@bluealba/pae-core 5.7.0-develop-462 → 5.7.0-develop-478
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/package.json +1 -1
- package/dist/src/catalog/entities/module-metadata/mcp-config.interface.d.ts +33 -1
- package/dist/src/catalog/entities/module-metadata/mcp-config.interface.d.ts.map +1 -1
- package/dist/src/catalog/entities/module-metadata/mcp-config.interface.js.map +1 -1
- package/package.json +1 -1
package/dist/package.json
CHANGED
|
@@ -3,6 +3,26 @@
|
|
|
3
3
|
* the gateway. Branches the OAuth 2.1 Resource Server behaviour.
|
|
4
4
|
*/
|
|
5
5
|
export declare const MCP_MODULE_TYPE: "mcp";
|
|
6
|
+
/**
|
|
7
|
+
* Declarative RBAC rule for a single MCP tool. Binds a tool (matched by its
|
|
8
|
+
* exact `name`, i.e. the `params.name` of a `tools/call`) to the platform
|
|
9
|
+
* operations a user must hold for the gateway to expose it in `tools/list` and
|
|
10
|
+
* allow its invocation.
|
|
11
|
+
*
|
|
12
|
+
* A tool with no matching rule is permissive (visible and callable) — this is
|
|
13
|
+
* the analogue of an undeclared route. Declare a rule to restrict a tool.
|
|
14
|
+
*/
|
|
15
|
+
export interface McpToolAuthorization {
|
|
16
|
+
/** Exact tool name to match (the `params.name` of a `tools/call`). */
|
|
17
|
+
tool: string;
|
|
18
|
+
/** Platform operations required to use this tool. */
|
|
19
|
+
operations: string[];
|
|
20
|
+
/**
|
|
21
|
+
* How `operations` are combined. `'AND'` (default) requires all of them;
|
|
22
|
+
* `'OR'` requires any one of them.
|
|
23
|
+
*/
|
|
24
|
+
operator?: 'AND' | 'OR';
|
|
25
|
+
}
|
|
6
26
|
/**
|
|
7
27
|
* Configuration for a module of type `'mcp'` (Model Context Protocol server)
|
|
8
28
|
* hosted behind the gateway. Drives the OAuth 2.1 Resource Server behaviour:
|
|
@@ -19,7 +39,12 @@ export interface McpResourceConfig {
|
|
|
19
39
|
audience?: string | string[];
|
|
20
40
|
/** Scopes advertised in the Protected Resource Metadata document. */
|
|
21
41
|
scopesSupported?: string[];
|
|
22
|
-
/**
|
|
42
|
+
/**
|
|
43
|
+
* Human-readable resource name advertised in the PRM (RFC 9728 `resource_name`,
|
|
44
|
+
* a display string for the end user — e.g. `'Acme MCP Server'`, not a slug).
|
|
45
|
+
* Optional: when omitted, the gateway falls back to the module's `displayName`.
|
|
46
|
+
* Set it only to advertise a name different from the module's display name.
|
|
47
|
+
*/
|
|
23
48
|
resourceName?: string;
|
|
24
49
|
/**
|
|
25
50
|
* Name of the `McpAuthServerProvider` to use for this resource. When omitted,
|
|
@@ -36,6 +61,13 @@ export interface McpResourceConfig {
|
|
|
36
61
|
* translated into `x-forwarded-user-operations` for downstream services.
|
|
37
62
|
*/
|
|
38
63
|
scopeOperationMap?: Record<string, string[]>;
|
|
64
|
+
/**
|
|
65
|
+
* Declarative RBAC rules for this server's tools. The gateway uses them to
|
|
66
|
+
* filter `tools/list` and to authorize `tools/call` against the requesting
|
|
67
|
+
* user's operations. Tools with no matching rule are permissive (visible and
|
|
68
|
+
* callable).
|
|
69
|
+
*/
|
|
70
|
+
tools?: McpToolAuthorization[];
|
|
39
71
|
}
|
|
40
72
|
/**
|
|
41
73
|
* Type guard: returns whether the given module is an MCP module.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp-config.interface.d.ts","sourceRoot":"","sources":["../../../../../src/catalog/entities/module-metadata/mcp-config.interface.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAG,KAAc,CAAC;AAE9C;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAE7B,qEAAqE;IACrE,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B
|
|
1
|
+
{"version":3,"file":"mcp-config.interface.d.ts","sourceRoot":"","sources":["../../../../../src/catalog/entities/module-metadata/mcp-config.interface.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAG,KAAc,CAAC;AAE9C;;;;;;;;GAQG;AACH,MAAM,WAAW,oBAAoB;IACnC,sEAAsE;IACtE,IAAI,EAAE,MAAM,CAAC;IAEb,qDAAqD;IACrD,UAAU,EAAE,MAAM,EAAE,CAAC;IAErB;;;OAGG;IACH,QAAQ,CAAC,EAAE,KAAK,GAAG,IAAI,CAAC;CACzB;AAED;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAE7B,qEAAqE;IACrE,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;;;;OAKG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B;;;OAGG;IACH,MAAM,EAAE,UAAU,CAAC;IAEnB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAE7C;;;;;OAKG;IACH,KAAK,CAAC,EAAE,oBAAoB,EAAE,CAAC;CAChC;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAEjF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp-config.interface.js","sourceRoot":"","sources":["../../../../../src/catalog/entities/module-metadata/mcp-config.interface.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"mcp-config.interface.js","sourceRoot":"","sources":["../../../../../src/catalog/entities/module-metadata/mcp-config.interface.ts"],"names":[],"mappings":";;;AAwFA,kCAEC;AA1FD;;;GAGG;AACU,QAAA,eAAe,GAAG,KAAc,CAAC;AA8E9C;;;;;GAKG;AACH,SAAgB,WAAW,CAAC,MAA4C;IACtE,OAAO,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,MAAK,uBAAe,CAAC;AAC1C,CAAC"}
|