npm - @agent-vm/mcp-portal - Versions diffs - 0.0.69 → 0.0.70 - Mend

@agent-vm/mcp-portal 0.0.69 → 0.0.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

package/README.md +42 -11
package/dist/agent-bearer-token-DCtpDPCZ.js +59 -0
package/dist/agent-bearer-token-DCtpDPCZ.js.map +1 -0
package/dist/bin/mcp-portal.d.ts +28 -0
package/dist/bin/mcp-portal.d.ts.map +1 -0
package/dist/bin/mcp-portal.js +318 -0
package/dist/bin/mcp-portal.js.map +1 -0
package/dist/{catalog-types--gUGFPpN.d.ts → catalog-types-BVuB4Ynx.d.ts} +1 -1
package/dist/{catalog-types--gUGFPpN.d.ts.map → catalog-types-BVuB4Ynx.d.ts.map} +1 -1
package/dist/cli/index.d.ts +101 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +2 -0
package/dist/core/index.d.ts +40 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +5 -0
package/dist/hmac-env-B4shpRRB.js +20 -0
package/dist/hmac-env-B4shpRRB.js.map +1 -0
package/dist/hmac-token-DBqWY3-w.js +100 -0
package/dist/hmac-token-DBqWY3-w.js.map +1 -0
package/dist/index.d.ts +5 -485
package/dist/index.js +4 -5
package/dist/mcp-proxy/index.d.ts +24 -0
package/dist/mcp-proxy/index.d.ts.map +1 -0
package/dist/mcp-proxy/index.js +2 -0
package/dist/portal-auth/agent-bearer-token.d.ts +22 -0
package/dist/portal-auth/agent-bearer-token.d.ts.map +1 -0
package/dist/portal-auth/agent-bearer-token.js +2 -0
package/dist/portal-auth/hmac-env.d.ts +6 -0
package/dist/portal-auth/hmac-env.d.ts.map +1 -0
package/dist/portal-auth/hmac-env.js +2 -0
package/dist/portal-auth/hmac-token.d.ts +40 -0
package/dist/portal-auth/hmac-token.d.ts.map +1 -0
package/dist/portal-auth/hmac-token.js +2 -0
package/dist/portal-config/index.d.ts +11 -0
package/dist/portal-config/index.d.ts.map +1 -0
package/dist/{tool-vm → portal-config}/index.js +2 -3
package/dist/portal-core-CZQI7Ob6.d.ts +264 -0
package/dist/portal-core-CZQI7Ob6.d.ts.map +1 -0
package/dist/portal-core-Cgu714CL.js +416 -0
package/dist/portal-core-Cgu714CL.js.map +1 -0
package/dist/portal-session-DG2CUjIo.d.ts +184 -0
package/dist/portal-session-DG2CUjIo.d.ts.map +1 -0
package/dist/portal-tools-DKci1szO.js +528 -0
package/dist/portal-tools-DKci1szO.js.map +1 -0
package/dist/resolve-agent-identity-DnC_Pmnh.js +550 -0
package/dist/resolve-agent-identity-DnC_Pmnh.js.map +1 -0
package/dist/resolve-agent-identity-FQL02YdW.d.ts +81 -0
package/dist/resolve-agent-identity-FQL02YdW.d.ts.map +1 -0
package/dist/serve-command-CnSMUybd.js +358 -0
package/dist/serve-command-CnSMUybd.js.map +1 -0
package/dist/testing/fake-upstream-mcp-server.d.ts +5 -2
package/dist/testing/fake-upstream-mcp-server.d.ts.map +1 -1
package/dist/testing/fake-upstream-mcp-server.js +14 -4
package/dist/testing/fake-upstream-mcp-server.js.map +1 -1
package/dist/typescript-artifact-BVLt3Ifd.js +60 -0
package/dist/typescript-artifact-BVLt3Ifd.js.map +1 -0
package/dist/upstream-mcp-client-runtime-JlsfTm7_.js +760 -0
package/dist/upstream-mcp-client-runtime-JlsfTm7_.js.map +1 -0
package/dist/upstream-response-middleware-1MZnAD9C.d.ts +115 -0
package/dist/upstream-response-middleware-1MZnAD9C.d.ts.map +1 -0
package/dist/upstream-response-middleware-BjUWZ2G8.js +172 -0
package/dist/upstream-response-middleware-BjUWZ2G8.js.map +1 -0
package/dist/{index-BcI9c8sg.d.ts → zod-schema-loader-DLGQpYFD.d.ts} +3 -9
package/dist/zod-schema-loader-DLGQpYFD.d.ts.map +1 -0
package/dist/{typescript-artifact-BqU8okQy.js → zod-schema-loader-yNekKNpm.js} +85 -55
package/dist/zod-schema-loader-yNekKNpm.js.map +1 -0
package/package.json +30 -13
package/dist/bin/agent-vm-mcp-portal.d.ts +0 -10
package/dist/bin/agent-vm-mcp-portal.d.ts.map +0 -1
package/dist/bin/agent-vm-mcp-portal.js +0 -56
package/dist/bin/agent-vm-mcp-portal.js.map +0 -1
package/dist/bin/portal-server.d.ts +0 -55
package/dist/bin/portal-server.d.ts.map +0 -1
package/dist/bin/portal-server.js +0 -289
package/dist/bin/portal-server.js.map +0 -1
package/dist/index-BcI9c8sg.d.ts.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/tool-vm/index.d.ts +0 -2
package/dist/tool-vm-ihnzDyjJ.js +0 -3
package/dist/typescript-artifact-BqU8okQy.js.map +0 -1
package/dist/upstream-mcp-client-runtime-DiBCBsDj.js +0 -1729
package/dist/upstream-mcp-client-runtime-DiBCBsDj.js.map +0 -1
package/dist/zod-schema-loader-CDDtoRE1.js +0 -90
package/dist/zod-schema-loader-CDDtoRE1.js.map +0 -1

package/dist/index.d.ts CHANGED Viewed

@@ -1,485 +1,5 @@
-import { a as safeToolMetadataSchema, c as JsonPrimitive, d as isJsonObject, f as jsonObjectSchema, i as portalToolRecordSchema, l as JsonValue, n as PortalToolRecord, o as JsonArray, p as jsonValueSchema, r as portalToolAnnotationsSchema, s as JsonObject, t as PortalToolAnnotations, u as assertJsonObject } from "./catalog-types--gUGFPpN.js";
-import { a as SchemaValidationUnavailableError, c as generateTypescriptCatalogArtifact, i as PortalValidationResult, n as InputValidationError, o as buildZodValidatorFromJsonSchema, r as InputValidationIssue, s as CatalogArtifactInput, t as BuiltZodValidator } from "./index-BcI9c8sg.js";
-import { z } from "zod";
-import { Hono } from "hono";
-import { Server } from "@modelcontextprotocol/sdk/server/index.js";
-import { Tool } from "@modelcontextprotocol/sdk/types.js";
-import { McpPortalAgentConfig, McpPortalConfig, ResolvedMcpPortalProfile, SecretValue } from "@agent-vm/config-contracts";
-import { SSEClientTransportOptions } from "@modelcontextprotocol/sdk/client/sse.js";
-//#region src/auth/hmac-env.d.ts
-declare function portalHmacKeyEnvName(agentId: string): string;
-declare function parseHmacKeysFromEnv(env: Readonly<Record<string, string | undefined>>): ReadonlyMap<string, Buffer>;
-//#endregion
-//#region src/auth/hmac-token.d.ts
-interface ApprovalTokenCallDigest {
-  readonly argumentsHash: string;
-  readonly namespace: string;
-  readonly toolName: string;
-}
-interface SignApprovalTokenProps {
-  readonly agentId: string;
-  readonly calls: readonly ApprovalTokenCallDigest[];
-  readonly expiresAtMs: number;
-  readonly key: Buffer;
-}
-interface VerifyApprovalTokenProps {
-  readonly agentId: string;
-  readonly calls: readonly ApprovalTokenCallDigest[];
-  readonly key: Buffer;
-  readonly nowMs: number;
-  readonly token: string;
-}
-type VerifyApprovalTokenResult = {
-  readonly ok: true;
-} | {
-  readonly ok: false;
-  readonly reason: 'agent-mismatch' | 'call-mismatch' | 'expired' | 'malformed' | 'signature-mismatch';
-};
-declare function hashCallArguments(args: unknown): string;
-declare function signApprovalToken(props: SignApprovalTokenProps): string;
-declare function verifyApprovalToken(props: VerifyApprovalTokenProps): VerifyApprovalTokenResult;
-//#endregion
-//#region src/mcp-server/portal-call-validation.d.ts
-declare function validatePortalToolArguments(tool: PortalToolRecord, argumentsValue: JsonObject): {
-  readonly ok: true;
-  readonly value: unknown;
-} | {
-  readonly error: {
-    readonly issues: readonly {
-      readonly code: string;
-      readonly message: string;
-      readonly path: readonly (number | string)[];
-    }[];
-    readonly kind: 'input_validation';
-    readonly namespace: string;
-    readonly toolName: string;
-  } | {
-    readonly feature: string;
-    readonly kind: 'schema_validation_unavailable';
-    readonly message: string;
-    readonly namespace: string;
-    readonly path: readonly (number | string)[];
-    readonly toolName: string;
-  };
-  readonly ok: false;
-};
-//#endregion
-//#region src/portal-access-policy.d.ts
-declare const portalAgentIdentityBrand: unique symbol;
-type PortalAgentIdentity = {
-  readonly agentId: string;
-  readonly agentScopeId: string;
-  readonly sessionId?: string;
-  readonly [portalAgentIdentityBrand]: true;
-};
-interface PortalToolSelector {
-  readonly namespace: string;
-  readonly toolName: string;
-}
-type PortalDefaultPolicy = 'allow-all' | 'deny-all';
-interface PortalAccessPolicyConfig {
-  readonly defaultPolicy?: PortalDefaultPolicy;
-  readonly enabledNamespaces?: readonly string[];
-  readonly enabledNamespacesByAgent: Readonly<Record<string, readonly string[]>>;
-  readonly enabledToolsByAgent?: Readonly<Record<string, readonly PortalToolSelector[]>>;
-  readonly hiddenToolsByAgent: Readonly<Record<string, readonly PortalToolSelector[]>>;
-}
-interface ResolvedPortalAccessPolicy {
-  readonly allowedNamespaces: readonly string[];
-  readonly enabledTools: readonly PortalToolSelector[];
-  readonly hiddenTools: readonly PortalToolSelector[];
-}
-declare function createPortalAgentIdentity(input: {
-  readonly agentId: string;
-  readonly agentScopeId: string;
-  readonly sessionId?: string;
-}): PortalAgentIdentity;
-declare function portalAgentScopeKey(identity: PortalAgentIdentity): string;
-declare function resolvePortalAccessPolicy(props: {
-  readonly config: PortalAccessPolicyConfig;
-  readonly identity: PortalAgentIdentity;
-  readonly upstreamNamespaces: readonly string[];
-}): ResolvedPortalAccessPolicy;
-//#endregion
-//#region src/tool-ref.d.ts
-interface ToolIdentity {
-  readonly namespace: string;
-  readonly toolName: string;
-}
-declare const toolRefSchema: z.core.$ZodBranded<z.ZodString, "ToolRef", "out">;
-type ToolRef = z.infer<typeof toolRefSchema>;
-declare function encodeToolRef(identity: ToolIdentity): ToolRef;
-declare function decodeToolRef(toolRef: string | ToolRef): ToolIdentity;
-//#endregion
-//#region src/tool-graph.d.ts
-type ToolRelationshipType = 'entity' | 'schema-field' | 'skill';
-interface ToolRelationshipEndpoint extends ToolIdentity {
-  readonly toolRef: string;
-}
-interface ToolRelationship {
-  readonly field?: string;
-  readonly from: ToolRelationshipEndpoint;
-  readonly reason: string;
-  readonly to: ToolRelationshipEndpoint;
-  readonly type: ToolRelationshipType;
-}
-interface SkillGraphInput {
-  readonly description?: string;
-  readonly tags?: readonly string[];
-  readonly title: string;
-  readonly toolRefs: readonly string[];
-}
-interface ScopedSkillGraphEntry {
-  readonly description?: string;
-  readonly tags: readonly string[];
-  readonly title: string;
-  readonly toolRefs: readonly string[];
-}
-interface ToolGraphInput {
-  readonly skills?: readonly SkillGraphInput[];
-  readonly tools: readonly PortalToolRecord[];
-}
-interface ToolGraph {
-  readonly relationships: readonly ToolRelationship[];
-  readonly skills: readonly ScopedSkillGraphEntry[];
-}
-declare function buildToolGraph(input: ToolGraphInput): ToolGraph;
-//#endregion
-//#region src/tool-summary.d.ts
-interface ToolSchemaSummary {
-  readonly optional: readonly string[];
-  readonly propertyCount: number;
-  readonly required: readonly string[];
-  readonly type: string;
-}
-interface ToolSafetySummary {
-  readonly destructiveHint?: boolean;
-  readonly readOnlyHint?: boolean;
-}
-interface ToolSummary {
-  readonly description?: string;
-  readonly input: ToolSchemaSummary;
-  readonly namespace: string;
-  readonly output?: ToolSchemaSummary;
-  readonly safety: ToolSafetySummary;
-  readonly title?: string;
-  readonly toolName: string;
-  readonly toolRef: string;
-}
-declare function summarizeJsonSchema(schema: JsonObject): ToolSchemaSummary;
-declare function createToolSummary(tool: PortalToolRecord): ToolSummary;
-//#endregion
-//#region src/search-index.d.ts
-interface SearchQuery {
-  readonly limit: number;
-  readonly namespaces?: readonly string[];
-  readonly query?: string;
-}
-interface SearchResultSet {
-  readonly results: readonly ToolSearchResult[];
-}
-interface SearchIndex {
-  readonly search: (query: SearchQuery) => SearchResultSet;
-}
-interface ToolRelationshipHint {
-  readonly field?: string;
-  readonly reason: string;
-  readonly sourceToolRef: string;
-  readonly type: ToolRelationship['type'];
-}
-interface ToolSearchResult extends ToolSummary {
-  readonly relationshipHints?: readonly ToolRelationshipHint[];
-  readonly schemaFieldMatches?: readonly string[];
-}
-declare function createSearchIndex(tools: readonly PortalToolRecord[], graph?: ToolGraph): SearchIndex;
-//#endregion
-//#region src/portal-session.d.ts
-interface PortalCatalogSnapshot {
-  readonly agentScopeId: string;
-  readonly discoveryFailures: readonly PortalDiscoveryFailure[];
-  readonly generatedAt: string;
-  readonly sourceHash: string;
-  readonly tools: readonly PortalToolRecord[];
-}
-interface PortalDiscoveryFailure {
-  readonly message: string;
-  readonly namespace: string;
-}
-interface PortalSession {
-  readonly catalog: PortalCatalogSnapshot;
-  readonly graph: ToolGraph;
-  readonly identity: PortalAgentIdentity;
-  readonly searchIndex: SearchIndex;
-}
-interface PortalSessionRuntime {
-  readonly closeAgentScope: (agentScopeId: string) => Promise<void> | void;
-  readonly closeSession?: (scopeKey: string) => Promise<void> | void;
-  readonly listTools: (call: {
-    readonly agentScopeId: string;
-    readonly namespace: string;
-  }) => Promise<readonly Tool[]>;
-}
-interface PortalSessionManagerOptions {
-  readonly accessPolicy: PortalAccessPolicyConfig;
-  readonly catalogTtlMs: number;
-  readonly discoveryFailures?: readonly PortalDiscoveryFailure[];
-  readonly now?: () => number;
-  readonly runtime: PortalSessionRuntime;
-  readonly skills?: readonly SkillGraphInput[];
-  readonly upstreamNamespaces: readonly string[];
-}
-interface PortalSessionManager {
-  readonly getSession: (identity: PortalAgentIdentity) => Promise<PortalSession>;
-  readonly invalidateAgentScope: (agentScopeId: string) => Promise<void>;
-  readonly invalidateSession: (identity: PortalAgentIdentity) => Promise<void>;
-}
-declare function createPortalSessionManager(options: PortalSessionManagerOptions): PortalSessionManager;
-//#endregion
-//#region src/mcp-server/portal-tools.d.ts
-interface PortalToolSuccess {
-  readonly input: Readonly<Record<string, unknown>>;
-  readonly ok: true;
-  readonly output: Readonly<Record<string, unknown>>;
-}
-interface PortalToolFailure {
-  readonly error: unknown;
-  readonly input: Readonly<Record<string, unknown>>;
-  readonly ok: false;
-}
-type PortalToolResult = PortalToolFailure | PortalToolSuccess;
-type PortalToolResultMap = Readonly<Record<string, PortalToolResult>>;
-interface PortalBatchError {
-  readonly id?: string;
-  readonly kind: string;
-  readonly message: string;
-}
-interface PortalBatchDiagnostic {
-  readonly kind: string;
-  readonly message: string;
-  readonly namespace?: string;
-}
-interface PortalBatchResult {
-  readonly diagnostics: readonly PortalBatchDiagnostic[];
-  readonly errors: readonly PortalBatchError[];
-  readonly ok: boolean;
-  readonly results: PortalToolResultMap;
-}
-interface PortalApprovalCall {
-  readonly arguments: JsonObject;
-  readonly id: string;
-  readonly namespace: string;
-  readonly tool: PortalToolRecord;
-  readonly toolName: string;
-}
-declare const portalToolInputSchemas: {
-  readonly mcp_portal_call: {
-    [x: string]: unknown;
-    type: "object";
-    properties?: {
-      [x: string]: object;
-    } | undefined;
-    required?: string[] | undefined;
-  };
-  readonly mcp_portal_describe: {
-    [x: string]: unknown;
-    type: "object";
-    properties?: {
-      [x: string]: object;
-    } | undefined;
-    required?: string[] | undefined;
-  };
-  readonly mcp_portal_list: {
-    [x: string]: unknown;
-    type: "object";
-    properties?: {
-      [x: string]: object;
-    } | undefined;
-    required?: string[] | undefined;
-  };
-  readonly mcp_portal_search: {
-    [x: string]: unknown;
-    type: "object";
-    properties?: {
-      [x: string]: object;
-    } | undefined;
-    required?: string[] | undefined;
-  };
-};
-interface PortalToolHandlerCall {
-  readonly identity: PortalAgentIdentity;
-  readonly input: unknown;
-}
-interface PortalCallUpstreamTool {
-  readonly arguments: JsonObject;
-  readonly agentScopeId: string;
-  readonly namespace: string;
-  readonly toolName: string;
-}
-interface PortalToolRuntime {
-  readonly approval?: (calls: readonly PortalApprovalCall[], identity: PortalAgentIdentity, approvalToken: string | undefined) => {
-    readonly kind: 'allow';
-  } | {
-    readonly kind: 'approval_token_invalid';
-    readonly reason: string;
-  } | {
-    readonly kind: 'approval_token_missing';
-  } | {
-    readonly kind: 'approval_required';
-    readonly level: 'critical' | 'standard';
-  };
-  readonly callUpstreamTool: (call: PortalCallUpstreamTool) => Promise<unknown>;
-  readonly getSession: (identity: PortalAgentIdentity) => Promise<PortalSession>;
-}
-interface PortalToolHandlers {
-  readonly call: (call: PortalToolHandlerCall) => Promise<PortalBatchResult>;
-  readonly describe: (call: PortalToolHandlerCall) => Promise<PortalBatchResult>;
-  readonly list: (call: PortalToolHandlerCall) => Promise<PortalBatchResult>;
-  readonly search: (call: PortalToolHandlerCall) => Promise<PortalBatchResult>;
-}
-declare function createPortalToolHandlers(runtime: PortalToolRuntime): PortalToolHandlers;
-//#endregion
-//#region src/mcp-server/portal-http-server.d.ts
-interface PortalHttpAgentIdentity extends PortalAgentIdentity {}
-interface PortalServerAccess {
-  readonly expectedValue: string;
-  readonly headerName: string;
-}
-interface PortalHttpAppOptions {
-  readonly onSessionClosed?: (identity: PortalAgentIdentity) => Promise<void> | void;
-  readonly registeredAgentIds?: readonly string[];
-  readonly resolveAgentIdentity?: (agentId: string) => PortalHttpAgentIdentity | null;
-  readonly serverAccess?: PortalServerAccess;
-  readonly toolRuntime: PortalToolRuntime;
-}
-type PortalHttpApp = Hono & {
-  readonly closePortalSessions: () => Promise<void>;
-};
-declare function createPortalHttpApp(options: PortalHttpAppOptions): PortalHttpApp;
-//#endregion
-//#region src/mcp-server/portal-mcp-server.d.ts
-declare const portalMcpToolNames: readonly ["mcp_portal_list", "mcp_portal_search", "mcp_portal_describe", "mcp_portal_call"];
-type PortalMcpToolName = (typeof portalMcpToolNames)[number];
-declare function listPortalMcpTools(): readonly Tool[];
-declare function createPortalMcpServer(props: {
-  readonly identity: PortalAgentIdentity;
-  readonly runtime: PortalToolRuntime;
-}): Server;
-//#endregion
-//#region src/mcp-server/resolve-agent-identity.d.ts
-interface ResolveAgentHmacKeysProps {
-  readonly agents: Readonly<Record<string, McpPortalAgentConfig>>;
-  readonly envKeys: ReadonlyMap<string, Buffer>;
-  readonly resolveSecret: (secret: SecretValue) => Promise<string>;
-}
-interface PortalAgentRuntimeRecord {
-  readonly agentId: string;
-  readonly hmacKey: Buffer;
-  readonly profile: ResolvedMcpPortalProfile;
-  readonly profileName: string;
-}
-declare function resolveAgentHmacKeys(props: ResolveAgentHmacKeysProps): Promise<ReadonlyMap<string, Buffer>>;
-declare function createPortalAgentRuntimeRecords(props: {
-  readonly hmacKeys: ReadonlyMap<string, Buffer>;
-  readonly portalConfig: McpPortalConfig;
-}): ReadonlyMap<string, PortalAgentRuntimeRecord>;
-declare function createPortalHttpAgentResolver(records: ReadonlyMap<string, PortalAgentRuntimeRecord>): (agentId: string) => ReturnType<typeof createPortalAgentIdentity> | null;
-interface ConservativeApprovalFallbackEvent {
-  readonly agentId: string;
-  readonly primaryReason: string;
-  readonly strictCallCount: number;
-  readonly conservativeCallCount: number;
-  readonly toolRefs: readonly string[];
-}
-declare function createPortalApprovalVerifier(props: {
-  readonly onConservativeApprovalFallback?: (event: ConservativeApprovalFallbackEvent) => void;
-  readonly records: ReadonlyMap<string, PortalAgentRuntimeRecord>;
-}): (calls: readonly PortalApprovalCall[], agentId: string, token: string | undefined) => {
-  readonly kind: 'allow';
-} | {
-  readonly kind: 'approval_token_invalid';
-  readonly reason: string;
-} | {
-  readonly kind: 'approval_token_missing';
-};
-//#endregion
-//#region src/upstream-mcp-client-runtime.d.ts
-type UpstreamMcpTransportKind = 'auto-http' | 'sse' | 'stdio' | 'streamable-http';
-interface BaseUpstreamMcpServer {
-  readonly connectionTimeoutMs?: number;
-  readonly namespace: string;
-  readonly transport: UpstreamMcpTransportKind;
-}
-interface RemoteUpstreamMcpServer extends BaseUpstreamMcpServer {
-  readonly eventSourceInit?: SSEClientTransportOptions['eventSourceInit'];
-  readonly headers?: Readonly<Record<string, string>>;
-  readonly requestInit?: RequestInit;
-  readonly transport: 'auto-http' | 'sse' | 'streamable-http';
-  readonly url: string;
-}
-interface StdioUpstreamMcpServer extends BaseUpstreamMcpServer {
-  readonly args?: readonly string[];
-  readonly command: string;
-  readonly cwd?: string;
-  readonly env?: Readonly<Record<string, string>>;
-  readonly transport: 'stdio';
-}
-type NormalizedUpstreamMcpServer = RemoteUpstreamMcpServer | StdioUpstreamMcpServer;
-interface ListToolsCall {
-  readonly agentScopeId: string;
-  readonly namespace: string;
-}
-interface UpstreamToolCall {
-  readonly arguments: JsonObject;
-  readonly agentScopeId: string;
-  readonly namespace: string;
-  readonly toolName: string;
-}
-interface UpstreamListToolsResult {
-  readonly nextCursor?: string | undefined;
-  readonly tools: readonly Tool[];
-}
-interface UpstreamMcpClientLike {
-  readonly callTool: (params: {
-    readonly arguments: JsonObject;
-    readonly name: string;
-  }) => Promise<unknown>;
-  readonly close: () => Promise<void> | void;
-  readonly connect: (transport: unknown) => Promise<void>;
-  readonly listTools: (params?: {
-    readonly cursor?: string;
-  }) => Promise<UpstreamListToolsResult>;
-}
-interface UpstreamMcpRuntimeOptions {
-  readonly additionalRedactionValues?: readonly string[];
-  readonly createClient?: () => UpstreamMcpClientLike;
-  readonly createTransport?: (server: NormalizedUpstreamMcpServer, transport: Exclude<UpstreamMcpTransportKind, 'auto-http'>) => unknown;
-  readonly onCloseError?: (error: Error, context: UpstreamMcpCloseErrorContext) => void;
-  readonly servers: readonly NormalizedUpstreamMcpServer[];
-}
-interface UpstreamMcpCloseErrorContext {
-  readonly agentScopeId: string;
-  readonly namespace?: string;
-}
-interface UpstreamMcpClientRuntime {
-  readonly callTool: (call: UpstreamToolCall) => Promise<unknown>;
-  readonly closeAgentScope: (agentScopeId: string) => Promise<void>;
-  readonly closeSession: (scopeKey: string) => Promise<void>;
-  readonly listTools: (call: ListToolsCall) => Promise<readonly Tool[]>;
-}
-declare function createUpstreamMcpClientRuntime(options: UpstreamMcpRuntimeOptions): UpstreamMcpClientRuntime;
-//#endregion
-//#region src/upstream-response-middleware.d.ts
-interface RedactionOptions {
-  readonly exactValues?: readonly string[];
-}
-declare function isCredentialConfigKey(key: string): boolean;
-declare function redactExactCredentialText(text: string, options?: RedactionOptions): string;
-declare function redactCredentialText(text: string, options?: RedactionOptions): string;
-declare function redactUpstreamResponse(response: unknown, options?: RedactionOptions): unknown;
-declare function redactUpstreamCatalogValue(response: unknown, options?: RedactionOptions): unknown;
-declare function redactThrownError(error: unknown, options?: RedactionOptions): Error;
-declare function toRedactedJsonValue(value: unknown, options?: RedactionOptions): JsonValue;
-//#endregion
-export { ApprovalTokenCallDigest, BuiltZodValidator, CatalogArtifactInput, ConservativeApprovalFallbackEvent, InputValidationError, InputValidationIssue, JsonArray, JsonObject, JsonPrimitive, JsonValue, ListToolsCall, NormalizedUpstreamMcpServer, PortalAccessPolicyConfig, PortalAgentIdentity, PortalAgentRuntimeRecord, PortalApprovalCall, PortalBatchDiagnostic, PortalBatchError, PortalBatchResult, PortalCallUpstreamTool, PortalCatalogSnapshot, PortalDefaultPolicy, PortalDiscoveryFailure, PortalHttpAgentIdentity, PortalHttpApp, PortalHttpAppOptions, PortalMcpToolName, PortalServerAccess, PortalSession, PortalSessionManager, PortalSessionManagerOptions, PortalSessionRuntime, PortalToolAnnotations, PortalToolFailure, PortalToolHandlerCall, PortalToolHandlers, PortalToolRecord, PortalToolResult, PortalToolResultMap, PortalToolRuntime, PortalToolSelector, PortalToolSuccess, PortalValidationResult, RedactionOptions, RemoteUpstreamMcpServer, ResolveAgentHmacKeysProps, ResolvedPortalAccessPolicy, SchemaValidationUnavailableError, ScopedSkillGraphEntry, SearchIndex, SearchQuery, SearchResultSet, SignApprovalTokenProps, SkillGraphInput, StdioUpstreamMcpServer, ToolGraph, ToolGraphInput, ToolIdentity, ToolRef, ToolRelationship, ToolRelationshipEndpoint, ToolRelationshipHint, ToolRelationshipType, ToolSafetySummary, ToolSchemaSummary, ToolSearchResult, ToolSummary, UpstreamListToolsResult, UpstreamMcpClientLike, UpstreamMcpClientRuntime, UpstreamMcpCloseErrorContext, UpstreamMcpRuntimeOptions, UpstreamMcpTransportKind, UpstreamToolCall, VerifyApprovalTokenProps, VerifyApprovalTokenResult, assertJsonObject, buildToolGraph, buildZodValidatorFromJsonSchema, createPortalAgentIdentity, createPortalAgentRuntimeRecords, createPortalApprovalVerifier, createPortalHttpAgentResolver, createPortalHttpApp, createPortalMcpServer, createPortalSessionManager, createPortalToolHandlers, createSearchIndex, createToolSummary, createUpstreamMcpClientRuntime, decodeToolRef, encodeToolRef, generateTypescriptCatalogArtifact, hashCallArguments, isCredentialConfigKey, isJsonObject, jsonObjectSchema, jsonValueSchema, listPortalMcpTools, parseHmacKeysFromEnv, portalAgentScopeKey, portalHmacKeyEnvName, portalMcpToolNames, portalToolAnnotationsSchema, portalToolInputSchemas, portalToolRecordSchema, redactCredentialText, redactExactCredentialText, redactThrownError, redactUpstreamCatalogValue, redactUpstreamResponse, resolveAgentHmacKeys, resolvePortalAccessPolicy, safeToolMetadataSchema, signApprovalToken, summarizeJsonSchema, toRedactedJsonValue, validatePortalToolArguments, verifyApprovalToken };
-//# sourceMappingURL=index.d.ts.map
+import { a as safeToolMetadataSchema, c as JsonPrimitive, d as isJsonObject, f as jsonObjectSchema, i as portalToolRecordSchema, l as JsonValue, n as PortalToolRecord, o as JsonArray, p as jsonValueSchema, r as portalToolAnnotationsSchema, s as JsonObject, t as PortalToolAnnotations, u as assertJsonObject } from "./catalog-types-BVuB4Ynx.js";
+import { A as encodeToolRef, C as ToolRelationship, D as ToolIdentity, E as buildToolGraph, F as PortalToolSelector, I as ResolvedPortalAccessPolicy, L as createPortalAgentIdentity, M as PortalAgentIdentity, N as PortalAgentScopeSource, O as ToolRef, P as PortalDefaultPolicy, R as portalAgentScopeKey, S as ToolGraphInput, T as ToolRelationshipType, _ as createToolSummary, a as PortalSessionManagerOptions, b as SkillGraphInput, c as SearchIndex, d as ToolRelationshipHint, f as ToolSearchResult, g as ToolSummary, h as ToolSchemaSummary, i as PortalSessionManager, j as PortalAccessPolicyConfig, k as decodeToolRef, l as SearchQuery, m as ToolSafetySummary, n as PortalDiscoveryFailure, o as PortalSessionRuntime, p as createSearchIndex, r as PortalSession, s as createPortalSessionManager, t as PortalCatalogSnapshot, u as SearchResultSet, v as summarizeJsonSchema, w as ToolRelationshipEndpoint, x as ToolGraph, y as ScopedSkillGraphEntry, z as resolvePortalAccessPolicy } from "./portal-session-DG2CUjIo.js";
+import { S as createUpstreamMcpClientRuntime, _ as UpstreamMcpProgress, a as redactThrownError, b as UpstreamToolCall, c as toRedactedJsonValue, d as RemoteUpstreamMcpServer, f as StdioUpstreamMcpServer, g as UpstreamMcpCloseErrorContext, h as UpstreamMcpClientRuntime, i as redactExactCredentialText, l as ListToolsCall, m as UpstreamMcpClientLike, n as isCredentialConfigKey, o as redactUpstreamCatalogValue, p as UpstreamListToolsResult, r as redactCredentialText, s as redactUpstreamResponse, t as RedactionOptions, u as NormalizedUpstreamMcpServer, v as UpstreamMcpRuntimeOptions, x as UpstreamToolEvent, y as UpstreamMcpTransportKind } from "./upstream-response-middleware-1MZnAD9C.js";
+import { a as SchemaValidationUnavailableError, i as PortalValidationResult, n as InputValidationError, o as buildZodValidatorFromJsonSchema, r as InputValidationIssue, t as BuiltZodValidator } from "./zod-schema-loader-DLGQpYFD.js";
+export { BuiltZodValidator, InputValidationError, InputValidationIssue, JsonArray, JsonObject, JsonPrimitive, JsonValue, ListToolsCall, NormalizedUpstreamMcpServer, PortalAccessPolicyConfig, PortalAgentIdentity, PortalAgentScopeSource, PortalCatalogSnapshot, PortalDefaultPolicy, PortalDiscoveryFailure, PortalSession, PortalSessionManager, PortalSessionManagerOptions, PortalSessionRuntime, PortalToolAnnotations, PortalToolRecord, PortalToolSelector, PortalValidationResult, RedactionOptions, RemoteUpstreamMcpServer, ResolvedPortalAccessPolicy, SchemaValidationUnavailableError, ScopedSkillGraphEntry, SearchIndex, SearchQuery, SearchResultSet, SkillGraphInput, StdioUpstreamMcpServer, ToolGraph, ToolGraphInput, ToolIdentity, ToolRef, ToolRelationship, ToolRelationshipEndpoint, ToolRelationshipHint, ToolRelationshipType, ToolSafetySummary, ToolSchemaSummary, ToolSearchResult, ToolSummary, UpstreamListToolsResult, UpstreamMcpClientLike, UpstreamMcpClientRuntime, UpstreamMcpCloseErrorContext, UpstreamMcpProgress, UpstreamMcpRuntimeOptions, UpstreamMcpTransportKind, UpstreamToolCall, UpstreamToolEvent, assertJsonObject, buildToolGraph, buildZodValidatorFromJsonSchema, createPortalAgentIdentity, createPortalSessionManager, createSearchIndex, createToolSummary, createUpstreamMcpClientRuntime, decodeToolRef, encodeToolRef, isCredentialConfigKey, isJsonObject, jsonObjectSchema, jsonValueSchema, portalAgentScopeKey, portalToolAnnotationsSchema, portalToolRecordSchema, redactCredentialText, redactExactCredentialText, redactThrownError, redactUpstreamCatalogValue, redactUpstreamResponse, resolvePortalAccessPolicy, safeToolMetadataSchema, summarizeJsonSchema, toRedactedJsonValue };

package/dist/index.js CHANGED Viewed

@@ -1,5 +1,4 @@
-import { a as portalToolRecordSchema, c as isJsonObject, i as portalToolAnnotationsSchema, l as jsonObjectSchema, n as decodeToolRef, o as safeToolMetadataSchema, r as encodeToolRef, s as assertJsonObject, t as generateTypescriptCatalogArtifact, u as jsonValueSchema } from "./typescript-artifact-BqU8okQy.js";
-import { A as verifyApprovalToken, C as summarizeJsonSchema, D as validatePortalToolArguments, E as resolvePortalAccessPolicy, M as portalHmacKeyEnvName, O as hashCallArguments, S as createToolSummary, T as portalAgentScopeKey, _ as createPortalMcpServer, a as redactThrownError, b as createPortalToolHandlers, c as toRedactedJsonValue, d as createSearchIndex, f as createPortalAgentRuntimeRecords, g as createPortalHttpApp, h as resolveAgentHmacKeys, i as redactExactCredentialText, j as parseHmacKeysFromEnv, k as signApprovalToken, l as createPortalSessionManager, m as createPortalHttpAgentResolver, n as isCredentialConfigKey, o as redactUpstreamCatalogValue, p as createPortalApprovalVerifier, r as redactCredentialText, s as redactUpstreamResponse, t as createUpstreamMcpClientRuntime, u as buildToolGraph, v as listPortalMcpTools, w as createPortalAgentIdentity, x as portalToolInputSchemas, y as portalMcpToolNames } from "./upstream-mcp-client-runtime-DiBCBsDj.js";
-import { t as buildZodValidatorFromJsonSchema } from "./zod-schema-loader-CDDtoRE1.js";
-import "./tool-vm-ihnzDyjJ.js";
-export { assertJsonObject, buildToolGraph, buildZodValidatorFromJsonSchema, createPortalAgentIdentity, createPortalAgentRuntimeRecords, createPortalApprovalVerifier, createPortalHttpAgentResolver, createPortalHttpApp, createPortalMcpServer, createPortalSessionManager, createPortalToolHandlers, createSearchIndex, createToolSummary, createUpstreamMcpClientRuntime, decodeToolRef, encodeToolRef, generateTypescriptCatalogArtifact, hashCallArguments, isCredentialConfigKey, isJsonObject, jsonObjectSchema, jsonValueSchema, listPortalMcpTools, parseHmacKeysFromEnv, portalAgentScopeKey, portalHmacKeyEnvName, portalMcpToolNames, portalToolAnnotationsSchema, portalToolInputSchemas, portalToolRecordSchema, redactCredentialText, redactExactCredentialText, redactThrownError, redactUpstreamCatalogValue, redactUpstreamResponse, resolveAgentHmacKeys, resolvePortalAccessPolicy, safeToolMetadataSchema, signApprovalToken, summarizeJsonSchema, toRedactedJsonValue, validatePortalToolArguments, verifyApprovalToken };
+import { a as portalToolRecordSchema, c as isJsonObject, i as portalToolAnnotationsSchema, l as jsonObjectSchema, n as decodeToolRef, o as safeToolMetadataSchema, r as encodeToolRef, s as assertJsonObject, t as buildZodValidatorFromJsonSchema, u as jsonValueSchema } from "./zod-schema-loader-yNekKNpm.js";
+import { a as redactUpstreamCatalogValue, c as createToolSummary, d as portalAgentScopeKey, f as resolvePortalAccessPolicy, i as redactThrownError, l as summarizeJsonSchema, n as redactCredentialText, o as redactUpstreamResponse, r as redactExactCredentialText, s as toRedactedJsonValue, t as isCredentialConfigKey, u as createPortalAgentIdentity } from "./upstream-response-middleware-BjUWZ2G8.js";
+import { i as createSearchIndex, n as createPortalSessionManager, r as buildToolGraph, t as createUpstreamMcpClientRuntime } from "./upstream-mcp-client-runtime-JlsfTm7_.js";
+export { assertJsonObject, buildToolGraph, buildZodValidatorFromJsonSchema, createPortalAgentIdentity, createPortalSessionManager, createSearchIndex, createToolSummary, createUpstreamMcpClientRuntime, decodeToolRef, encodeToolRef, isCredentialConfigKey, isJsonObject, jsonObjectSchema, jsonValueSchema, portalAgentScopeKey, portalToolAnnotationsSchema, portalToolRecordSchema, redactCredentialText, redactExactCredentialText, redactThrownError, redactUpstreamCatalogValue, redactUpstreamResponse, resolvePortalAccessPolicy, safeToolMetadataSchema, summarizeJsonSchema, toRedactedJsonValue };

package/dist/mcp-proxy/index.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { a as PortalCore, c as PortalCoreEvent, m as PortalCoreToolDescriptor, n as PortalAgentScope } from "../portal-core-CZQI7Ob6.js";
+import { a as createPortalApprovalVerifier, c as PortalAgentBearerAuth, d as PortalHttpAppOptions, f as PortalHttpAuditEvent, i as createPortalAgentRuntimeRecords, l as PortalHttpAgentIdentity, n as PortalApprovalAuditEvent, o as createPortalHttpAgentResolver, p as createPortalHttpApp, r as ResolveAgentHmacKeysProps, s as resolveAgentHmacKeys, t as PortalAgentRuntimeRecord, u as PortalHttpApp } from "../resolve-agent-identity-FQL02YdW.js";
+import { Tool } from "@modelcontextprotocol/sdk/types.js";
+import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+//#region src/mcp-proxy/portal-mcp-server.d.ts
+declare const portalMcpToolNames: readonly ["mcp_portal_list", "mcp_portal_search", "mcp_portal_describe", "mcp_portal_call"];
+type PortalMcpToolName = (typeof portalMcpToolNames)[number];
+declare function listPortalMcpTools(descriptors?: readonly PortalCoreToolDescriptor[]): readonly Tool[];
+declare function emitMcpProgress(props: {
+  readonly event: PortalCoreEvent;
+  readonly sendNotification: (notification: {
+    readonly method: 'notifications/message' | 'notifications/progress';
+    readonly params: Record<string, unknown>;
+  }) => Promise<void>;
+  readonly progressToken: number | string | undefined;
+}): Promise<void>;
+declare function createPortalMcpServer(props: {
+  readonly core: PortalCore;
+  readonly scope: PortalAgentScope;
+}): Server;
+//#endregion
+export { PortalAgentBearerAuth, PortalAgentRuntimeRecord, PortalApprovalAuditEvent, PortalHttpAgentIdentity, PortalHttpApp, PortalHttpAppOptions, PortalHttpAuditEvent, PortalMcpToolName, ResolveAgentHmacKeysProps, createPortalAgentRuntimeRecords, createPortalApprovalVerifier, createPortalHttpAgentResolver, createPortalHttpApp, createPortalMcpServer, emitMcpProgress, listPortalMcpTools, portalMcpToolNames, resolveAgentHmacKeys };
+//# sourceMappingURL=index.d.ts.map

package/dist/mcp-proxy/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","names":[],"sources":["../../src/mcp-proxy/portal-mcp-server.ts"],"mappings":";;;;;;cAmBa,kBAAA;AAAA,KAOD,iBAAA,WAA4B,kBAAA;AAAA,iBAQxB,kBAAA,CACf,WAAA,YAAuB,wBAAA,cACZ,IAAA;AAAA,iBA8EU,eAAA,CAAgB,KAAA;EAAA,SAC5B,KAAA,EAAO,eAAA;EAAA,SACP,gBAAA,GAAmB,YAAA;IAAA,SAClB,MAAA;IAAA,SACA,MAAA,EAAQ,MAAA;EAAA,MACZ,OAAA;EAAA,SACG,aAAA;AAAA,IACN,OAAA;AAAA,iBAuEY,qBAAA,CAAsB,KAAA;EAAA,SAC5B,IAAA,EAAM,UAAA;EAAA,SACN,KAAA,EAAO,gBAAA;AAAA,IACb,MAAA"}

package/dist/mcp-proxy/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { a as createPortalHttpApp, c as listPortalMcpTools, i as resolveAgentHmacKeys, l as portalMcpToolNames, n as createPortalApprovalVerifier, o as createPortalMcpServer, r as createPortalHttpAgentResolver, s as emitMcpProgress, t as createPortalAgentRuntimeRecords } from "../resolve-agent-identity-DnC_Pmnh.js";
2	+ export { createPortalAgentRuntimeRecords, createPortalApprovalVerifier, createPortalHttpAgentResolver, createPortalHttpApp, createPortalMcpServer, emitMcpProgress, listPortalMcpTools, portalMcpToolNames, resolveAgentHmacKeys };

package/dist/portal-auth/agent-bearer-token.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+//#region src/portal-auth/agent-bearer-token.d.ts
+interface DeriveAgentBearerTokenProps {
+  readonly agentId: string;
+  readonly credentialVersion: number;
+  readonly masterKey: Buffer;
+}
+interface VerifyAgentBearerAuthorizationProps extends DeriveAgentBearerTokenProps {
+  readonly authorizationHeader: string | undefined;
+}
+type VerifyAgentBearerAuthorizationResult = {
+  readonly ok: true;
+} | {
+  readonly ok: false;
+  readonly reason: 'malformed' | 'missing' | 'signature-mismatch';
+};
+declare function decodePortalMasterKey(encodedMasterKey: string): Buffer;
+declare function deriveAgentBearerToken(props: DeriveAgentBearerTokenProps): string;
+declare function formatMasterKeyFingerprint(masterKey: Buffer): string;
+declare function verifyAgentBearerAuthorization(props: VerifyAgentBearerAuthorizationProps): VerifyAgentBearerAuthorizationResult;
+//#endregion
+export { DeriveAgentBearerTokenProps, VerifyAgentBearerAuthorizationProps, VerifyAgentBearerAuthorizationResult, decodePortalMasterKey, deriveAgentBearerToken, formatMasterKeyFingerprint, verifyAgentBearerAuthorization };
+//# sourceMappingURL=agent-bearer-token.d.ts.map

package/dist/portal-auth/agent-bearer-token.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"agent-bearer-token.d.ts","names":[],"sources":["../../src/portal-auth/agent-bearer-token.ts"],"mappings":";UAEiB,2BAAA;EAAA,SACP,OAAA;EAAA,SACA,iBAAA;EAAA,SACA,SAAA,EAAW,MAAA;AAAA;AAAA,UAGJ,mCAAA,SAA4C,2BAAA;EAAA,SACnD,mBAAA;AAAA;AAAA,KAGE,oCAAA;EAAA,SACE,EAAA;AAAA;EAAA,SACA,EAAA;EAAA,SAAoB,MAAA;AAAA;AAAA,iBAMlB,qBAAA,CAAsB,gBAAA,WAA2B,MAAA;AAAA,iBAiBjD,sBAAA,CAAuB,KAAA,EAAO,2BAAA;AAAA,iBAM9B,0BAAA,CAA2B,SAAA,EAAW,MAAA;AAAA,iBAetC,8BAAA,CACf,KAAA,EAAO,mCAAA,GACL,oCAAA"}

package/dist/portal-auth/agent-bearer-token.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { i as verifyAgentBearerAuthorization, n as deriveAgentBearerToken, r as formatMasterKeyFingerprint, t as decodePortalMasterKey } from "../agent-bearer-token-DCtpDPCZ.js";
2	+ export { decodePortalMasterKey, deriveAgentBearerToken, formatMasterKeyFingerprint, verifyAgentBearerAuthorization };

package/dist/portal-auth/hmac-env.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+//#region src/portal-auth/hmac-env.d.ts
+declare function portalHmacKeyEnvName(agentId: string): string;
+declare function parseHmacKeysFromEnv(env: Readonly<Record<string, string | undefined>>): ReadonlyMap<string, Buffer>;
+//#endregion
+export { parseHmacKeysFromEnv, portalHmacKeyEnvName };
+//# sourceMappingURL=hmac-env.d.ts.map

package/dist/portal-auth/hmac-env.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"hmac-env.d.ts","names":[],"sources":["../../src/portal-auth/hmac-env.ts"],"mappings":";iBAGgB,oBAAA,CAAqB,OAAA;AAAA,iBAIrB,oBAAA,CACf,GAAA,EAAK,QAAA,CAAS,MAAA,gCACZ,WAAA,SAAoB,MAAA"}

package/dist/portal-auth/hmac-env.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { n as portalHmacKeyEnvName, t as parseHmacKeysFromEnv } from "../hmac-env-B4shpRRB.js";
2	+ export { parseHmacKeysFromEnv, portalHmacKeyEnvName };

package/dist/portal-auth/hmac-token.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+//#region src/portal-auth/hmac-token.d.ts
+interface ApprovalTokenCallDigest {
+  readonly argumentsHash: string;
+  readonly namespace: string;
+  readonly toolName: string;
+}
+interface SignApprovalTokenProps {
+  readonly agentId: string;
+  readonly calls: readonly ApprovalTokenCallDigest[];
+  readonly expiresAtMs: number;
+  readonly issuedAtMs?: number;
+  readonly jti?: string;
+  readonly key: Buffer;
+}
+interface VerifyApprovalTokenProps {
+  readonly agentId: string;
+  readonly calls: readonly ApprovalTokenCallDigest[];
+  readonly key: Buffer;
+  readonly consumeTokenId?: (jti: string, expiresAtMs: number) => {
+    readonly ok: true;
+  } | {
+    readonly ok: false;
+    readonly reason: 'replay-cache-full' | 'replayed';
+  };
+  readonly maxLifetimeMs?: number;
+  readonly nowMs: number;
+  readonly token: string;
+}
+type VerifyApprovalTokenResult = {
+  readonly ok: true;
+} | {
+  readonly ok: false;
+  readonly reason: 'agent-mismatch' | 'call-mismatch' | 'expired' | 'malformed' | 'replay-cache-full' | 'replayed' | 'signature-mismatch' | 'ttl-exceeded';
+};
+declare function hashCallArguments(args: unknown): string;
+declare function signApprovalToken(props: SignApprovalTokenProps): string;
+declare function verifyApprovalToken(props: VerifyApprovalTokenProps): VerifyApprovalTokenResult;
+//#endregion
+export { ApprovalTokenCallDigest, SignApprovalTokenProps, VerifyApprovalTokenProps, VerifyApprovalTokenResult, hashCallArguments, signApprovalToken, verifyApprovalToken };
+//# sourceMappingURL=hmac-token.d.ts.map

package/dist/portal-auth/hmac-token.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hmac-token.d.ts","names":[],"sources":["../../src/portal-auth/hmac-token.ts"],"mappings":";UAIiB,uBAAA;EAAA,SACP,aAAA;EAAA,SACA,SAAA;EAAA,SACA,QAAA;AAAA;AAAA,UAGO,sBAAA;EAAA,SACP,OAAA;EAAA,SACA,KAAA,WAAgB,uBAAA;EAAA,SAChB,WAAA;EAAA,SACA,UAAA;EAAA,SACA,GAAA;EAAA,SACA,GAAA,EAAK,MAAA;AAAA;AAAA,UAGE,wBAAA;EAAA,SACP,OAAA;EAAA,SACA,KAAA,WAAgB,uBAAA;EAAA,SAChB,GAAA,EAAK,MAAA;EAAA,SACL,cAAA,IACR,GAAA,UACA,WAAA;IAAA,SAEa,EAAA;EAAA;IAAA,SACA,EAAA;IAAA,SAAoB,MAAA;EAAA;EAAA,SACzB,aAAA;EAAA,SACA,KAAA;EAAA,SACA,KAAA;AAAA;AAAA,KAGE,yBAAA;EAAA,SACE,EAAA;AAAA;EAAA,SAEF,EAAA;EAAA,SACA,MAAA;AAAA;AAAA,iBAkDI,iBAAA,CAAkB,IAAA;AAAA,iBAIlB,iBAAA,CAAkB,KAAA,EAAO,sBAAA;AAAA,iBA6CzB,mBAAA,CAAoB,KAAA,EAAO,wBAAA,GAA2B,yBAAA"}

package/dist/portal-auth/hmac-token.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { n as signApprovalToken, r as verifyApprovalToken, t as hashCallArguments } from "../hmac-token-DBqWY3-w.js";
2	+ export { hashCallArguments, signApprovalToken, verifyApprovalToken };

package/dist/portal-config/index.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { n as PortalToolRecord } from "../catalog-types-BVuB4Ynx.js";
+import { a as SchemaValidationUnavailableError, i as PortalValidationResult, n as InputValidationError, o as buildZodValidatorFromJsonSchema, r as InputValidationIssue, t as BuiltZodValidator } from "../zod-schema-loader-DLGQpYFD.js";
+//#region src/portal-config/typescript-artifact.d.ts
+interface CatalogArtifactInput {
+  readonly tools: readonly PortalToolRecord[];
+}
+declare function generateTypescriptCatalogArtifact(input: CatalogArtifactInput): string;
+//#endregion
+export { BuiltZodValidator, CatalogArtifactInput, InputValidationError, InputValidationIssue, PortalValidationResult, SchemaValidationUnavailableError, buildZodValidatorFromJsonSchema, generateTypescriptCatalogArtifact };
+//# sourceMappingURL=index.d.ts.map

package/dist/portal-config/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","names":[],"sources":["../../src/portal-config/typescript-artifact.ts"],"mappings":";;;;UAKiB,oBAAA;EAAA,SACP,KAAA,WAAgB,gBAAA;AAAA;AAAA,iBAwBV,iCAAA,CAAkC,KAAA,EAAO,oBAAA"}