undefined;\n const clientName = getRequestHeader(event, \"user-agent\")?.trim() || undefined;\n const clientHint =\n getRequestHeader(event, \"x-agent-native-mcp-client\")?.trim() || undefined;\n const fullCatalogHeader = getRequestHeader(\n event,\n \"x-agent-native-mcp-full-catalog\",\n )?.toLowerCase();\n const fullCatalog =\n fullCatalogHeader === \"1\" ||\n fullCatalogHeader === \"true\" ||\n fullCatalogHeader === \"yes\";\n const basePath = getConfiguredAppBasePath();\n return {\n origin,\n ...(basePath ? { basePath } : {}),\n target,\n clientName,\n clientHint,\n ...(fullCatalog ? { fullCatalog } : {}),\n };\n}\n\nfunction isLoopbackOrigin(origin: string | undefined): boolean {\n if (!origin) return false;\n try {\n const hostname = new URL(origin).hostname;\n return (\n hostname === \"localhost\" ||\n hostname === \"127.0.0.1\" ||\n hostname === \"::1\" ||\n hostname === \"[::1]\" ||\n hostname.startsWith(\"127.\")\n );\n } catch {\n return false;\n }\n}\n\n/**\n * Reconstruct a Web Standard `Request` for the web-standard MCP transport.\n *\n * On the web runtime h3 v2 exposes the real web `Request` as `event.req`; we\n * prefer it (its `method` / `headers` are exactly what the client sent). But\n * the framework middleware rewrites `event.req.url` when it strips a mount\n * prefix, and the transport reads `req.method` + `req.headers` (never the\n * body — we pass that via `parsedBody`), so we always synthesize a clean\n * `Request` with the verified method + a fresh `Headers` copy. The URL is\n * cosmetic for the SDK (it only does `new URL(req.url)` for `requestInfo`),\n * so a best-effort absolute URL derived from the inbound host is sufficient\n * and never throws.\n */\nfunction buildWebRequest(event: H3Event, method: string): Request {\n const src = (event as any).req as Request | undefined;\n\n const headers = new Headers();\n if (src?.headers && typeof src.headers.forEach === \"function\") {\n src.headers.forEach((value, key) => headers.set(key, value));\n } else {\n const rawHeaders = (event as any).node?.req?.headers as\n | Record<string, string | string[] | undefined>\n | undefined;\n if (rawHeaders) {\n for (const [key, value] of Object.entries(rawHeaders)) {\n if (value == null) continue;\n headers.set(key, Array.isArray(value) ? value.join(\", \") : value);\n }\n }\n }\n\n // The SDK requires Accept + Content-Type to advertise both JSON and SSE on\n // a POST. Real MCP clients (Claude Code, `agent-native connect`) always\n // send these; we never inject/alter them — if they're absent the SDK\n // returns its spec-mandated 406/415, identical to the Node path.\n\n const host =\n headers.get(\"x-forwarded-host\") || headers.get(\"host\") || \"localhost\";\n const forwardedProto = headers.get(\"x-forwarded-proto\");\n const proto =\n forwardedProto?.split(\",\")[0]?.trim() ||\n (/^(localhost|127\\.0\\.0\\.1)(:|$)/.test(host) ? \"http\" : \"https\");\n const basePath = getConfiguredAppBasePath();\n const url = `${proto}://${host}${basePath}/_agent-native/mcp`;\n\n // No body here on purpose: the JSON-RPC payload is forwarded via the\n // transport's `parsedBody` option (the same mechanism the Node transport\n // uses), so the request stream is never read twice.\n return new Request(url, { method, headers });\n}\n\n/**\n * Build an actionable JSON body for the 401 response. OAuth-capable clients\n * follow the `WWW-Authenticate` header automatically, but the JSON body is what\n * a human or a coding agent reads when a tool call comes back unauthorized — so\n * spell out the exact remediation: the `agent-native connect <url>` command and\n * the authorize/metadata URL. Keeping the legacy `error: \"Unauthorized\"` field\n * means existing clients that only check that field still work.\n */\nfunction buildUnauthorizedBody(event: H3Event): {\n error: string;\n message: string;\n authenticate: {\n command?: string;\n firstTimeCommand?: string;\n authorizeUrl?: string;\n resourceMetadataUrl?: string;\n mcpUrl?: string;\n };\n} {\n const issuer = getMcpOAuthIssuer(event);\n const mcpUrl = getMcpOAuthResource(event);\n const resourceMetadataUrl = getMcpOAuthProtectedResourceMetadataUrl(event);\n const command = issuer ? `agent-native reconnect ${issuer}` : undefined;\n const firstTimeCommand = issuer\n ? `agent-native connect ${issuer}`\n : undefined;\n const authorizeUrl = issuer\n ? `${issuer}/_agent-native/mcp/oauth/authorize`\n : undefined;\n const message = command\n ? `Authentication required. Run \\`${command}\\` to re-authenticate this ` +\n `MCP connector without reinstalling it (or, in an OAuth-capable host, ` +\n `re-run /mcp and choose Authenticate), then retry. For first-time ` +\n `setup, run \\`${firstTimeCommand}\\`.`\n : \"Authentication required. Authenticate the MCP connector in your host, \" +\n \"then retry.\";\n return {\n error: \"Unauthorized\",\n message,\n authenticate: {\n ...(command ? { command } : {}),\n ...(firstTimeCommand ? { firstTimeCommand } : {}),\n ...(authorizeUrl ? { authorizeUrl } : {}),\n ...(resourceMetadataUrl ? { resourceMetadataUrl } : {}),\n ...(mcpUrl ? { mcpUrl } : {}),\n },\n };\n}\n\n// ---------------------------------------------------------------------------\n// handleMcpRequest — runtime-agnostic MCP request handler\n// ---------------------------------------------------------------------------\n\n/**\n * Handle a single `{routePrefix}/mcp` request on either runtime.\n *\n * - **Default path:** build the SAME MCP `Server`\n * from the SAME config + identity, drive it through the SDK's\n * `WebStandardStreamableHTTPServerTransport` (which the Node transport is\n * itself just a thin wrapper around), and return the resulting Web\n * `Response` as a normal h3 return value. This is used for Nitro local dev\n * too; the direct Node writer can otherwise race h3 and double-write.\n * - **Opt-in Node fast-path:** set `AGENT_NATIVE_MCP_NODE_FAST_PATH=1` to\n * delegate directly to the SDK's `StreamableHTTPServerTransport`.\n *\n * Auth, the `runWithRequestContext` identity wrap, the deep-link `_meta` /\n * markdown append, `requestMeta` origin/target derivation and the stateless\n * semantics are IDENTICAL on both paths because both build the same server\n * via `createMCPServerForRequest` and both transports funnel into the same\n * `WebStandardStreamableHTTPServerTransport.handleRequest(webRequest, {\n * parsedBody })` with the same options.\n *\n * Returns:\n * - `undefined` when the request targets a sub-route (so management/status\n * routes mounted under `/_agent-native/mcp/*` handle it themselves) — the\n * h3 mount falls through to the next handler.\n * - a Web `Response` (web fallback) or a string/object (Node path /\n * auth-error path) otherwise. The Node path also sets `_handled` so h3\n * doesn't double-write.\n */\nexport async function handleMcpRequest(\n event: H3Event,\n config: MCPConfig,\n): Promise<\n Response | string | { error: string } | Record<string, unknown> | undefined\n> {\n const pathname = event.url?.pathname || \"/\";\n const subpath = pathname.replace(/^\\/+/, \"\").replace(/\\/+$/, \"\");\n if (subpath) {\n // Let management/status routes mounted under /_agent-native/mcp/* handle\n // their own requests instead of treating them as MCP protocol traffic.\n return undefined;\n }\n\n const method = getMethod(event);\n\n // Auth check — extracts the caller's identity from the JWT (`sub`), or, on\n // the static-token / dev-open path, from the forwarded\n // `X-Agent-Native-Owner-Email` hint the stdio proxy sends (the\n // `agent-native mcp install` flow). Without this the install flow would run\n // every tool unscoped (userEmail === undefined).\n const authHeader = getRequestHeader(event, \"authorization\");\n const ownerEmailHeader = getRequestHeader(\n event,\n \"x-agent-native-owner-email\",\n );\n // Gate header-only dev-open on the REAL socket peer, never a parsed\n // `Host` header (client-controlled — an attacker could send\n // `Host: localhost`). A deployed app missing A2A_SECRET / ACCESS_TOKEN\n // must fail closed rather than trust a spoofable owner-email header that\n // `fullSurface` would otherwise escalate to the full mutating surface.\n const requestMeta = deriveRequestMeta(event);\n const authResult = await verifyAuth(authHeader, ownerEmailHeader, {\n allowDevOpen:\n isLoopbackRequest(event) && isLoopbackOrigin(requestMeta.origin),\n resourceUrl: getMcpOAuthResource(event),\n });\n if (!authResult.authed) {\n setResponseStatus(event, 401);\n setResponseHeader(event, \"WWW-Authenticate\", buildMcpOAuthChallenge(event));\n return buildUnauthorizedBody(event);\n }\n\n // Stateless mode: only POST is meaningful. A stateless, per-request transport\n // on serverless cannot keep the standalone GET SSE stream (server->client\n // channel) alive across invocations — once the function returns and freezes,\n // that stream dies and the client reports \"session expired\" / \"not\n // connected\". The spec lets a server that offers no GET stream answer 405, so\n // the client falls back to plain POST request/response. Reject GET here\n // instead of letting the SDK open a doomed stream.\n if (method === \"DELETE\") {\n setResponseStatus(event, 204);\n return \"\";\n }\n\n if (method !== \"POST\") {\n setResponseStatus(event, 405);\n return { error: \"Method not allowed\" };\n }\n\n // Read body for POST (GET has no body). Read it via the h3 helper exactly\n // once; both transports accept it as a pre-parsed body so the request\n // stream is never consumed twice.\n const body = method === \"POST\" ? await readBody(event) : undefined;\n\n // Optional diagnostics for host capability negotiation. Keep disabled by\n // default because initialize payloads can include client-specific metadata.\n if (process.env.MCP_DEBUG_INIT && body) {\n const msgs = Array.isArray(body) ? body : [body];\n const init = msgs.find(\n (m): m is { params?: { capabilities?: unknown; clientInfo?: unknown } } =>\n typeof m === \"object\" &&\n m !== null &&\n (m as { method?: unknown }).method === \"initialize\",\n );\n if (init) {\n console.error(\n \"[MCP_DEBUG_INIT] clientInfo=\",\n JSON.stringify(init.params?.clientInfo),\n \"capabilities=\",\n JSON.stringify(init.params?.capabilities),\n );\n }\n }\n\n // Per-request stateless transport + server. Both runtimes build the SAME\n // server from the SAME config + verified identity + request meta, so\n // tools/list, tools/call, and the deep-link `_meta` are identical. A\n // connected real caller (connect-minted token / `mcp install` /\n // ACCESS_TOKEN / production) gets the full action surface even in local\n // dev; unauthenticated dev probes stay sparse. See `external-agents` skill.\n const server = await createMCPServerForRequest(config, authResult.identity, {\n ...requestMeta,\n fullSurface: authResult.fullSurface === true,\n // When the caller minted their token with --full-catalog (catalog_scope:\n // \"full\" JWT claim), bypass the connector-catalog tier filter.\n ...(authResult.fullCatalog === true ? { fullCatalog: true } : {}),\n });\n\n if (shouldUseNodeFastPath(event)) {\n const { nodeReq, nodeRes } = getNodeReqRes(event);\n // ---- Opt-in Node fast-path ---------------------------------------------\n const { StreamableHTTPServerTransport } =\n await import(\"@modelcontextprotocol/sdk/server/streamableHttp.js\");\n const transport = new StreamableHTTPServerTransport({\n sessionIdGenerator: undefined, // stateless\n // Return JSON request/response instead of SSE. A stateless serverless\n // instance can freeze right after returning a streaming Response, before\n // the deferred SSE result event is flushed — the client then never gets\n // the tools/call result and reports \"session expired\". JSON mode awaits\n // the result inside the request lifecycle and returns it as one body.\n enableJsonResponse: true,\n });\n await server.connect(transport);\n try {\n // The SDK transport writes directly to the Node response. Node-only by\n // construction; we only reach here when real Node req/res exist.\n await transport.handleRequest(nodeReq, nodeRes, body);\n } catch (err: any) {\n // The SDK transport writes directly to the Node response. If the socket\n // is already closed/ended (client disconnected, or the host stream\n // layer also flushed), Node throws ERR_STREAM_WRITE_AFTER_END *after*\n // the MCP payload was already delivered correctly. Swallow that benign\n // post-flush write so an external agent disconnecting mid-stream can\n // never take down the server process; rethrow anything else.\n if (err?.code !== \"ERR_STREAM_WRITE_AFTER_END\") throw err;\n if (process.env.DEBUG)\n console.log(\n \"[mcp] ignored post-flush ERR_STREAM_WRITE_AFTER_END (client disconnected)\",\n );\n }\n // Prevent H3 from double-writing the response\n (event as any)._handled = true;\n return undefined;\n }\n\n // ---- Web-standard response path (Nitro local dev, Netlify web runtime, CF,\n // Deno, Bun) ---------------------------------------------------------------\n //\n // `StreamableHTTPServerTransport` is itself just a thin wrapper that\n // converts the Node req/res to a web Request/Response and delegates to\n // `WebStandardStreamableHTTPServerTransport.handleRequest(webRequest, {\n // parsedBody })`. Using the web transport directly with the SAME options +\n // the same pre-read `parsedBody` produces byte-identical protocol output\n // (including the deep-link `_meta` built inside createMCPServerForRequest),\n // and works on every web runtime because it returns a Web `Response`\n // (JSON for request/response, or an SSE `ReadableStream` body which h3\n // streams natively).\n const { WebStandardStreamableHTTPServerTransport } =\n await import(\"@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js\");\n const transport = new WebStandardStreamableHTTPServerTransport({\n sessionIdGenerator: undefined, // stateless — same as the Node path\n // JSON request/response (not SSE) — see the Node fast-path note above.\n // This is the serverless-safe framing: the result is computed and returned\n // within the request, never pushed onto a stream after the instance froze.\n enableJsonResponse: true,\n });\n await server.connect(transport);\n const webRequest = buildWebRequest(event, method);\n // `parsedBody: undefined` would make the SDK try to read `req.json()`; our\n // synthesized request has no body, so only pass the option for POST (where\n // we actually have a parsed body). For GET the transport reads no body.\n const response = await transport.handleRequest(\n webRequest,\n method === \"POST\" ? { parsedBody: body } : undefined,\n );\n return response;\n}\n\n// ---------------------------------------------------------------------------\n// mountMCP — register MCP Streamable HTTP endpoint on H3/Nitro\n// ---------------------------------------------------------------------------\n\n/**\n * Mount an MCP remote server on an H3/Nitro app.\n *\n * Endpoint: `{routePrefix}/mcp` (default `/_agent-native/mcp`)\n *\n * Uses stateless Streamable HTTP transport — no in-memory sessions, JSON\n * request/response (no SSE), and no standalone GET stream, so it survives\n * serverless instances that freeze between invocations (SSE framing there\n * drops the result and clients report \"session expired\"). Runtime-agnostic: a real Node\n * server uses the SDK's Node transport; the web-standard runtime (Nitro 3 /\n * Netlify web runtime, Cloudflare, Deno, Bun) uses the SDK's web-standard\n * transport. Both build the same server and produce identical JSON-RPC\n * output.\n *\n * Auth: Bearer token matching ACCESS_TOKEN/ACCESS_TOKENS or JWT via A2A_SECRET.\n * No auth required when neither is configured (dev mode).\n */\nexport function mountMCP(\n nitroApp: any,\n config: MCPConfig,\n routePrefix = \"/_agent-native\",\n): void {\n getH3App(nitroApp).use(\n `${routePrefix}/mcp`,\n defineEventHandler(async (event) => {\n return handleMcpRequest(event as H3Event, config);\n }),\n );\n\n if (process.env.DEBUG)\n console.log(\n `[mcp] Mounted MCP server at ${routePrefix}/mcp (${Object.keys(config.actions).length} tools${config.askAgent ? \" + ask-agent\" : \"\"})`,\n );\n}\n"]}
1
+ {"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,wCAAwC,CAAC;AAClE,OAAO,EACL,kBAAkB,EAClB,iBAAiB,EACjB,iBAAiB,EACjB,SAAS,EACT,gBAAgB,GACjB,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GAInB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,iBAAiB,EACjB,uCAAuC,EACvC,mBAAmB,GACpB,MAAM,kBAAkB,CAAC;AAE1B,6EAA6E;AAC7E,4EAA4E;AAC5E,yDAAyD;AACzD,OAAO,EACL,yBAAyB,EACzB,UAAU,EACV,eAAe,EACf,sBAAsB,EACtB,kBAAkB,GACnB,CAAC;AAGF,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;;;GAMG;AACH,SAAS,aAAa,CAAC,KAAc;IAInC,MAAM,CAAC,GAAG,KAAY,CAAC;IACvB,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC;IACzD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC;IACzD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAc;IAC3C,IAAI,OAAO,CAAC,GAAG,CAAC,+BAA+B,KAAK,GAAG;QAAE,OAAO,KAAK,CAAC;IACtE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAClD,OAAO,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC;AACrC,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,KAAc;IACvC,MAAM,cAAc,GAAG,gBAAgB,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAC;IACpE,MAAM,IAAI,GACR,gBAAgB,CAAC,KAAK,EAAE,kBAAkB,CAAC;QAC3C,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAClC,MAAM,KAAK,GACT,cAAc,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;QACrC,CAAC,IAAI,IAAI,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACvD,MAAM,YAAY,GAAG,gBAAgB,CACnC,KAAK,EACL,4BAA4B,CAC7B,EAAE,WAAW,EAAE,CAAC;IACjB,MAAM,MAAM,GACV,YAAY,KAAK,SAAS;QAC1B,YAAY,KAAK,UAAU;QAC3B,YAAY,KAAK,SAAS;QACxB,CAAC,CAAE,YAAyC;QAC5C,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;IAC9E,MAAM,UAAU,GACd,gBAAgB,CAAC,KAAK,EAAE,2BAA2B,CAAC,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;IAC5E,MAAM,iBAAiB,GAAG,gBAAgB,CACxC,KAAK,EACL,iCAAiC,CAClC,EAAE,WAAW,EAAE,CAAC;IACjB,MAAM,WAAW,GACf,iBAAiB,KAAK,GAAG;QACzB,iBAAiB,KAAK,MAAM;QAC5B,iBAAiB,KAAK,KAAK,CAAC;IAC9B,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAC5C,OAAO;QACL,MAAM;QACN,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjC,MAAM;QACN,UAAU;QACV,UAAU;QACV,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,MAA0B;IAClD,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC;QAC1C,OAAO,CACL,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,KAAK;YAClB,QAAQ,KAAK,OAAO;YACpB,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAC5B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,eAAe,CAAC,KAAc,EAAE,MAAc;IACrD,MAAM,GAAG,GAAI,KAAa,CAAC,GAA0B,CAAC;IAEtD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,IAAI,GAAG,EAAE,OAAO,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;QAC9D,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,MAAM,UAAU,GAAI,KAAa,CAAC,IAAI,EAAE,GAAG,EAAE,OAEhC,CAAC;QACd,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,IAAI,KAAK,IAAI,IAAI;oBAAE,SAAS;gBAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,wEAAwE;IACxE,qEAAqE;IACrE,iEAAiE;IAEjE,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC;IACxE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACxD,MAAM,KAAK,GACT,cAAc,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;QACrC,CAAC,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAC5C,MAAM,GAAG,GAAG,GAAG,KAAK,MAAM,IAAI,GAAG,QAAQ,oBAAoB,CAAC;IAE9D,qEAAqE;IACrE,yEAAyE;IACzE,oDAAoD;IACpD,OAAO,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,KAAc;IAW3C,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,mBAAmB,GAAG,uCAAuC,CAAC,KAAK,CAAC,CAAC;IAC3E,MAAM,OAAO,GAAG,MAAM;QACpB,CAAC,CAAC,2CAA2C,MAAM,EAAE;QACrD,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,gBAAgB,GAAG,MAAM;QAC7B,CAAC,CAAC,yCAAyC,MAAM,EAAE;QACnD,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,YAAY,GAAG,MAAM;QACzB,CAAC,CAAC,GAAG,MAAM,oCAAoC;QAC/C,CAAC,CAAC,SAAS,CAAC;IACd,MAAM,OAAO,GAAG,OAAO;QACrB,CAAC,CAAC,kCAAkC,OAAO,6BAA6B;YACtE,oEAAoE;YACpE,gEAAgE;YAChE,gBAAgB,gBAAgB,KAAK;QACvC,CAAC,CAAC,wEAAwE;YACxE,aAAa,CAAC;IAClB,OAAO;QACL,KAAK,EAAE,cAAc;QACrB,OAAO;QACP,YAAY,EAAE;YACZ,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/B,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,0DAA0D;AAC1D,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAc,EACd,MAAiB;IAIjB,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,EAAE,QAAQ,IAAI,GAAG,CAAC;IAC5C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjE,IAAI,OAAO,EAAE,CAAC;QACZ,yEAAyE;QACzE,uEAAuE;QACvE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IAEhC,2EAA2E;IAC3E,uDAAuD;IACvD,+DAA+D;IAC/D,4EAA4E;IAC5E,iDAAiD;IACjD,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IAC5D,MAAM,gBAAgB,GAAG,gBAAgB,CACvC,KAAK,EACL,4BAA4B,CAC7B,CAAC;IACF,oEAAoE;IACpE,4DAA4D;IAC5D,uEAAuE;IACvE,yEAAyE;IACzE,uEAAuE;IACvE,MAAM,WAAW,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,gBAAgB,EAAE;QAChE,YAAY,EACV,iBAAiB,CAAC,KAAK,CAAC,IAAI,gBAAgB,CAAC,WAAW,CAAC,MAAM,CAAC;QAClE,WAAW,EAAE,oBAAoB,CAAC,KAAK,CAAC;KACzC,CAAC,CAAC;IACH,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACvB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,iBAAiB,CAAC,KAAK,EAAE,kBAAkB,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5E,OAAO,qBAAqB,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC;IAED,8EAA8E;IAC9E,0EAA0E;IAC1E,6EAA6E;IAC7E,mEAAmE;IACnE,8EAA8E;IAC9E,wEAAwE;IACxE,mDAAmD;IACnD,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IACzC,CAAC;IAED,0EAA0E;IAC1E,sEAAsE;IACtE,kCAAkC;IAClC,MAAM,IAAI,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAEnE,yEAAyE;IACzE,4EAA4E;IAC5E,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,IAAI,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CACpB,CAAC,CAAC,EAAsE,EAAE,CACxE,OAAO,CAAC,KAAK,QAAQ;YACrB,CAAC,KAAK,IAAI;YACT,CAA0B,CAAC,MAAM,KAAK,YAAY,CACtD,CAAC;QACF,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,KAAK,CACX,8BAA8B,EAC9B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,EACvC,eAAe,EACf,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAC1C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,qEAAqE;IACrE,qEAAqE;IACrE,gEAAgE;IAChE,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,MAAM,EAAE,UAAU,CAAC,QAAQ,EAAE;QAC1E,GAAG,WAAW;QACd,WAAW,EAAE,UAAU,CAAC,WAAW,KAAK,IAAI;QAC5C,yEAAyE;QACzE,+DAA+D;QAC/D,GAAG,CAAC,UAAU,CAAC,WAAW,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAClE,CAAC,CAAC;IAEH,IAAI,qBAAqB,CAAC,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAClD,2EAA2E;QAC3E,MAAM,EAAE,6BAA6B,EAAE,GACrC,MAAM,MAAM,CAAC,oDAAoD,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,IAAI,6BAA6B,CAAC;YAClD,kBAAkB,EAAE,SAAS,EAAE,YAAY;YAC3C,sEAAsE;YACtE,yEAAyE;YACzE,wEAAwE;YACxE,wEAAwE;YACxE,sEAAsE;YACtE,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC;YACH,uEAAuE;YACvE,iEAAiE;YACjE,MAAM,SAAS,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,wEAAwE;YACxE,mEAAmE;YACnE,sEAAsE;YACtE,uEAAuE;YACvE,qEAAqE;YACrE,6DAA6D;YAC7D,IAAI,GAAG,EAAE,IAAI,KAAK,4BAA4B;gBAAE,MAAM,GAAG,CAAC;YAC1D,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK;gBACnB,OAAO,CAAC,GAAG,CACT,2EAA2E,CAC5E,CAAC;QACN,CAAC;QACD,8CAA8C;QAC7C,KAAa,CAAC,QAAQ,GAAG,IAAI,CAAC;QAC/B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,6EAA6E;IAC7E,6EAA6E;IAC7E,EAAE;IACF,qEAAqE;IACrE,uEAAuE;IACvE,wEAAwE;IACxE,2EAA2E;IAC3E,yEAAyE;IACzE,4EAA4E;IAC5E,qEAAqE;IACrE,uEAAuE;IACvE,qBAAqB;IACrB,MAAM,EAAE,wCAAwC,EAAE,GAChD,MAAM,MAAM,CAAC,+DAA+D,CAAC,CAAC;IAChF,MAAM,SAAS,GAAG,IAAI,wCAAwC,CAAC;QAC7D,kBAAkB,EAAE,SAAS,EAAE,oCAAoC;QACnE,uEAAuE;QACvE,2EAA2E;QAC3E,2EAA2E;QAC3E,kBAAkB,EAAE,IAAI;KACzB,CAAC,CAAC;IACH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAClD,2EAA2E;IAC3E,2EAA2E;IAC3E,wEAAwE;IACxE,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,aAAa,CAC5C,UAAU,EACV,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CACrD,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,QAAQ,CACtB,QAAa,EACb,MAAiB,EACjB,WAAW,GAAG,gBAAgB;IAE9B,QAAQ,CAAC,QAAQ,CAAC,CAAC,GAAG,CACpB,GAAG,WAAW,MAAM,EACpB,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;QACjC,OAAO,gBAAgB,CAAC,KAAgB,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC,CAAC,CACH,CAAC;IAEF,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK;QACnB,OAAO,CAAC,GAAG,CACT,+BAA+B,WAAW,SAAS,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,SAAS,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,CACvI,CAAC;AACN,CAAC","sourcesContent":["import type { H3Event } from \"h3\";\nimport { getH3App } from \"../server/framework-request-handler.js\";\nimport {\n defineEventHandler,\n setResponseStatus,\n setResponseHeader,\n getMethod,\n getRequestHeader,\n} from \"h3\";\nimport { readBody } from \"../server/h3-helpers.js\";\nimport { isLoopbackRequest } from \"../server/auth.js\";\nimport { getConfiguredAppBasePath } from \"../server/app-base-path.js\";\nimport {\n createMCPServerForRequest,\n verifyAuth,\n getAccessTokens,\n resolveOrgIdFromDomain,\n buildLinkArtifacts,\n type MCPConfig,\n type MCPCallerIdentity,\n type MCPRequestMeta,\n} from \"./build-server.js\";\nimport {\n buildMcpOAuthChallenge,\n getMcpOAuthAudiences,\n getMcpOAuthIssuer,\n getMcpOAuthProtectedResourceMetadataUrl,\n getMcpOAuthResource,\n} from \"./oauth-route.js\";\n\n// Re-export the shared MCP server builder + types so the stdio transport and\n// any (future) external importer of `@agent-native/core/mcp` keep resolving\n// against `./server.js` exactly as before this refactor.\nexport {\n createMCPServerForRequest,\n verifyAuth,\n getAccessTokens,\n resolveOrgIdFromDomain,\n buildLinkArtifacts,\n};\nexport type { MCPConfig, MCPCallerIdentity, MCPRequestMeta };\n\n// ---------------------------------------------------------------------------\n// Runtime detection — Node fast-path vs. web-standard fallback\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve the underlying Node `http` req/res pair if (and only if) we're\n * running on a real Node HTTP server (local dev, `node` Nitro preset). On the\n * web-standard runtime (Nitro 3 / Netlify web runtime, Cloudflare, Deno, Bun)\n * BOTH of these are undefined — that's the signal to take the web fallback\n * instead of returning 501.\n */\nfunction getNodeReqRes(event: H3Event): {\n nodeReq: any | undefined;\n nodeRes: any | undefined;\n} {\n const e = event as any;\n const nodeReq = e.node?.req ?? e.req?.runtime?.node?.req;\n const nodeRes = e.node?.res ?? e.req?.runtime?.node?.res;\n return { nodeReq, nodeRes };\n}\n\nfunction shouldUseNodeFastPath(event: H3Event): boolean {\n if (process.env.AGENT_NATIVE_MCP_NODE_FAST_PATH !== \"1\") return false;\n const { nodeReq, nodeRes } = getNodeReqRes(event);\n return Boolean(nodeReq && nodeRes);\n}\n\n/**\n * Derive the request origin + the markdown deep-link target from the inbound\n * headers. Identical logic for both the Node and web paths so the absolute\n * deep-link URLs in tool results are computed the same way regardless of\n * runtime.\n */\nfunction deriveRequestMeta(event: H3Event): MCPRequestMeta {\n const forwardedProto = getRequestHeader(event, \"x-forwarded-proto\");\n const host =\n getRequestHeader(event, \"x-forwarded-host\") ||\n getRequestHeader(event, \"host\");\n const proto =\n forwardedProto?.split(\",\")[0]?.trim() ||\n (host && /^(localhost|127\\.0\\.0\\.1)(:|$)/.test(host) ? \"http\" : \"https\");\n const origin = host ? `${proto}://${host}` : undefined;\n const targetHeader = getRequestHeader(\n event,\n \"x-agent-native-open-target\",\n )?.toLowerCase();\n const target =\n targetHeader === \"desktop\" ||\n targetHeader === \"terminal\" ||\n targetHeader === \"browser\"\n ? (targetHeader as MCPRequestMeta[\"target\"])\n : undefined;\n const clientName = getRequestHeader(event, \"user-agent\")?.trim() || undefined;\n const clientHint =\n getRequestHeader(event, \"x-agent-native-mcp-client\")?.trim() || undefined;\n const fullCatalogHeader = getRequestHeader(\n event,\n \"x-agent-native-mcp-full-catalog\",\n )?.toLowerCase();\n const fullCatalog =\n fullCatalogHeader === \"1\" ||\n fullCatalogHeader === \"true\" ||\n fullCatalogHeader === \"yes\";\n const basePath = getConfiguredAppBasePath();\n return {\n origin,\n ...(basePath ? { basePath } : {}),\n target,\n clientName,\n clientHint,\n ...(fullCatalog ? { fullCatalog } : {}),\n };\n}\n\nfunction isLoopbackOrigin(origin: string | undefined): boolean {\n if (!origin) return false;\n try {\n const hostname = new URL(origin).hostname;\n return (\n hostname === \"localhost\" ||\n hostname === \"127.0.0.1\" ||\n hostname === \"::1\" ||\n hostname === \"[::1]\" ||\n hostname.startsWith(\"127.\")\n );\n } catch {\n return false;\n }\n}\n\n/**\n * Reconstruct a Web Standard `Request` for the web-standard MCP transport.\n *\n * On the web runtime h3 v2 exposes the real web `Request` as `event.req`; we\n * prefer it (its `method` / `headers` are exactly what the client sent). But\n * the framework middleware rewrites `event.req.url` when it strips a mount\n * prefix, and the transport reads `req.method` + `req.headers` (never the\n * body — we pass that via `parsedBody`), so we always synthesize a clean\n * `Request` with the verified method + a fresh `Headers` copy. The URL is\n * cosmetic for the SDK (it only does `new URL(req.url)` for `requestInfo`),\n * so a best-effort absolute URL derived from the inbound host is sufficient\n * and never throws.\n */\nfunction buildWebRequest(event: H3Event, method: string): Request {\n const src = (event as any).req as Request | undefined;\n\n const headers = new Headers();\n if (src?.headers && typeof src.headers.forEach === \"function\") {\n src.headers.forEach((value, key) => headers.set(key, value));\n } else {\n const rawHeaders = (event as any).node?.req?.headers as\n | Record<string, string | string[] | undefined>\n | undefined;\n if (rawHeaders) {\n for (const [key, value] of Object.entries(rawHeaders)) {\n if (value == null) continue;\n headers.set(key, Array.isArray(value) ? value.join(\", \") : value);\n }\n }\n }\n\n // The SDK requires Accept + Content-Type to advertise both JSON and SSE on\n // a POST. Real MCP clients (Claude Code, `agent-native connect`) always\n // send these; we never inject/alter them — if they're absent the SDK\n // returns its spec-mandated 406/415, identical to the Node path.\n\n const host =\n headers.get(\"x-forwarded-host\") || headers.get(\"host\") || \"localhost\";\n const forwardedProto = headers.get(\"x-forwarded-proto\");\n const proto =\n forwardedProto?.split(\",\")[0]?.trim() ||\n (/^(localhost|127\\.0\\.0\\.1)(:|$)/.test(host) ? \"http\" : \"https\");\n const basePath = getConfiguredAppBasePath();\n const url = `${proto}://${host}${basePath}/_agent-native/mcp`;\n\n // No body here on purpose: the JSON-RPC payload is forwarded via the\n // transport's `parsedBody` option (the same mechanism the Node transport\n // uses), so the request stream is never read twice.\n return new Request(url, { method, headers });\n}\n\n/**\n * Build an actionable JSON body for the 401 response. OAuth-capable clients\n * follow the `WWW-Authenticate` header automatically, but the JSON body is what\n * a human or a coding agent reads when a tool call comes back unauthorized — so\n * spell out the exact remediation: the `agent-native connect <url>` command and\n * the authorize/metadata URL. Keeping the legacy `error: \"Unauthorized\"` field\n * means existing clients that only check that field still work.\n */\nfunction buildUnauthorizedBody(event: H3Event): {\n error: string;\n message: string;\n authenticate: {\n command?: string;\n firstTimeCommand?: string;\n authorizeUrl?: string;\n resourceMetadataUrl?: string;\n mcpUrl?: string;\n };\n} {\n const issuer = getMcpOAuthIssuer(event);\n const mcpUrl = getMcpOAuthResource(event);\n const resourceMetadataUrl = getMcpOAuthProtectedResourceMetadataUrl(event);\n const command = issuer\n ? `npx @agent-native/core@latest reconnect ${issuer}`\n : undefined;\n const firstTimeCommand = issuer\n ? `npx @agent-native/core@latest connect ${issuer}`\n : undefined;\n const authorizeUrl = issuer\n ? `${issuer}/_agent-native/mcp/oauth/authorize`\n : undefined;\n const message = command\n ? `Authentication required. Run \\`${command}\\` to re-authenticate this ` +\n `MCP connector without reinstalling it (or, in a Claude Code host, ` +\n `run /mcp and choose Authenticate), then retry. For first-time ` +\n `setup, run \\`${firstTimeCommand}\\`.`\n : \"Authentication required. Authenticate the MCP connector in your host, \" +\n \"then retry.\";\n return {\n error: \"Unauthorized\",\n message,\n authenticate: {\n ...(command ? { command } : {}),\n ...(firstTimeCommand ? { firstTimeCommand } : {}),\n ...(authorizeUrl ? { authorizeUrl } : {}),\n ...(resourceMetadataUrl ? { resourceMetadataUrl } : {}),\n ...(mcpUrl ? { mcpUrl } : {}),\n },\n };\n}\n\n// ---------------------------------------------------------------------------\n// handleMcpRequest — runtime-agnostic MCP request handler\n// ---------------------------------------------------------------------------\n\n/**\n * Handle a single `{routePrefix}/mcp` request on either runtime.\n *\n * - **Default path:** build the SAME MCP `Server`\n * from the SAME config + identity, drive it through the SDK's\n * `WebStandardStreamableHTTPServerTransport` (which the Node transport is\n * itself just a thin wrapper around), and return the resulting Web\n * `Response` as a normal h3 return value. This is used for Nitro local dev\n * too; the direct Node writer can otherwise race h3 and double-write.\n * - **Opt-in Node fast-path:** set `AGENT_NATIVE_MCP_NODE_FAST_PATH=1` to\n * delegate directly to the SDK's `StreamableHTTPServerTransport`.\n *\n * Auth, the `runWithRequestContext` identity wrap, the deep-link `_meta` /\n * markdown append, `requestMeta` origin/target derivation and the stateless\n * semantics are IDENTICAL on both paths because both build the same server\n * via `createMCPServerForRequest` and both transports funnel into the same\n * `WebStandardStreamableHTTPServerTransport.handleRequest(webRequest, {\n * parsedBody })` with the same options.\n *\n * Returns:\n * - `undefined` when the request targets a sub-route (so management/status\n * routes mounted under `/_agent-native/mcp/*` handle it themselves) — the\n * h3 mount falls through to the next handler.\n * - a Web `Response` (web fallback) or a string/object (Node path /\n * auth-error path) otherwise. The Node path also sets `_handled` so h3\n * doesn't double-write.\n */\nexport async function handleMcpRequest(\n event: H3Event,\n config: MCPConfig,\n): Promise<\n Response | string | { error: string } | Record<string, unknown> | undefined\n> {\n const pathname = event.url?.pathname || \"/\";\n const subpath = pathname.replace(/^\\/+/, \"\").replace(/\\/+$/, \"\");\n if (subpath) {\n // Let management/status routes mounted under /_agent-native/mcp/* handle\n // their own requests instead of treating them as MCP protocol traffic.\n return undefined;\n }\n\n const method = getMethod(event);\n\n // Auth check — extracts the caller's identity from the JWT (`sub`), or, on\n // the static-token / dev-open path, from the forwarded\n // `X-Agent-Native-Owner-Email` hint the stdio proxy sends (the\n // `agent-native mcp install` flow). Without this the install flow would run\n // every tool unscoped (userEmail === undefined).\n const authHeader = getRequestHeader(event, \"authorization\");\n const ownerEmailHeader = getRequestHeader(\n event,\n \"x-agent-native-owner-email\",\n );\n // Gate header-only dev-open on the REAL socket peer, never a parsed\n // `Host` header (client-controlled — an attacker could send\n // `Host: localhost`). A deployed app missing A2A_SECRET / ACCESS_TOKEN\n // must fail closed rather than trust a spoofable owner-email header that\n // `fullSurface` would otherwise escalate to the full mutating surface.\n const requestMeta = deriveRequestMeta(event);\n const authResult = await verifyAuth(authHeader, ownerEmailHeader, {\n allowDevOpen:\n isLoopbackRequest(event) && isLoopbackOrigin(requestMeta.origin),\n resourceUrl: getMcpOAuthAudiences(event),\n });\n if (!authResult.authed) {\n setResponseStatus(event, 401);\n setResponseHeader(event, \"WWW-Authenticate\", buildMcpOAuthChallenge(event));\n return buildUnauthorizedBody(event);\n }\n\n // Stateless mode: only POST is meaningful. A stateless, per-request transport\n // on serverless cannot keep the standalone GET SSE stream (server->client\n // channel) alive across invocations — once the function returns and freezes,\n // that stream dies and the client reports \"session expired\" / \"not\n // connected\". The spec lets a server that offers no GET stream answer 405, so\n // the client falls back to plain POST request/response. Reject GET here\n // instead of letting the SDK open a doomed stream.\n if (method === \"DELETE\") {\n setResponseStatus(event, 204);\n return \"\";\n }\n\n if (method !== \"POST\") {\n setResponseStatus(event, 405);\n return { error: \"Method not allowed\" };\n }\n\n // Read body for POST (GET has no body). Read it via the h3 helper exactly\n // once; both transports accept it as a pre-parsed body so the request\n // stream is never consumed twice.\n const body = method === \"POST\" ? await readBody(event) : undefined;\n\n // Optional diagnostics for host capability negotiation. Keep disabled by\n // default because initialize payloads can include client-specific metadata.\n if (process.env.MCP_DEBUG_INIT && body) {\n const msgs = Array.isArray(body) ? body : [body];\n const init = msgs.find(\n (m): m is { params?: { capabilities?: unknown; clientInfo?: unknown } } =>\n typeof m === \"object\" &&\n m !== null &&\n (m as { method?: unknown }).method === \"initialize\",\n );\n if (init) {\n console.error(\n \"[MCP_DEBUG_INIT] clientInfo=\",\n JSON.stringify(init.params?.clientInfo),\n \"capabilities=\",\n JSON.stringify(init.params?.capabilities),\n );\n }\n }\n\n // Per-request stateless transport + server. Both runtimes build the SAME\n // server from the SAME config + verified identity + request meta, so\n // tools/list, tools/call, and the deep-link `_meta` are identical. A\n // connected real caller (connect-minted token / `mcp install` /\n // ACCESS_TOKEN / production) gets the full action surface even in local\n // dev; unauthenticated dev probes stay sparse. See `external-agents` skill.\n const server = await createMCPServerForRequest(config, authResult.identity, {\n ...requestMeta,\n fullSurface: authResult.fullSurface === true,\n // When the caller minted their token with --full-catalog (catalog_scope:\n // \"full\" JWT claim), bypass the connector-catalog tier filter.\n ...(authResult.fullCatalog === true ? { fullCatalog: true } : {}),\n });\n\n if (shouldUseNodeFastPath(event)) {\n const { nodeReq, nodeRes } = getNodeReqRes(event);\n // ---- Opt-in Node fast-path ---------------------------------------------\n const { StreamableHTTPServerTransport } =\n await import(\"@modelcontextprotocol/sdk/server/streamableHttp.js\");\n const transport = new StreamableHTTPServerTransport({\n sessionIdGenerator: undefined, // stateless\n // Return JSON request/response instead of SSE. A stateless serverless\n // instance can freeze right after returning a streaming Response, before\n // the deferred SSE result event is flushed — the client then never gets\n // the tools/call result and reports \"session expired\". JSON mode awaits\n // the result inside the request lifecycle and returns it as one body.\n enableJsonResponse: true,\n });\n await server.connect(transport);\n try {\n // The SDK transport writes directly to the Node response. Node-only by\n // construction; we only reach here when real Node req/res exist.\n await transport.handleRequest(nodeReq, nodeRes, body);\n } catch (err: any) {\n // The SDK transport writes directly to the Node response. If the socket\n // is already closed/ended (client disconnected, or the host stream\n // layer also flushed), Node throws ERR_STREAM_WRITE_AFTER_END *after*\n // the MCP payload was already delivered correctly. Swallow that benign\n // post-flush write so an external agent disconnecting mid-stream can\n // never take down the server process; rethrow anything else.\n if (err?.code !== \"ERR_STREAM_WRITE_AFTER_END\") throw err;\n if (process.env.DEBUG)\n console.log(\n \"[mcp] ignored post-flush ERR_STREAM_WRITE_AFTER_END (client disconnected)\",\n );\n }\n // Prevent H3 from double-writing the response\n (event as any)._handled = true;\n return undefined;\n }\n\n // ---- Web-standard response path (Nitro local dev, Netlify web runtime, CF,\n // Deno, Bun) ---------------------------------------------------------------\n //\n // `StreamableHTTPServerTransport` is itself just a thin wrapper that\n // converts the Node req/res to a web Request/Response and delegates to\n // `WebStandardStreamableHTTPServerTransport.handleRequest(webRequest, {\n // parsedBody })`. Using the web transport directly with the SAME options +\n // the same pre-read `parsedBody` produces byte-identical protocol output\n // (including the deep-link `_meta` built inside createMCPServerForRequest),\n // and works on every web runtime because it returns a Web `Response`\n // (JSON for request/response, or an SSE `ReadableStream` body which h3\n // streams natively).\n const { WebStandardStreamableHTTPServerTransport } =\n await import(\"@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js\");\n const transport = new WebStandardStreamableHTTPServerTransport({\n sessionIdGenerator: undefined, // stateless — same as the Node path\n // JSON request/response (not SSE) — see the Node fast-path note above.\n // This is the serverless-safe framing: the result is computed and returned\n // within the request, never pushed onto a stream after the instance froze.\n enableJsonResponse: true,\n });\n await server.connect(transport);\n const webRequest = buildWebRequest(event, method);\n // `parsedBody: undefined` would make the SDK try to read `req.json()`; our\n // synthesized request has no body, so only pass the option for POST (where\n // we actually have a parsed body). For GET the transport reads no body.\n const response = await transport.handleRequest(\n webRequest,\n method === \"POST\" ? { parsedBody: body } : undefined,\n );\n return response;\n}\n\n// ---------------------------------------------------------------------------\n// mountMCP — register MCP Streamable HTTP endpoint on H3/Nitro\n// ---------------------------------------------------------------------------\n\n/**\n * Mount an MCP remote server on an H3/Nitro app.\n *\n * Endpoint: `{routePrefix}/mcp` (default `/_agent-native/mcp`)\n *\n * Uses stateless Streamable HTTP transport — no in-memory sessions, JSON\n * request/response (no SSE), and no standalone GET stream, so it survives\n * serverless instances that freeze between invocations (SSE framing there\n * drops the result and clients report \"session expired\"). Runtime-agnostic: a real Node\n * server uses the SDK's Node transport; the web-standard runtime (Nitro 3 /\n * Netlify web runtime, Cloudflare, Deno, Bun) uses the SDK's web-standard\n * transport. Both build the same server and produce identical JSON-RPC\n * output.\n *\n * Auth: Bearer token matching ACCESS_TOKEN/ACCESS_TOKENS or JWT via A2A_SECRET.\n * No auth required when neither is configured (dev mode).\n */\nexport function mountMCP(\n nitroApp: any,\n config: MCPConfig,\n routePrefix = \"/_agent-native\",\n): void {\n getH3App(nitroApp).use(\n `${routePrefix}/mcp`,\n defineEventHandler(async (event) => {\n return handleMcpRequest(event as H3Event, config);\n }),\n );\n\n if (process.env.DEBUG)\n console.log(\n `[mcp] Mounted MCP server at ${routePrefix}/mcp (${Object.keys(config.actions).length} tools${config.askAgent ? \" + ask-agent\" : \"\"})`,\n );\n}\n"]}
package/dist/observability/routes.d.ts CHANGED
@@ -19,12 +19,20 @@
19
19
  * POST /experiments/:id/results — compute experiment results
20
20
  * GET /experiments/:id/results — get experiment results
21
21
  */
22
- export declare function createObservabilityHandler(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<import("./types.js").Experiment | import("./types.js").TraceSummary[] | import("./types.js").FeedbackEntry[] | {
22
+ export declare function createObservabilityHandler(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
23
+ totalRuns: number;
24
+ totalCostCents: number;
25
+ avgDurationMs: number;
26
+ toolSuccessRate: number;
27
+ avgFrustrationScore: number;
28
+ thumbsUpRate: number;
29
+ avgEvalScore: number;
30
+ } | import("./types.js").TraceSummary[] | import("./types.js").EvalResult[] | {
23
31
  total: number;
24
32
  thumbsUp: number;
25
33
  thumbsDown: number;
26
34
  categories: Record<string, number>;
27
- } | import("./types.js").SatisfactionScore[] | import("./types.js").EvalResult[] | {
35
+ } | import("./types.js").FeedbackEntry[] | import("./types.js").SatisfactionScore[] | {
28
36
  totalEvals: number;
29
37
  avgScore: number;
30
38
  byCriteria: Array<{
@@ -32,15 +40,7 @@ export declare function createObservabilityHandler(): import("h3").EventHandlerW
32
40
  avgScore: number;
33
41
  count: number;
34
42
  }>;
35
- } | import("./types.js").Experiment[] | import("./types.js").ExperimentMetricResult[] | {
36
- totalRuns: number;
37
- totalCostCents: number;
38
- avgDurationMs: number;
39
- toolSuccessRate: number;
40
- avgFrustrationScore: number;
41
- thumbsUpRate: number;
42
- avgEvalScore: number;
43
- } | {
43
+ } | import("./types.js").Experiment | import("./types.js").Experiment[] | import("./types.js").ExperimentMetricResult[] | {
44
44
  summary: import("./types.js").TraceSummary;
45
45
  spans: import("./types.js").TraceSpan[];
46
46
  id?: undefined;
package/dist/org/handlers.d.ts CHANGED
@@ -2,9 +2,9 @@ import type { OrgRole } from "./types.js";
2
2
  /** GET /_agent-native/org/me — current user's active org, all orgs, pending invitations */
3
3
  export declare const getMyOrgHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
4
4
  email: string;
5
- orgId: string | null;
6
- orgName: string | null;
7
- role: OrgRole | null;
5
+ orgId: string;
6
+ orgName: string;
7
+ role: OrgRole;
8
8
  orgs: {
9
9
  orgId: string;
10
10
  role: OrgRole;
@@ -20,8 +20,8 @@ export declare const getMyOrgHandler: import("h3").EventHandlerWithFetch<import(
20
20
  orgId: string;
21
21
  orgName: string;
22
22
  }[];
23
- allowedDomain: string | null;
24
- a2aSecret: string | null | undefined;
23
+ allowedDomain: string;
24
+ a2aSecret: string;
25
25
  }>>;
26
26
  /** POST /_agent-native/org — create a new organization */
27
27
  export declare const createOrgHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
@@ -37,7 +37,7 @@ export declare const listMembersHandler: import("h3").EventHandlerWithFetch<impo
37
37
  joinedAt: number;
38
38
  }[];
39
39
  hasMore: boolean;
40
- nextOffset: number | null;
40
+ nextOffset: number;
41
41
  }>>;
42
42
  interface SingleInviteResult {
43
43
  id: string;
@@ -97,10 +97,6 @@ export declare const updateOrgHandler: import("h3").EventHandlerWithFetch<import
97
97
  }>>;
98
98
  /** PUT /_agent-native/org/switch — switch the user's active organization */
99
99
  export declare const switchOrgHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
100
- orgId: null;
101
- orgName: null;
102
- role: null;
103
- } | {
104
100
  orgId: any;
105
101
  orgName: string;
106
102
  role: OrgRole;
@@ -118,7 +114,7 @@ export declare const setDomainHandler: import("h3").EventHandlerWithFetch<import
118
114
  /** PUT /_agent-native/org/a2a-secret — regenerate or set the org's A2A secret (owner/admin only) */
119
115
  export declare const setA2ASecretHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
120
116
  a2aSecret: any;
121
- previousSecret: string | null;
117
+ previousSecret: string;
122
118
  }>>;
123
119
  /**
124
120
  * POST /_agent-native/org/a2a-secret/sync — push the org's A2A secret to all
package/dist/org/handlers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../src/org/handlers.ts"],"names":[],"mappings":"AAgDA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAkB1C,2FAA2F;AAC3F,eAAO,MAAM,eAAe;;;;;;;cAaA,OAAO;;;;;;;;;;eAIC,MAAM;iBAAW,MAAM;;;;GA0EzD,CAAC;AAEH,0DAA0D;AAC1D,eAAO,MAAM,gBAAgB;;;;GAe3B,CAAC;AAEH,wDAAwD;AACxD,eAAO,MAAM,kBAAkB;;;cA2CH,OAAO;;;;;GAQjC,CAAC;AAqBH,UAAU,kBAAkB;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;IACzB,MAAM,EAAE,SAAS,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,UAAU,mBAAmB;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAsED,8EAA8E;AAC9E,eAAO,MAAM,uBAAuB;;;;GAuEnC,CAAC;AAEF,gFAAgF;AAChF,eAAO,MAAM,sBAAsB;;;;;;;;;GAyBlC,CAAC;AAEF,4EAA4E;AAC5E,eAAO,MAAM,uBAAuB;;;UAoD8B,OAAO;GAkBxE,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,mBAAmB;;GA2D/B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB;;;GAqEnC,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,gBAAgB;;;GA4B3B,CAAC;AAEH,4EAA4E;AAC5E,eAAO,MAAM,gBAAgB;;;;;;;UAkCC,OAAO;GAEnC,CAAC;AAEH,mGAAmG;AACnG,eAAO,MAAM,mBAAmB;;;UAqDR,OAAO;GAG9B,CAAC;AAEF,+FAA+F;AAC/F,eAAO,MAAM,gBAAgB;;GAsE3B,CAAC;AAEH,oGAAoG;AACpG,eAAO,MAAM,mBAAmB;;;GA0C/B,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;YA2DvB,MAAM;cACJ,MAAM;aACP,MAAM;YACP,OAAO;iBACF,MAAM;gBACP,MAAM;;GA6DnB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB;;;GAgGnC,CAAC"}
1
+ {"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../src/org/handlers.ts"],"names":[],"mappings":"AAgDA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAkB1C,2FAA2F;AAC3F,eAAO,MAAM,eAAe;;;;;;;cAaA,OAAO;;;;;;;;;;eAIC,MAAM;iBAAW,MAAM;;;;GA0EzD,CAAC;AAEH,0DAA0D;AAC1D,eAAO,MAAM,gBAAgB;;;;GAe3B,CAAC;AAEH,wDAAwD;AACxD,eAAO,MAAM,kBAAkB;;;cA2CH,OAAO;;;;;GAQjC,CAAC;AAqBH,UAAU,kBAAkB;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;IACzB,MAAM,EAAE,SAAS,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,UAAU,mBAAmB;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAsED,8EAA8E;AAC9E,eAAO,MAAM,uBAAuB;;;;GAuEnC,CAAC;AAEF,gFAAgF;AAChF,eAAO,MAAM,sBAAsB;;;;;;;;;GAyBlC,CAAC;AAEF,4EAA4E;AAC5E,eAAO,MAAM,uBAAuB;;;UAoD8B,OAAO;GAkBxE,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,mBAAmB;;GA2D/B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB;;;GAqEnC,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,gBAAgB;;;GA4B3B,CAAC;AAEH,4EAA4E;AAC5E,eAAO,MAAM,gBAAgB;;;UAkCC,OAAO;GAEnC,CAAC;AAEH,mGAAmG;AACnG,eAAO,MAAM,mBAAmB;;;UAqDR,OAAO;GAG9B,CAAC;AAEF,+FAA+F;AAC/F,eAAO,MAAM,gBAAgB;;GAsE3B,CAAC;AAEH,oGAAoG;AACpG,eAAO,MAAM,mBAAmB;;;GA0C/B,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;YA2DvB,MAAM;cACJ,MAAM;aACP,MAAM;YACP,OAAO;iBACF,MAAM;gBACP,MAAM;;GA6DnB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB;;;GAgGnC,CAAC"}
package/dist/secrets/schema.d.ts CHANGED
@@ -30,7 +30,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
30
30
  identity: undefined;
31
31
  generated: undefined;
32
32
  }, {}, {
33
- length: number | undefined;
33
+ length: number;
34
34
  }>;
35
35
  scope: import("drizzle-orm/sqlite-core").SQLiteColumn<{
36
36
  name: "scope";
@@ -49,7 +49,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
49
49
  identity: undefined;
50
50
  generated: undefined;
51
51
  }, {}, {
52
- length: number | undefined;
52
+ length: number;
53
53
  }>;
54
54
  scopeId: import("drizzle-orm/sqlite-core").SQLiteColumn<{
55
55
  name: "scope_id";
@@ -68,7 +68,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
68
68
  identity: undefined;
69
69
  generated: undefined;
70
70
  }, {}, {
71
- length: number | undefined;
71
+ length: number;
72
72
  }>;
73
73
  key: import("drizzle-orm/sqlite-core").SQLiteColumn<{
74
74
  name: "key";
@@ -87,7 +87,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
87
87
  identity: undefined;
88
88
  generated: undefined;
89
89
  }, {}, {
90
- length: number | undefined;
90
+ length: number;
91
91
  }>;
92
92
  encryptedValue: import("drizzle-orm/sqlite-core").SQLiteColumn<{
93
93
  name: "encrypted_value";
@@ -106,7 +106,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
106
106
  identity: undefined;
107
107
  generated: undefined;
108
108
  }, {}, {
109
- length: number | undefined;
109
+ length: number;
110
110
  }>;
111
111
  description: import("drizzle-orm/sqlite-core").SQLiteColumn<{
112
112
  name: "description";
@@ -125,7 +125,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
125
125
  identity: undefined;
126
126
  generated: undefined;
127
127
  }, {}, {
128
- length: number | undefined;
128
+ length: number;
129
129
  }>;
130
130
  urlAllowlist: import("drizzle-orm/sqlite-core").SQLiteColumn<{
131
131
  name: "url_allowlist";
@@ -144,7 +144,7 @@ export declare const appSecrets: import("drizzle-orm/sqlite-core").SQLiteTableWi
144
144
  identity: undefined;
145
145
  generated: undefined;
146
146
  }, {}, {
147
- length: number | undefined;
147
+ length: number;
148
148
  }>;
149
149
  createdAt: import("drizzle-orm/sqlite-core").SQLiteColumn<{
150
150
  name: "created_at";
package/dist/server/csrf.d.ts CHANGED
@@ -55,5 +55,5 @@
55
55
  */
56
56
  export declare function createCsrfMiddleware(frameworkPrefix?: string): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, {
57
57
  error: string;
58
- } | undefined>;
58
+ }>;
59
59
  //# sourceMappingURL=csrf.d.ts.map
package/dist/server/csrf.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../../src/server/csrf.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AAiHH;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAClC,eAAe,GAAE,MAAyB;;eAqB3C"}
1
+ {"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../../src/server/csrf.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AAiHH;;;;;;;;;;GAUG;AACH,wBAAgB,oBAAoB,CAClC,eAAe,GAAE,MAAyB;;GAqB3C"}
package/dist/server/poll-events.d.ts CHANGED
@@ -11,7 +11,7 @@
11
11
  * the next poll cycle. Polling fallback keeps working — cursors degrade
12
12
  * gracefully to poll cadence without SSE.
13
13
  */
14
- export declare function createPollEventsHandler(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<string | URLSearchParams | ReadableStream<any> | Blob | ArrayBuffer | ArrayBufferView<ArrayBuffer> | FormData | {
14
+ export declare function createPollEventsHandler(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<string | ReadableStream<any> | Blob | ArrayBuffer | ArrayBufferView<ArrayBuffer> | FormData | URLSearchParams | {
15
15
  error: string;
16
16
  }>>;
17
17
  //# sourceMappingURL=poll-events.d.ts.map
package/dist/server/security-headers.d.ts CHANGED
@@ -60,5 +60,5 @@ export declare function computeInlineScriptHash(scriptContent: string): string;
60
60
  * error pages). Route handlers that need to tighten a specific header can call
61
61
  * `setResponseHeader` after this runs — the latest write wins.
62
62
  */
63
- export declare function createSecurityHeadersMiddleware(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, undefined>;
63
+ export declare function createSecurityHeadersMiddleware(): import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, any>;
64
64
  //# sourceMappingURL=security-headers.d.ts.map
package/dist/server/security-headers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security-headers.d.ts","sourceRoot":"","sources":["../../src/server/security-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AAUH;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAGrE;AAwCD;;;;;GAKG;AACH,wBAAgB,+BAA+B,oFA6C9C"}
1
+ {"version":3,"file":"security-headers.d.ts","sourceRoot":"","sources":["../../src/server/security-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AAUH;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAGrE;AAwCD;;;;;GAKG;AACH,wBAAgB,+BAA+B,8EA6C9C"}
package/dist/sharing/actions/list-resource-shares.d.ts CHANGED
@@ -2,9 +2,9 @@ declare const _default: import("../../action.js").ActionDefinition<{
2
2
  resourceType: string;
3
3
  resourceId: string;
4
4
  }, {
5
- ownerEmail: null;
6
- visibility: null;
7
- shares: never[];
5
+ ownerEmail: any;
6
+ visibility: any;
7
+ shares: any[];
8
8
  policy: {
9
9
  allowPublic: boolean;
10
10
  requireOrgMemberForUserShares: boolean;
package/dist/sharing/actions/set-resource-visibility.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  declare const _default: import("../../action.js").ActionDefinition<{
2
2
  resourceType: string;
3
3
  resourceId: string;
4
- visibility: "org" | "private" | "public";
4
+ visibility: "public" | "private" | "org";
5
5
  }, {
6
6
  ok: boolean;
7
- visibility: "org" | "private" | "public";
7
+ visibility: "public" | "private" | "org";
8
8
  }>;
9
9
  export default _default;
10
10
  //# sourceMappingURL=set-resource-visibility.d.ts.map
package/dist/sharing/actions/share-resource.d.ts CHANGED
@@ -3,11 +3,11 @@ export declare function resolveShareNotificationUrl(explicitUrl: string | undefi
3
3
  declare const _default: import("../../action.js").ActionDefinition<{
4
4
  resourceType: string;
5
5
  resourceId: string;
6
- principalType: "user" | "org";
6
+ principalType: "org" | "user";
7
7
  principalId: string;
8
- role?: "editor" | "admin" | "viewer" | undefined;
9
- notify?: boolean | undefined;
10
- resourceUrl?: string | undefined;
8
+ role?: "admin" | "viewer" | "editor";
9
+ notify?: boolean;
10
+ resourceUrl?: string;
11
11
  }, {
12
12
  id: any;
13
13
  updated: boolean;
package/dist/sharing/actions/unshare-resource.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  declare const _default: import("../../action.js").ActionDefinition<{
2
2
  resourceType: string;
3
3
  resourceId: string;
4
- principalType: "user" | "org";
4
+ principalType: "org" | "user";
5
5
  principalId: string;
6
6
  }, {
7
7
  ok: boolean;