@atxp/server 0.2.21 → 0.3.0

package/dist/index.d.ts

@@ -1,5 +1,141 @@
-export * from './atxpServer.js';
-export * from './types.js';
-export * from './atxpContext.js';
-export * from './requirePayment.js';
-//# sourceMappingURL=index.d.ts.map
+import { Currency, Network, AuthorizationServerUrl, UrlString, Logger, OAuthDb, OAuthResourceClient, PaymentRequestData, TokenData, RequirePaymentConfig } from '@atxp/common';
+import { Router } from 'express';
+import { IncomingMessage, ServerResponse } from 'http';
+import { IncomingMessage as IncomingMessage$1 } from 'node:http';
+import { JSONRPCRequest } from '@modelcontextprotocol/sdk/types.js';
+
+type McpMethod = 'notifications/cancelled' | 'initialize' | 'ping' | 'notifications/progress' | 'resources/list' | 'resources/templates/list' | 'resources/read' | 'notifications/resources/list_changed' | 'resources/subscribe' | 'resources/unsubscribe' | 'notifications/resources/updated' | 'prompts/list' | 'prompts/get' | 'notifications/prompts/list_changed' | 'tools/list' | 'tools/call' | 'notifications/tools/list_changed' | 'logging/setLevel' | 'notifications/message' | 'sampling/createMessage' | 'elicitation/create' | 'completion/complete' | 'roots/list' | 'notifications/roots/list_changed';
+type McpName = string;
+type McpNamePattern = McpName | '*';
+type McpOperation = `${McpMethod}` | `${McpMethod}:${McpName}`;
+type McpOperationPattern = McpOperation | '*' | `${McpMethod}:*`;
+type RefundErrors = boolean | 'nonMcpOnly';
+type Charge = Omit<PaymentRequestData, 'resource' | 'resourceName' | 'iss'>;
+type ChargeResponse = {
+    success: boolean;
+    requiredPayment: PaymentRequestData | null;
+};
+type PaymentServer = {
+    charge: (args: Charge) => Promise<ChargeResponse>;
+    createPaymentRequest: (args: Charge) => Promise<string>;
+};
+type ATXPConfig = {
+    destination: string;
+    mountPath: string;
+    currency: Currency;
+    network: Network;
+    server: AuthorizationServerUrl;
+    payeeName: string;
+    resource: UrlString | null;
+    allowHttp: boolean;
+    logger: Logger;
+    oAuthDb: OAuthDb;
+    oAuthClient: OAuthResourceClient;
+    paymentServer: PaymentServer;
+};
+declare enum TokenProblem {
+    NO_TOKEN = "NO-TOKEN",
+    NON_BEARER_AUTH_HEADER = "NON-BEARER-AUTH-HEADER",
+    INVALID_TOKEN = "INVALID-TOKEN",
+    INVALID_AUDIENCE = "INVALID-AUDIENCE",
+    NON_SUFFICIENT_FUNDS = "NON-SUFFICIENT-FUNDS",
+    INTROSPECT_ERROR = "INTROSPECT-ERROR"
+}
+type TokenCheckPass = {
+    passes: true;
+    token: string;
+    data: TokenData;
+};
+type TokenCheckFail = {
+    passes: false;
+    problem: TokenProblem;
+    token: string | null;
+    data: TokenData | null;
+    resourceMetadataUrl: string | null;
+};
+type TokenCheck = TokenCheckPass | TokenCheckFail;
+type ProtectedResourceMetadata = {
+    resource: URL;
+    resource_name: string;
+    authorization_servers: string[];
+    bearer_methods_supported: string[];
+    scopes_supported: string[];
+};
+
+type RequiredATXPConfigFields = 'destination';
+type RequiredATXPConfig = Pick<ATXPConfig, RequiredATXPConfigFields>;
+type OptionalATXPConfig = Omit<ATXPConfig, RequiredATXPConfigFields>;
+type ATXPArgs = RequiredATXPConfig & Partial<OptionalATXPConfig>;
+type BuildableATXPConfigFields = 'oAuthDb' | 'oAuthClient' | 'paymentServer' | 'logger';
+declare const DEFAULT_CONFIG: Required<Omit<OptionalATXPConfig, BuildableATXPConfigFields>>;
+declare function buildServerConfig(args: ATXPArgs): ATXPConfig;
+declare function atxpServer(args: ATXPArgs): Router;
+
+declare function getATXPConfig(): ATXPConfig | null;
+declare function getATXPResource(): URL | null;
+declare function atxpAccountId(): string | null;
+declare function withATXPContext(config: ATXPConfig, resource: URL, tokenInfo: Pick<TokenCheck, 'token' | 'data'> | null, next: () => void): Promise<void>;
+
+/**
+ * Core platform-agnostic token checking logic
+ * Takes an authorization header string instead of platform-specific request objects
+ */
+declare function checkTokenCore(config: ATXPConfig, resourceURL: URL, authorizationHeader: string | null): Promise<TokenCheck>;
+
+/**
+ * Core platform-agnostic OAuth challenge response creation
+ * Returns the response data instead of writing to platform-specific response objects
+ */
+declare function createOAuthChallengeResponseCore(tokenCheck: TokenCheck): {
+    status: number;
+    headers: Record<string, string>;
+    body: string;
+} | null;
+
+/**
+ * Core platform-agnostic MCP request parsing logic
+ * Takes parsed JSON and request metadata instead of platform-specific request objects
+ */
+declare function parseMcpRequestsCore(config: ATXPConfig, requestUrl: URL, method: string, parsedBody: unknown): any[];
+
+/**
+ * Node.js HTTP implementation of token checking
+ * Extracts data from Node.js IncomingMessage and delegates to core logic
+ */
+declare function checkToken(config: ATXPConfig, resourceURL: URL, req: IncomingMessage): Promise<TokenCheck>;
+
+/**
+ * Node.js HTTP implementation of OAuth challenge sending
+ * Uses Node.js ServerResponse and delegates to core logic
+ */
+declare function sendOAuthChallenge(res: ServerResponse, tokenCheck: TokenCheck): boolean;
+
+/**
+ * Node.js HTTP implementation of MCP request parsing
+ * Handles Node.js IncomingMessage parsing and delegates to core logic
+ */
+declare function parseMcpRequests(config: ATXPConfig, requestUrl: URL, req: IncomingMessage$1, parsedBody?: unknown): Promise<JSONRPCRequest[]>;
+declare function parseBody(req: IncomingMessage$1, logger: Logger): Promise<unknown>;
+
+/**
+ * Web API implementation of token checking for Cloudflare Workers, Deno, etc.
+ * Extracts data from Web API Request and delegates to core logic
+ */
+declare function checkTokenWebApi(config: ATXPConfig, resourceURL: URL, request: Request): Promise<TokenCheck>;
+
+/**
+ * Web API implementation of OAuth challenge sending for Cloudflare Workers, Deno, etc.
+ * Uses Web API Response and delegates to core logic
+ */
+declare function sendOAuthChallengeWebApi(tokenCheck: TokenCheck): Response | null;
+
+/**
+ * Web API implementation of MCP request parsing for Cloudflare Workers, Deno, etc.
+ * Handles Web API Request parsing and delegates to core logic
+ */
+declare function parseMcpRequestsWebApi(config: ATXPConfig, request: Request): Promise<any[]>;
+
+declare function requirePayment(paymentConfig: RequirePaymentConfig): Promise<void>;
+
+export { DEFAULT_CONFIG, TokenProblem, atxpAccountId, atxpServer, buildServerConfig, checkToken, checkTokenCore, checkTokenWebApi, createOAuthChallengeResponseCore, getATXPConfig, getATXPResource, parseBody, parseMcpRequests, parseMcpRequestsCore, parseMcpRequestsWebApi, requirePayment, sendOAuthChallenge, sendOAuthChallengeWebApi, withATXPContext };
+export type { ATXPArgs, ATXPConfig, Charge, ChargeResponse, McpMethod, McpName, McpNamePattern, McpOperation, McpOperationPattern, PaymentServer, ProtectedResourceMetadata, RefundErrors, TokenCheck, TokenCheckFail, TokenCheckPass };