@danyow/lark-mcp 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +62 -0
- package/LICENSE +9 -0
- package/README.md +215 -0
- package/README_ZH.md +212 -0
- package/dist/auth/config.d.ts +12 -0
- package/dist/auth/config.js +15 -0
- package/dist/auth/handler/handler-local.d.ts +21 -0
- package/dist/auth/handler/handler-local.js +123 -0
- package/dist/auth/handler/handler.d.ts +32 -0
- package/dist/auth/handler/handler.js +117 -0
- package/dist/auth/handler/index.d.ts +2 -0
- package/dist/auth/handler/index.js +18 -0
- package/dist/auth/index.d.ts +4 -0
- package/dist/auth/index.js +20 -0
- package/dist/auth/provider/index.d.ts +3 -0
- package/dist/auth/provider/index.js +19 -0
- package/dist/auth/provider/oauth.d.ts +18 -0
- package/dist/auth/provider/oauth.js +147 -0
- package/dist/auth/provider/oidc.d.ts +18 -0
- package/dist/auth/provider/oidc.js +172 -0
- package/dist/auth/provider/types.d.ts +8 -0
- package/dist/auth/provider/types.js +2 -0
- package/dist/auth/store.d.ts +39 -0
- package/dist/auth/store.js +213 -0
- package/dist/auth/types.d.ts +13 -0
- package/dist/auth/types.js +2 -0
- package/dist/auth/utils/encryption.d.ts +7 -0
- package/dist/auth/utils/encryption.js +40 -0
- package/dist/auth/utils/index.d.ts +3 -0
- package/dist/auth/utils/index.js +19 -0
- package/dist/auth/utils/is-token-valid.d.ts +7 -0
- package/dist/auth/utils/is-token-valid.js +28 -0
- package/dist/auth/utils/pkce.d.ts +6 -0
- package/dist/auth/utils/pkce.js +20 -0
- package/dist/auth/utils/storage-manager.d.ts +17 -0
- package/dist/auth/utils/storage-manager.js +135 -0
- package/dist/cli/index.d.ts +1 -0
- package/dist/cli/index.js +5 -0
- package/dist/cli/login-handler.d.ts +16 -0
- package/dist/cli/login-handler.js +142 -0
- package/dist/cli.d.ts +4 -0
- package/dist/cli.js +122 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.js +19 -0
- package/dist/mcp-server/index.d.ts +2 -0
- package/dist/mcp-server/index.js +18 -0
- package/dist/mcp-server/shared/index.d.ts +2 -0
- package/dist/mcp-server/shared/index.js +18 -0
- package/dist/mcp-server/shared/init.d.ts +10 -0
- package/dist/mcp-server/shared/init.js +121 -0
- package/dist/mcp-server/shared/types.d.ts +40 -0
- package/dist/mcp-server/shared/types.js +10 -0
- package/dist/mcp-server/transport/index.d.ts +3 -0
- package/dist/mcp-server/transport/index.js +19 -0
- package/dist/mcp-server/transport/sse.d.ts +2 -0
- package/dist/mcp-server/transport/sse.js +75 -0
- package/dist/mcp-server/transport/stdio.d.ts +2 -0
- package/dist/mcp-server/transport/stdio.js +36 -0
- package/dist/mcp-server/transport/streamable.d.ts +2 -0
- package/dist/mcp-server/transport/streamable.js +86 -0
- package/dist/mcp-server/transport/utils.d.ts +16 -0
- package/dist/mcp-server/transport/utils.js +34 -0
- package/dist/mcp-tool/constants.d.ts +49 -0
- package/dist/mcp-tool/constants.js +115 -0
- package/dist/mcp-tool/document-tool/index.d.ts +1 -0
- package/dist/mcp-tool/document-tool/index.js +17 -0
- package/dist/mcp-tool/document-tool/recall/index.d.ts +2 -0
- package/dist/mcp-tool/document-tool/recall/index.js +39 -0
- package/dist/mcp-tool/document-tool/recall/request.d.ts +2 -0
- package/dist/mcp-tool/document-tool/recall/request.js +25 -0
- package/dist/mcp-tool/document-tool/recall/type.d.ts +19 -0
- package/dist/mcp-tool/document-tool/recall/type.js +2 -0
- package/dist/mcp-tool/index.d.ts +5 -0
- package/dist/mcp-tool/index.js +21 -0
- package/dist/mcp-tool/mcp-tool.d.ts +52 -0
- package/dist/mcp-tool/mcp-tool.js +198 -0
- package/dist/mcp-tool/tools/en/builtin-tools/docx/builtin.d.ts +5 -0
- package/dist/mcp-tool/tools/en/builtin-tools/docx/builtin.js +219 -0
- package/dist/mcp-tool/tools/en/builtin-tools/drive/builtin.d.ts +4 -0
- package/dist/mcp-tool/tools/en/builtin-tools/drive/builtin.js +159 -0
- package/dist/mcp-tool/tools/en/builtin-tools/im/buildin.d.ts +4 -0
- package/dist/mcp-tool/tools/en/builtin-tools/im/buildin.js +63 -0
- package/dist/mcp-tool/tools/en/builtin-tools/index.d.ts +5 -0
- package/dist/mcp-tool/tools/en/builtin-tools/index.js +7 -0
- package/dist/mcp-tool/tools/en/gen-tools/index.d.ts +114 -0
- package/dist/mcp-tool/tools/en/gen-tools/index.js +129 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/acs_v1.d.ts +562 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/acs_v1.js +264 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/admin_v1.d.ts +912 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/admin_v1.js +449 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/aily_v1.d.ts +1213 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/aily_v1.js +560 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/apaas_v1.d.ts +2530 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/apaas_v1.js +949 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/application_v5.d.ts +80 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/application_v5.js +53 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/application_v6.d.ts +1008 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/application_v6.js +775 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/approval_v4.d.ts +3928 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/approval_v4.js +1602 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/attendance_v1.d.ts +6043 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/attendance_v1.js +1857 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/auth_v3.d.ts +151 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/auth_v3.js +71 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/authen_v1.d.ts +26 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/authen_v1.js +17 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/baike_v1.d.ts +2174 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/baike_v1.js +594 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/base_v2.d.ts +755 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/base_v2.js +234 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/bitable_v1.d.ts +3541 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/bitable_v1.js +1786 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/board_v1.d.ts +40 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/board_v1.js +18 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/calendar_v4.d.ts +2075 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/calendar_v4.js +1594 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/cardkit_v1.d.ts +528 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/cardkit_v1.js +260 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/compensation_v1.d.ts +189 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/compensation_v1.js +132 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/contact_v3.d.ts +4274 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/contact_v3.js +2583 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/corehr_v1.d.ts +16873 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/corehr_v1.js +5045 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/corehr_v2.d.ts +29387 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/corehr_v2.js +7787 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/directory_v1.d.ts +4274 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/directory_v1.js +1367 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/docs_v1.d.ts +58 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/docs_v1.js +28 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/docx_v1.d.ts +93466 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/docx_v1.js +14350 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/drive_v1.d.ts +3251 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/drive_v1.js +1422 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/drive_v2.d.ts +174 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/drive_v2.js +117 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/ehr_v1.d.ts +86 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/ehr_v1.js +48 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/event_v1.d.ts +44 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/event_v1.js +17 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/helpdesk_v1.d.ts +733 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/helpdesk_v1.js +285 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/hire_v1.d.ts +10076 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/hire_v1.js +6065 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/hire_v2.d.ts +158 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/hire_v2.js +61 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/human_authentication_v1.d.ts +70 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/human_authentication_v1.js +27 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/im_v1.d.ts +3043 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/im_v1.js +1869 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/im_v2.d.ts +2176 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/im_v2.js +460 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/lingo_v1.d.ts +2301 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/lingo_v1.js +669 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mail_v1.d.ts +2462 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mail_v1.js +1655 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mdm_v1.d.ts +104 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mdm_v1.js +45 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mdm_v3.d.ts +329 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/mdm_v3.js +78 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/minutes_v1.d.ts +92 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/minutes_v1.js +62 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/moments_v1.d.ts +52 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/moments_v1.js +24 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/okr_v1.d.ts +1628 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/okr_v1.js +434 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/optical_char_recognition_v1.d.ts +38 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/optical_char_recognition_v1.js +17 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/passport_v1.d.ts +131 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/passport_v1.js +59 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/payroll_v1.d.ts +333 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/payroll_v1.js +176 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/performance_v1.d.ts +309 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/performance_v1.js +178 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/performance_v2.d.ts +1177 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/performance_v2.js +559 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/personal_settings_v1.d.ts +640 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/personal_settings_v1.js +303 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/report_v1.d.ts +192 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/report_v1.js +71 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/search_v2.d.ts +1695 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/search_v2.js +446 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/security_and_compliance_v1.d.ts +68 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/security_and_compliance_v1.js +32 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/sheets_v2.d.ts +523 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/sheets_v2.js +231 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/sheets_v3.d.ts +979 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/sheets_v3.js +721 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/speech_to_text_v1.d.ts +225 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/speech_to_text_v1.js +65 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/task_v1.d.ts +1161 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/task_v1.js +672 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/task_v2.d.ts +6051 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/task_v2.js +1970 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/tenant_v2.d.ts +31 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/tenant_v2.js +24 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/translation_v1.d.ts +80 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/translation_v1.js +37 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/trust_party_v1.d.ts +182 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/trust_party_v1.js +141 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/vc_v1.d.ts +5725 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/vc_v1.js +1751 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/verification_v1.d.ts +21 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/verification_v1.js +14 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/wiki_v1.d.ts +72 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/wiki_v1.js +19 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/wiki_v2.d.ts +843 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/wiki_v2.js +381 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/workplace_v1.d.ts +116 -0
- package/dist/mcp-tool/tools/en/gen-tools/zod/workplace_v1.js +77 -0
- package/dist/mcp-tool/tools/index.d.ts +104 -0
- package/dist/mcp-tool/tools/index.js +9 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/docx/builtin.d.ts +5 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/docx/builtin.js +198 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/drive/builtin.d.ts +4 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/drive/builtin.js +159 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/im/buildin.d.ts +4 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/im/buildin.js +63 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/index.d.ts +5 -0
- package/dist/mcp-tool/tools/zh/builtin-tools/index.js +7 -0
- package/dist/mcp-tool/tools/zh/gen-tools/index.d.ts +114 -0
- package/dist/mcp-tool/tools/zh/gen-tools/index.js +129 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/acs_v1.d.ts +562 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/acs_v1.js +277 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/admin_v1.d.ts +912 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/admin_v1.js +430 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/aily_v1.d.ts +1213 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/aily_v1.js +541 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/apaas_v1.d.ts +2530 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/apaas_v1.js +885 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/application_v5.d.ts +80 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/application_v5.js +59 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/application_v6.d.ts +1007 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/application_v6.js +721 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/approval_v4.d.ts +3928 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/approval_v4.js +1532 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/attendance_v1.d.ts +6043 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/attendance_v1.js +1620 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/auth_v3.d.ts +151 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/auth_v3.js +87 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/authen_v1.d.ts +26 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/authen_v1.js +17 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/baike_v1.d.ts +2174 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/baike_v1.js +574 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/base_v2.d.ts +755 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/base_v2.js +270 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/bitable_v1.d.ts +3541 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/bitable_v1.js +1864 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/board_v1.d.ts +40 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/board_v1.js +18 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/calendar_v4.d.ts +2075 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/calendar_v4.js +1533 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/cardkit_v1.d.ts +528 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/cardkit_v1.js +248 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/compensation_v1.d.ts +189 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/compensation_v1.js +130 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/contact_v3.d.ts +4274 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/contact_v3.js +2394 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/corehr_v1.d.ts +16957 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/corehr_v1.js +4753 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/corehr_v2.d.ts +29869 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/corehr_v2.js +7902 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/directory_v1.d.ts +4324 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/directory_v1.js +1340 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/docs_v1.d.ts +58 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/docs_v1.js +26 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/docx_v1.d.ts +116719 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/docx_v1.js +14949 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/drive_v1.d.ts +3251 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/drive_v1.js +1395 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/drive_v2.d.ts +174 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/drive_v2.js +115 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/ehr_v1.d.ts +86 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/ehr_v1.js +48 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/event_v1.d.ts +44 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/event_v1.js +25 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/helpdesk_v1.d.ts +733 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/helpdesk_v1.js +279 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/hire_v1.d.ts +10085 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/hire_v1.js +5787 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/hire_v2.d.ts +158 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/hire_v2.js +64 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/human_authentication_v1.d.ts +70 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/human_authentication_v1.js +27 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/im_v1.d.ts +3043 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/im_v1.js +1812 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/im_v2.d.ts +2176 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/im_v2.js +454 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/lingo_v1.d.ts +2301 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/lingo_v1.js +650 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mail_v1.d.ts +2465 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mail_v1.js +1467 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mdm_v1.d.ts +104 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mdm_v1.js +45 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mdm_v3.d.ts +329 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/mdm_v3.js +76 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/minutes_v1.d.ts +92 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/minutes_v1.js +62 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/moments_v1.d.ts +52 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/moments_v1.js +20 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/okr_v1.d.ts +1664 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/okr_v1.js +455 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/optical_char_recognition_v1.d.ts +38 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/optical_char_recognition_v1.js +17 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/passport_v1.d.ts +131 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/passport_v1.js +53 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/payroll_v1.d.ts +609 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/payroll_v1.js +321 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/performance_v1.d.ts +309 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/performance_v1.js +165 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/performance_v2.d.ts +1177 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/performance_v2.js +525 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/personal_settings_v1.d.ts +640 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/personal_settings_v1.js +295 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/report_v1.d.ts +194 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/report_v1.js +72 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/search_v2.d.ts +1695 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/search_v2.js +556 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/security_and_compliance_v1.d.ts +68 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/security_and_compliance_v1.js +32 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/sheets_v2.d.ts +523 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/sheets_v2.js +231 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/sheets_v3.d.ts +979 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/sheets_v3.js +821 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/speech_to_text_v1.d.ts +225 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/speech_to_text_v1.js +65 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/task_v1.d.ts +1161 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/task_v1.js +647 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/task_v2.d.ts +6077 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/task_v2.js +1894 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/tenant_v2.d.ts +31 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/tenant_v2.js +24 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/translation_v1.d.ts +80 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/translation_v1.js +37 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/trust_party_v1.d.ts +182 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/trust_party_v1.js +137 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/vc_v1.d.ts +5725 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/vc_v1.js +1640 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/verification_v1.d.ts +21 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/verification_v1.js +14 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/wiki_v1.d.ts +72 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/wiki_v1.js +34 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/wiki_v2.d.ts +843 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/wiki_v2.js +376 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/workplace_v1.d.ts +116 -0
- package/dist/mcp-tool/tools/zh/gen-tools/zod/workplace_v1.js +77 -0
- package/dist/mcp-tool/types/index.d.ts +53 -0
- package/dist/mcp-tool/types/index.js +9 -0
- package/dist/mcp-tool/utils/case-transf.d.ts +2 -0
- package/dist/mcp-tool/utils/case-transf.js +15 -0
- package/dist/mcp-tool/utils/filter-tools.d.ts +2 -0
- package/dist/mcp-tool/utils/filter-tools.js +27 -0
- package/dist/mcp-tool/utils/get-should-use-uat.d.ts +2 -0
- package/dist/mcp-tool/utils/get-should-use-uat.js +18 -0
- package/dist/mcp-tool/utils/handler.d.ts +2 -0
- package/dist/mcp-tool/utils/handler.js +119 -0
- package/dist/mcp-tool/utils/index.d.ts +4 -0
- package/dist/mcp-tool/utils/index.js +20 -0
- package/dist/utils/clean-env-args.d.ts +1 -0
- package/dist/utils/clean-env-args.js +12 -0
- package/dist/utils/constants.d.ts +18 -0
- package/dist/utils/constants.js +35 -0
- package/dist/utils/http-instance.d.ts +2 -0
- package/dist/utils/http-instance.js +21 -0
- package/dist/utils/logger.d.ts +22 -0
- package/dist/utils/logger.js +97 -0
- package/dist/utils/noop.d.ts +1 -0
- package/dist/utils/noop.js +6 -0
- package/dist/utils/parser-string-array.d.ts +1 -0
- package/dist/utils/parser-string-array.js +13 -0
- package/dist/utils/safe-json-parse.d.ts +1 -0
- package/dist/utils/safe-json-parse.js +14 -0
- package/dist/utils/version.d.ts +1 -0
- package/dist/utils/version.js +52 -0
- package/docs/recall-mcp/README.md +137 -0
- package/docs/recall-mcp/README_ZH.md +137 -0
- package/docs/reference/cli/cli-zh.md +92 -0
- package/docs/reference/cli/cli.md +92 -0
- package/docs/reference/tool-presets/presets-zh.md +120 -0
- package/docs/reference/tool-presets/presets.md +120 -0
- package/docs/reference/tool-presets/tools-en.md +1527 -0
- package/docs/reference/tool-presets/tools-zh.md +1544 -0
- package/docs/troubleshooting/faq-zh.md +67 -0
- package/docs/troubleshooting/faq.md +67 -0
- package/docs/usage/configuration/configuration-zh.md +344 -0
- package/docs/usage/configuration/configuration.md +344 -0
- package/docs/usage/docker/docker-zh.md +101 -0
- package/docs/usage/docker/docker.md +106 -0
- package/package.json +65 -0
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { Express, Request, Response, NextFunction } from 'express';
|
|
2
|
+
import { LarkOIDC2OAuthServerProvider, LarkOAuth2OAuthServerProvider } from '../provider';
|
|
3
|
+
export interface LarkOAuthClientConfig {
|
|
4
|
+
port: number;
|
|
5
|
+
host: string;
|
|
6
|
+
domain: string;
|
|
7
|
+
appId: string;
|
|
8
|
+
appSecret: string;
|
|
9
|
+
scope?: string[];
|
|
10
|
+
}
|
|
11
|
+
export declare class LarkAuthHandler {
|
|
12
|
+
protected readonly app: Express;
|
|
13
|
+
protected readonly options: LarkOAuthClientConfig;
|
|
14
|
+
protected readonly provider: LarkOIDC2OAuthServerProvider | LarkOAuth2OAuthServerProvider;
|
|
15
|
+
get callbackUrl(): string;
|
|
16
|
+
get issuerUrl(): string;
|
|
17
|
+
constructor(app: Express, options: Partial<LarkOAuthClientConfig>);
|
|
18
|
+
protected callback(req: Request, res: Response): Promise<void>;
|
|
19
|
+
setupRoutes: () => void;
|
|
20
|
+
authenticateRequest(req: Request, res: Response, next: NextFunction): void;
|
|
21
|
+
refreshToken(accessToken: string): Promise<{
|
|
22
|
+
access_token: string;
|
|
23
|
+
token_type: string;
|
|
24
|
+
expires_in?: number | undefined;
|
|
25
|
+
scope?: string | undefined;
|
|
26
|
+
refresh_token?: string | undefined;
|
|
27
|
+
}>;
|
|
28
|
+
reAuthorize(accessToken?: string): Promise<{
|
|
29
|
+
accessToken: string;
|
|
30
|
+
authorizeUrl: string;
|
|
31
|
+
}>;
|
|
32
|
+
}
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LarkAuthHandler = void 0;
|
|
4
|
+
const bearerAuth_js_1 = require("@modelcontextprotocol/sdk/server/auth/middleware/bearerAuth.js");
|
|
5
|
+
const router_js_1 = require("@modelcontextprotocol/sdk/server/auth/router.js");
|
|
6
|
+
const provider_1 = require("../provider");
|
|
7
|
+
const store_1 = require("../store");
|
|
8
|
+
const pkce_1 = require("../utils/pkce");
|
|
9
|
+
const logger_1 = require("../../utils/logger");
|
|
10
|
+
class LarkAuthHandler {
|
|
11
|
+
get callbackUrl() {
|
|
12
|
+
return `http://${this.options.host}:${this.options.port}/callback`;
|
|
13
|
+
}
|
|
14
|
+
get issuerUrl() {
|
|
15
|
+
return `http://${this.options.host}:${this.options.port}`;
|
|
16
|
+
}
|
|
17
|
+
constructor(app, options) {
|
|
18
|
+
var _a;
|
|
19
|
+
this.app = app;
|
|
20
|
+
this.setupRoutes = () => {
|
|
21
|
+
logger_1.logger.info(`[LarkAuthHandler] setupRoutes: issuerUrl: ${this.issuerUrl}`);
|
|
22
|
+
this.app.use((0, router_js_1.mcpAuthRouter)({ provider: this.provider, issuerUrl: new URL(this.issuerUrl) }));
|
|
23
|
+
this.app.get('/callback', (req, res) => this.callback(req, res));
|
|
24
|
+
};
|
|
25
|
+
const { port, host, domain, appId, appSecret } = options;
|
|
26
|
+
if (!port || !host || !domain || !appId || !appSecret) {
|
|
27
|
+
throw new Error('[Lark MCP] appId, and appSecret are required');
|
|
28
|
+
}
|
|
29
|
+
this.options = options;
|
|
30
|
+
const params = {
|
|
31
|
+
domain,
|
|
32
|
+
host,
|
|
33
|
+
port,
|
|
34
|
+
appId,
|
|
35
|
+
appSecret,
|
|
36
|
+
callbackUrl: this.callbackUrl,
|
|
37
|
+
};
|
|
38
|
+
if (!((_a = this.options.scope) === null || _a === void 0 ? void 0 : _a.length)) {
|
|
39
|
+
this.provider = new provider_1.LarkOIDC2OAuthServerProvider(params);
|
|
40
|
+
}
|
|
41
|
+
else {
|
|
42
|
+
this.provider = new provider_1.LarkOAuth2OAuthServerProvider(params);
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
async callback(req, res) {
|
|
46
|
+
const redirectUri = req.query.redirect_uri;
|
|
47
|
+
const finalRedirectUri = new URL(redirectUri);
|
|
48
|
+
finalRedirectUri.searchParams.set('code', req.query.code);
|
|
49
|
+
finalRedirectUri.searchParams.set('state', req.query.state);
|
|
50
|
+
res.redirect(finalRedirectUri.toString());
|
|
51
|
+
if (req.query.state === 'reauthorize') {
|
|
52
|
+
if (!req.query.code || typeof req.query.code !== 'string') {
|
|
53
|
+
logger_1.logger.error(`[LarkAuthHandler] Failed to exchange authorization code: ${req.query.code}`);
|
|
54
|
+
res.end('error, failed to exchange authorization code, please try again');
|
|
55
|
+
return;
|
|
56
|
+
}
|
|
57
|
+
const codeVerifier = store_1.authStore.getCodeVerifier('reauthorize');
|
|
58
|
+
if (!codeVerifier) {
|
|
59
|
+
logger_1.logger.error(`[LarkAuthHandler] Code verifier not found`);
|
|
60
|
+
res.end('error: code_verifier not found, please try again');
|
|
61
|
+
return;
|
|
62
|
+
}
|
|
63
|
+
await this.provider.exchangeAuthorizationCode({ client_id: 'LOCAL', redirect_uris: [] }, req.query.code, codeVerifier, this.callbackUrl);
|
|
64
|
+
store_1.authStore.removeCodeVerifier('reauthorize');
|
|
65
|
+
logger_1.logger.info(`[LarkAuthHandler] callback: Successfully exchanged authorization code`);
|
|
66
|
+
res.end('success, you can close this page now');
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
authenticateRequest(req, res, next) {
|
|
70
|
+
(0, bearerAuth_js_1.requireBearerAuth)({ verifier: this.provider, requiredScopes: [] })(req, res, next);
|
|
71
|
+
}
|
|
72
|
+
async refreshToken(accessToken) {
|
|
73
|
+
var _a, _b;
|
|
74
|
+
const token = await store_1.authStore.getToken(accessToken);
|
|
75
|
+
if (!token) {
|
|
76
|
+
logger_1.logger.error(`[LarkAuthHandler] refreshToken: No local access token found`);
|
|
77
|
+
throw new Error('No local access token found');
|
|
78
|
+
}
|
|
79
|
+
if (!((_a = token.extra) === null || _a === void 0 ? void 0 : _a.refreshToken)) {
|
|
80
|
+
logger_1.logger.error(`[LarkAuthHandler] refreshToken: No refresh token found`);
|
|
81
|
+
throw new Error('No refresh token found');
|
|
82
|
+
}
|
|
83
|
+
const newToken = await this.provider.exchangeRefreshToken({ client_id: token.clientId, redirect_uris: [this.callbackUrl] }, (_b = token.extra) === null || _b === void 0 ? void 0 : _b.refreshToken, token.scopes);
|
|
84
|
+
logger_1.logger.info(`[LarkAuthHandler] refreshToken: Successfully refreshed token`);
|
|
85
|
+
await store_1.authStore.removeToken(accessToken);
|
|
86
|
+
return newToken;
|
|
87
|
+
}
|
|
88
|
+
async reAuthorize(accessToken) {
|
|
89
|
+
if (!accessToken) {
|
|
90
|
+
logger_1.logger.error(`[LarkAuthHandler] reAuthorize: Invalid access token, please reconnect the mcp server`);
|
|
91
|
+
throw new Error('Invalid access token, please reconnect the mcp server');
|
|
92
|
+
}
|
|
93
|
+
const token = await store_1.authStore.getToken(accessToken);
|
|
94
|
+
if (!token) {
|
|
95
|
+
logger_1.logger.error(`[LarkAuthHandler] reAuthorize: Invalid access token, please reconnect the mcp server`);
|
|
96
|
+
throw new Error('Invalid access token, please reconnect the mcp server');
|
|
97
|
+
}
|
|
98
|
+
const { clientId } = token;
|
|
99
|
+
const { codeVerifier, codeChallenge } = (0, pkce_1.generatePKCEPair)();
|
|
100
|
+
store_1.authStore.storeCodeVerifier('reauthorize', codeVerifier);
|
|
101
|
+
const authorizeUrl = new URL(`http://${this.options.host}:${this.options.port}/authorize`);
|
|
102
|
+
authorizeUrl.searchParams.set('client_id', clientId);
|
|
103
|
+
authorizeUrl.searchParams.set('response_type', 'code');
|
|
104
|
+
authorizeUrl.searchParams.set('code_challenge', codeChallenge);
|
|
105
|
+
authorizeUrl.searchParams.set('code_challenge_method', 'S256');
|
|
106
|
+
authorizeUrl.searchParams.set('redirect_uri', this.callbackUrl);
|
|
107
|
+
authorizeUrl.searchParams.set('state', 'reauthorize');
|
|
108
|
+
if (this.options.scope) {
|
|
109
|
+
authorizeUrl.searchParams.set('scope', this.options.scope.join(' '));
|
|
110
|
+
}
|
|
111
|
+
return {
|
|
112
|
+
accessToken: '',
|
|
113
|
+
authorizeUrl: authorizeUrl.toString(),
|
|
114
|
+
};
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
exports.LarkAuthHandler = LarkAuthHandler;
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./handler-local"), exports);
|
|
18
|
+
__exportStar(require("./handler"), exports);
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./provider"), exports);
|
|
18
|
+
__exportStar(require("./store"), exports);
|
|
19
|
+
__exportStar(require("./handler"), exports);
|
|
20
|
+
__exportStar(require("./utils"), exports);
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./oauth"), exports);
|
|
18
|
+
__exportStar(require("./oidc"), exports);
|
|
19
|
+
__exportStar(require("./types"), exports);
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { Response } from 'express';
|
|
2
|
+
import { OAuthRegisteredClientsStore } from '@modelcontextprotocol/sdk/server/auth/clients.js';
|
|
3
|
+
import { OAuthClientInformationFull, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
|
4
|
+
import { AuthorizationParams, OAuthServerProvider } from '@modelcontextprotocol/sdk/server/auth/provider.js';
|
|
5
|
+
import { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';
|
|
6
|
+
import { LarkProxyOAuthServerProviderOptions } from './types';
|
|
7
|
+
export declare class LarkOAuth2OAuthServerProvider implements OAuthServerProvider {
|
|
8
|
+
private readonly _endpoints;
|
|
9
|
+
private readonly _options;
|
|
10
|
+
skipLocalPkceValidation: boolean;
|
|
11
|
+
constructor(options: LarkProxyOAuthServerProviderOptions);
|
|
12
|
+
get clientsStore(): OAuthRegisteredClientsStore;
|
|
13
|
+
authorize(_client: OAuthClientInformationFull, params: AuthorizationParams, res: Response): Promise<void>;
|
|
14
|
+
challengeForAuthorizationCode(_client: OAuthClientInformationFull, _authorizationCode: string): Promise<string>;
|
|
15
|
+
exchangeAuthorizationCode(client: OAuthClientInformationFull, authorizationCode: string, codeVerifier?: string, redirectUri?: string): Promise<OAuthTokens>;
|
|
16
|
+
exchangeRefreshToken(client: OAuthClientInformationFull, refreshToken: string, scopes?: string[]): Promise<OAuthTokens>;
|
|
17
|
+
verifyAccessToken(token: string): Promise<AuthInfo>;
|
|
18
|
+
}
|
|
@@ -0,0 +1,147 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LarkOAuth2OAuthServerProvider = void 0;
|
|
4
|
+
const auth_js_1 = require("@modelcontextprotocol/sdk/shared/auth.js");
|
|
5
|
+
const store_1 = require("../store");
|
|
6
|
+
const is_token_valid_1 = require("../utils/is-token-valid");
|
|
7
|
+
const http_instance_1 = require("../../utils/http-instance");
|
|
8
|
+
const logger_1 = require("../../utils/logger");
|
|
9
|
+
class LarkOAuth2OAuthServerProvider {
|
|
10
|
+
constructor(options) {
|
|
11
|
+
this.skipLocalPkceValidation = true;
|
|
12
|
+
const { domain } = options;
|
|
13
|
+
this._endpoints = {
|
|
14
|
+
authorizationUrl: `${domain}/open-apis/authen/v1/authorize`,
|
|
15
|
+
tokenUrl: `${domain}/open-apis/authen/v2/oauth/token`,
|
|
16
|
+
registrationUrl: `${domain}/open-apis/authen/v1/index`,
|
|
17
|
+
};
|
|
18
|
+
this._options = options;
|
|
19
|
+
}
|
|
20
|
+
get clientsStore() {
|
|
21
|
+
return store_1.authStore;
|
|
22
|
+
}
|
|
23
|
+
async authorize(_client, params, res) {
|
|
24
|
+
var _a;
|
|
25
|
+
const targetUrl = new URL(this._endpoints.authorizationUrl);
|
|
26
|
+
const searchParams = new URLSearchParams({
|
|
27
|
+
client_id: this._options.appId,
|
|
28
|
+
response_type: 'code',
|
|
29
|
+
redirect_uri: this._options.callbackUrl + '?redirect_uri=' + _client.redirect_uris[0],
|
|
30
|
+
code_challenge: params.codeChallenge,
|
|
31
|
+
code_challenge_method: 'S256',
|
|
32
|
+
});
|
|
33
|
+
if (params.state) {
|
|
34
|
+
searchParams.set('state', params.state);
|
|
35
|
+
}
|
|
36
|
+
if ((_a = params.scopes) === null || _a === void 0 ? void 0 : _a.length) {
|
|
37
|
+
searchParams.set('scope', params.scopes.join(' '));
|
|
38
|
+
}
|
|
39
|
+
targetUrl.search = searchParams.toString();
|
|
40
|
+
logger_1.logger.info(`[LarkOAuth2OAuthServerProvider] Authorizing client ${_client.client_id} Redirecting to authorization URL: ${targetUrl.toString()}`);
|
|
41
|
+
res.redirect(targetUrl.toString());
|
|
42
|
+
}
|
|
43
|
+
async challengeForAuthorizationCode(_client, _authorizationCode) {
|
|
44
|
+
return '';
|
|
45
|
+
}
|
|
46
|
+
async exchangeAuthorizationCode(client, authorizationCode, codeVerifier, redirectUri) {
|
|
47
|
+
var _a, _b, _c, _d, _e;
|
|
48
|
+
const params = {
|
|
49
|
+
grant_type: 'authorization_code',
|
|
50
|
+
client_id: this._options.appId,
|
|
51
|
+
client_secret: this._options.appSecret,
|
|
52
|
+
code: authorizationCode,
|
|
53
|
+
redirect_uri: this._options.callbackUrl + '?redirect_uri=' + redirectUri,
|
|
54
|
+
code_verifier: codeVerifier,
|
|
55
|
+
};
|
|
56
|
+
try {
|
|
57
|
+
logger_1.logger.info(`[LarkOAuth2OAuthServerProvider] Exchanging authorization code for client ${client.client_id}; appId: ${this._options.appId}`);
|
|
58
|
+
const response = await http_instance_1.commonHttpInstance.post(this._endpoints.tokenUrl, params, {
|
|
59
|
+
headers: { 'Content-Type': 'application/json; charset=utf-8' },
|
|
60
|
+
});
|
|
61
|
+
const data = response.data;
|
|
62
|
+
const parseResult = auth_js_1.OAuthTokensSchema.safeParse(data);
|
|
63
|
+
if (!parseResult.success) {
|
|
64
|
+
throw new Error(`Token parse failed: invalid response: ${data === null || data === void 0 ? void 0 : data.code}, ${data === null || data === void 0 ? void 0 : data.msg}`);
|
|
65
|
+
}
|
|
66
|
+
const token = parseResult.data;
|
|
67
|
+
const expiresAt = token.expires_in ? token.expires_in + Date.now() / 1000 : undefined;
|
|
68
|
+
await store_1.authStore.storeToken({
|
|
69
|
+
clientId: client.client_id,
|
|
70
|
+
token: token.access_token,
|
|
71
|
+
scopes: ((_a = token.scope) === null || _a === void 0 ? void 0 : _a.split(' ')) || [],
|
|
72
|
+
expiresAt,
|
|
73
|
+
extra: {
|
|
74
|
+
token,
|
|
75
|
+
refreshToken: token.refresh_token,
|
|
76
|
+
appId: this._options.appId,
|
|
77
|
+
appSecret: this._options.appSecret,
|
|
78
|
+
},
|
|
79
|
+
});
|
|
80
|
+
logger_1.logger.info(`[LarkOAuth2OAuthServerProvider] Successfully exchanged authorization code for client ${client.client_id}; appId: ${this._options.appId}; token: ${Boolean(token.access_token)}; refreshToken: ${Boolean(token.refresh_token)};expiresAt: ${expiresAt} `);
|
|
81
|
+
return token;
|
|
82
|
+
}
|
|
83
|
+
catch (error) {
|
|
84
|
+
logger_1.logger.error(`[LarkOAuth2OAuthServerProvider] Token exchange failed: ${((_b = error.response) === null || _b === void 0 ? void 0 : _b.status) || error.status} ${((_c = error.response) === null || _c === void 0 ? void 0 : _c.data) || error.message}`);
|
|
85
|
+
throw new Error(`Token exchange failed: ${((_d = error.response) === null || _d === void 0 ? void 0 : _d.status) || error.status} ${((_e = error.response) === null || _e === void 0 ? void 0 : _e.data) || error.message}`);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
async exchangeRefreshToken(client, refreshToken, scopes) {
|
|
89
|
+
var _a, _b, _c, _d, _e, _f, _g;
|
|
90
|
+
const originalToken = await store_1.authStore.getTokenByRefreshToken(refreshToken);
|
|
91
|
+
if (!originalToken) {
|
|
92
|
+
logger_1.logger.error(`[LarkOAuth2OAuthServerProvider] refresh token is invalid, cannot get original token`);
|
|
93
|
+
throw new Error('refresh token is invalid');
|
|
94
|
+
}
|
|
95
|
+
const appId = ((_a = originalToken.extra) === null || _a === void 0 ? void 0 : _a.app_id) || this._options.appId;
|
|
96
|
+
const appSecret = ((_b = originalToken.extra) === null || _b === void 0 ? void 0 : _b.app_secret) || this._options.appSecret;
|
|
97
|
+
const params = {
|
|
98
|
+
grant_type: 'refresh_token',
|
|
99
|
+
client_id: appId,
|
|
100
|
+
client_secret: appSecret,
|
|
101
|
+
refresh_token: refreshToken,
|
|
102
|
+
};
|
|
103
|
+
if (scopes === null || scopes === void 0 ? void 0 : scopes.length) {
|
|
104
|
+
params.scope = scopes.join(' ');
|
|
105
|
+
}
|
|
106
|
+
try {
|
|
107
|
+
logger_1.logger.info(`[LarkOAuth2OAuthServerProvider] Refreshing token for client ${client.client_id}; appId: ${appId}`);
|
|
108
|
+
const response = await http_instance_1.commonHttpInstance.post(this._endpoints.tokenUrl, params, {
|
|
109
|
+
headers: { 'Content-Type': 'application/json; charset=utf-8' },
|
|
110
|
+
});
|
|
111
|
+
const data = response.data;
|
|
112
|
+
const parseResult = auth_js_1.OAuthTokensSchema.safeParse(data);
|
|
113
|
+
if (!parseResult.success) {
|
|
114
|
+
throw new Error(`Token parse failed: invalid response: ${data === null || data === void 0 ? void 0 : data.code}, ${data === null || data === void 0 ? void 0 : data.msg}`);
|
|
115
|
+
}
|
|
116
|
+
const token = parseResult.data;
|
|
117
|
+
const expiresAt = token.expires_in ? token.expires_in + Date.now() / 1000 : undefined;
|
|
118
|
+
await store_1.authStore.storeToken({
|
|
119
|
+
clientId: client.client_id,
|
|
120
|
+
token: token.access_token,
|
|
121
|
+
scopes: ((_c = token.scope) === null || _c === void 0 ? void 0 : _c.split(' ')) || [],
|
|
122
|
+
expiresAt,
|
|
123
|
+
extra: { refreshToken: token.refresh_token, token, appId, appSecret },
|
|
124
|
+
});
|
|
125
|
+
logger_1.logger.info(`[LarkOAuth2OAuthServerProvider] Successfully refreshed token for client ${client.client_id}; appId: ${appId}; token: ${Boolean(token.access_token)}; refreshToken: ${Boolean(token.refresh_token)};expiresAt: ${expiresAt}`);
|
|
126
|
+
return token;
|
|
127
|
+
}
|
|
128
|
+
catch (error) {
|
|
129
|
+
logger_1.logger.error(`[LarkOAuth2OAuthServerProvider] Token refresh failed: ${((_d = error.response) === null || _d === void 0 ? void 0 : _d.status) || error.status} ${((_e = error.response) === null || _e === void 0 ? void 0 : _e.data) || error.message}`);
|
|
130
|
+
throw new Error(`Token refresh failed: ${((_f = error.response) === null || _f === void 0 ? void 0 : _f.status) || error.status} ${((_g = error.response) === null || _g === void 0 ? void 0 : _g.data) || error.message}`);
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
async verifyAccessToken(token) {
|
|
134
|
+
const { valid, token: storedToken } = await (0, is_token_valid_1.isTokenValid)(token);
|
|
135
|
+
if (!valid) {
|
|
136
|
+
return {
|
|
137
|
+
token: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.token) || '',
|
|
138
|
+
clientId: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.clientId) || '',
|
|
139
|
+
scopes: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.scopes) || [],
|
|
140
|
+
expiresAt: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.expiresAt) || 1,
|
|
141
|
+
extra: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.extra) || {},
|
|
142
|
+
};
|
|
143
|
+
}
|
|
144
|
+
return storedToken;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
exports.LarkOAuth2OAuthServerProvider = LarkOAuth2OAuthServerProvider;
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { Response } from 'express';
|
|
2
|
+
import { OAuthRegisteredClientsStore } from '@modelcontextprotocol/sdk/server/auth/clients.js';
|
|
3
|
+
import { OAuthClientInformationFull, OAuthTokens } from '@modelcontextprotocol/sdk/shared/auth.js';
|
|
4
|
+
import { AuthorizationParams, OAuthServerProvider } from '@modelcontextprotocol/sdk/server/auth/provider.js';
|
|
5
|
+
import { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';
|
|
6
|
+
import { LarkProxyOAuthServerProviderOptions } from './types';
|
|
7
|
+
export declare class LarkOIDC2OAuthServerProvider implements OAuthServerProvider {
|
|
8
|
+
private readonly _endpoints;
|
|
9
|
+
private readonly _options;
|
|
10
|
+
skipLocalPkceValidation: boolean;
|
|
11
|
+
constructor(options: LarkProxyOAuthServerProviderOptions);
|
|
12
|
+
get clientsStore(): OAuthRegisteredClientsStore;
|
|
13
|
+
authorize(client: OAuthClientInformationFull, params: AuthorizationParams, res: Response): Promise<void>;
|
|
14
|
+
challengeForAuthorizationCode(_client: OAuthClientInformationFull, _authorizationCode: string): Promise<string>;
|
|
15
|
+
exchangeAuthorizationCode(client: OAuthClientInformationFull, authorizationCode: string, codeVerifier?: string, _redirectUri?: string): Promise<OAuthTokens>;
|
|
16
|
+
exchangeRefreshToken(client: OAuthClientInformationFull, refreshToken: string, _scopes?: string[]): Promise<OAuthTokens>;
|
|
17
|
+
verifyAccessToken(token: string): Promise<AuthInfo>;
|
|
18
|
+
}
|
|
@@ -0,0 +1,172 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LarkOIDC2OAuthServerProvider = void 0;
|
|
4
|
+
const store_1 = require("../store");
|
|
5
|
+
const is_token_valid_1 = require("../utils/is-token-valid");
|
|
6
|
+
const pkce_1 = require("../utils/pkce");
|
|
7
|
+
const zod_1 = require("zod");
|
|
8
|
+
const http_instance_1 = require("../../utils/http-instance");
|
|
9
|
+
const logger_1 = require("../../utils/logger");
|
|
10
|
+
const LarkOIDCTokenSchema = zod_1.z.object({
|
|
11
|
+
code: zod_1.z.number(),
|
|
12
|
+
msg: zod_1.z.string().optional(),
|
|
13
|
+
data: zod_1.z.object({
|
|
14
|
+
access_token: zod_1.z.string(),
|
|
15
|
+
token_type: zod_1.z.string(),
|
|
16
|
+
refresh_token: zod_1.z.string().optional(),
|
|
17
|
+
expires_in: zod_1.z.number().optional(),
|
|
18
|
+
refresh_expires_in: zod_1.z.number().optional(),
|
|
19
|
+
scope: zod_1.z.string().optional(),
|
|
20
|
+
}),
|
|
21
|
+
});
|
|
22
|
+
class LarkOIDC2OAuthServerProvider {
|
|
23
|
+
constructor(options) {
|
|
24
|
+
this.skipLocalPkceValidation = true;
|
|
25
|
+
const { domain } = options;
|
|
26
|
+
this._endpoints = {
|
|
27
|
+
appAccessTokenUrl: `${domain}/open-apis/auth/v3/app_access_token/internal`,
|
|
28
|
+
authorizationUrl: `${domain}/open-apis/authen/v1/index`,
|
|
29
|
+
tokenUrl: `${domain}/open-apis/authen/v1/oidc/access_token`,
|
|
30
|
+
refreshTokenUrl: `${domain}/open-apis/authen/v1/oidc/refresh_access_token`,
|
|
31
|
+
registrationUrl: `${domain}/open-apis/authen/v1/index`,
|
|
32
|
+
};
|
|
33
|
+
this._options = options;
|
|
34
|
+
}
|
|
35
|
+
get clientsStore() {
|
|
36
|
+
return store_1.authStore;
|
|
37
|
+
}
|
|
38
|
+
async authorize(client, params, res) {
|
|
39
|
+
const targetUrl = new URL(this._endpoints.authorizationUrl);
|
|
40
|
+
const searchParams = new URLSearchParams({
|
|
41
|
+
app_id: this._options.appId,
|
|
42
|
+
redirect_uri: this._options.callbackUrl + '?redirect_uri=' + client.redirect_uris[0],
|
|
43
|
+
});
|
|
44
|
+
if (params.state) {
|
|
45
|
+
searchParams.set('state', params.state);
|
|
46
|
+
}
|
|
47
|
+
if (params.codeChallenge) {
|
|
48
|
+
store_1.authStore.storeCodeVerifier(`challenge_${client.client_id}`, params.codeChallenge);
|
|
49
|
+
}
|
|
50
|
+
targetUrl.search = searchParams.toString();
|
|
51
|
+
logger_1.logger.info(`[LarkOIDC2OAuthServerProvider] Redirecting to authorization URL: ${targetUrl.toString()}`);
|
|
52
|
+
res.redirect(targetUrl.toString());
|
|
53
|
+
}
|
|
54
|
+
async challengeForAuthorizationCode(_client, _authorizationCode) {
|
|
55
|
+
return '';
|
|
56
|
+
}
|
|
57
|
+
async exchangeAuthorizationCode(client, authorizationCode, codeVerifier, _redirectUri) {
|
|
58
|
+
var _a, _b, _c, _d, _e;
|
|
59
|
+
if (codeVerifier) {
|
|
60
|
+
const storedChallenge = store_1.authStore.getCodeVerifier(`challenge_${client.client_id}`);
|
|
61
|
+
if (!storedChallenge) {
|
|
62
|
+
logger_1.logger.error(`[LarkOIDC2OAuthServerProvider] exchangeAuthorizationCode: PKCE validation failed: code challenge not found`);
|
|
63
|
+
throw new Error('PKCE validation failed: code challenge not found');
|
|
64
|
+
}
|
|
65
|
+
const expectedChallenge = (0, pkce_1.generateCodeChallenge)(codeVerifier);
|
|
66
|
+
if (expectedChallenge !== storedChallenge) {
|
|
67
|
+
logger_1.logger.error(`[LarkOIDC2OAuthServerProvider] exchangeAuthorizationCode: PKCE validation failed: code verifier does not match challenge`);
|
|
68
|
+
throw new Error('PKCE validation failed: code verifier does not match challenge');
|
|
69
|
+
}
|
|
70
|
+
store_1.authStore.removeCodeVerifier(`challenge_${client.client_id}`);
|
|
71
|
+
}
|
|
72
|
+
const params = {
|
|
73
|
+
grant_type: 'authorization_code',
|
|
74
|
+
code: authorizationCode,
|
|
75
|
+
};
|
|
76
|
+
try {
|
|
77
|
+
logger_1.logger.info(`[LarkOIDC2OAuthServerProvider] Exchanging authorization code for client ${client.client_id}; appId: ${this._options.appId}`);
|
|
78
|
+
const appAccessTokenResponse = await http_instance_1.commonHttpInstance.post(this._endpoints.appAccessTokenUrl, { app_id: this._options.appId, app_secret: this._options.appSecret }, { headers: { 'Content-Type': 'application/json; charset=utf-8' } });
|
|
79
|
+
const { app_access_token: appAccessToken } = appAccessTokenResponse.data;
|
|
80
|
+
const response = await http_instance_1.commonHttpInstance.post(this._endpoints.tokenUrl, params, {
|
|
81
|
+
headers: { 'Content-Type': 'application/json; charset=utf-8', Authorization: `Bearer ${appAccessToken}` },
|
|
82
|
+
});
|
|
83
|
+
const data = response.data;
|
|
84
|
+
const parseResult = LarkOIDCTokenSchema.safeParse(data);
|
|
85
|
+
if (!parseResult.success) {
|
|
86
|
+
throw new Error(`Token parse failed: invalid response: ${data === null || data === void 0 ? void 0 : data.code}, ${data === null || data === void 0 ? void 0 : data.msg}`);
|
|
87
|
+
}
|
|
88
|
+
const token = parseResult.data;
|
|
89
|
+
const expiresAt = token.data.expires_in ? token.data.expires_in + Date.now() / 1000 : undefined;
|
|
90
|
+
await store_1.authStore.storeToken({
|
|
91
|
+
clientId: client.client_id,
|
|
92
|
+
token: token.data.access_token,
|
|
93
|
+
scopes: ((_a = token.data.scope) === null || _a === void 0 ? void 0 : _a.split(' ')) || [],
|
|
94
|
+
expiresAt,
|
|
95
|
+
extra: {
|
|
96
|
+
refreshToken: token.data.refresh_token,
|
|
97
|
+
token,
|
|
98
|
+
appId: this._options.appId,
|
|
99
|
+
appSecret: this._options.appSecret,
|
|
100
|
+
},
|
|
101
|
+
});
|
|
102
|
+
logger_1.logger.info(`[LarkOIDC2OAuthServerProvider] Successfully exchanged authorization code for client ${client.client_id}; appId: ${this._options.appId}; token: ${Boolean(token.data.access_token)}; refreshToken: ${Boolean(token.data.refresh_token)};expiresAt: ${expiresAt}`);
|
|
103
|
+
return {
|
|
104
|
+
access_token: token.data.access_token,
|
|
105
|
+
token_type: token.data.token_type,
|
|
106
|
+
expires_in: token.data.expires_in,
|
|
107
|
+
scope: token.data.scope,
|
|
108
|
+
refresh_token: token.data.refresh_token,
|
|
109
|
+
};
|
|
110
|
+
}
|
|
111
|
+
catch (error) {
|
|
112
|
+
logger_1.logger.error(`[LarkOIDC2OAuthServerProvider] exchangeAuthorizationCode: Token exchange failed: ${((_b = error.response) === null || _b === void 0 ? void 0 : _b.status) || error.status} ${((_c = error.response) === null || _c === void 0 ? void 0 : _c.data) || error.message}`);
|
|
113
|
+
throw new Error(`Token exchange failed: ${((_d = error.response) === null || _d === void 0 ? void 0 : _d.status) || error.status} ${((_e = error.response) === null || _e === void 0 ? void 0 : _e.data) || error.message}`);
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
async exchangeRefreshToken(client, refreshToken, _scopes) {
|
|
117
|
+
var _a, _b, _c, _d, _e, _f, _g;
|
|
118
|
+
const originalToken = await store_1.authStore.getTokenByRefreshToken(refreshToken);
|
|
119
|
+
if (!originalToken) {
|
|
120
|
+
logger_1.logger.error(`[LarkOIDC2OAuthServerProvider] exchangeRefreshToken: Refresh token is invalid`);
|
|
121
|
+
throw new Error('refresh token is invalid');
|
|
122
|
+
}
|
|
123
|
+
const appId = ((_a = originalToken.extra) === null || _a === void 0 ? void 0 : _a.app_id) || this._options.appId;
|
|
124
|
+
const appSecret = ((_b = originalToken.extra) === null || _b === void 0 ? void 0 : _b.app_secret) || this._options.appSecret;
|
|
125
|
+
try {
|
|
126
|
+
logger_1.logger.info(`[LarkOIDC2OAuthServerProvider] Refreshing token for client ${client.client_id}`);
|
|
127
|
+
const appAccessTokenResponse = await http_instance_1.commonHttpInstance.post(this._endpoints.appAccessTokenUrl, { app_id: appId, app_secret: appSecret }, { headers: { 'Content-Type': 'application/json; charset=utf-8' } });
|
|
128
|
+
const { app_access_token: appAccessToken } = appAccessTokenResponse.data;
|
|
129
|
+
const response = await http_instance_1.commonHttpInstance.post(this._endpoints.refreshTokenUrl, { grant_type: 'refresh_token', refresh_token: refreshToken }, { headers: { 'Content-Type': 'application/json; charset=utf-8', Authorization: `Bearer ${appAccessToken}` } });
|
|
130
|
+
const data = response.data;
|
|
131
|
+
const parseResult = LarkOIDCTokenSchema.safeParse(data);
|
|
132
|
+
if (!parseResult.success) {
|
|
133
|
+
throw new Error(`Token parse failed: invalid response: ${data === null || data === void 0 ? void 0 : data.code}, ${data === null || data === void 0 ? void 0 : data.msg}`);
|
|
134
|
+
}
|
|
135
|
+
const token = parseResult.data;
|
|
136
|
+
const expiresAt = token.data.expires_in ? token.data.expires_in + Date.now() / 1000 : undefined;
|
|
137
|
+
await store_1.authStore.storeToken({
|
|
138
|
+
clientId: client.client_id,
|
|
139
|
+
token: token.data.access_token,
|
|
140
|
+
scopes: ((_c = token.data.scope) === null || _c === void 0 ? void 0 : _c.split(' ')) || [],
|
|
141
|
+
expiresAt,
|
|
142
|
+
extra: { refreshToken: token.data.refresh_token, token, appId, appSecret },
|
|
143
|
+
});
|
|
144
|
+
logger_1.logger.info(`[LarkOIDC2OAuthServerProvider] Successfully refreshed token for client ${client.client_id}; appId: ${appId}; token: ${Boolean(token.data.access_token)}; refreshToken: ${Boolean(token.data.refresh_token)};expiresAt: ${expiresAt}`);
|
|
145
|
+
return {
|
|
146
|
+
access_token: token.data.access_token,
|
|
147
|
+
token_type: token.data.token_type,
|
|
148
|
+
expires_in: token.data.expires_in,
|
|
149
|
+
scope: token.data.scope,
|
|
150
|
+
refresh_token: token.data.refresh_token,
|
|
151
|
+
};
|
|
152
|
+
}
|
|
153
|
+
catch (error) {
|
|
154
|
+
logger_1.logger.error(`[LarkOIDC2OAuthServerProvider] exchangeRefreshToken: Token refresh failed: ${((_d = error.response) === null || _d === void 0 ? void 0 : _d.status) || error.status} ${((_e = error.response) === null || _e === void 0 ? void 0 : _e.data) || error.message}`);
|
|
155
|
+
throw new Error(`Token refresh failed: ${((_f = error.response) === null || _f === void 0 ? void 0 : _f.status) || error.status} ${((_g = error.response) === null || _g === void 0 ? void 0 : _g.data) || error.message}`);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
async verifyAccessToken(token) {
|
|
159
|
+
const { valid, token: storedToken } = await (0, is_token_valid_1.isTokenValid)(token);
|
|
160
|
+
if (!valid) {
|
|
161
|
+
return {
|
|
162
|
+
token: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.token) || '',
|
|
163
|
+
clientId: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.clientId) || '',
|
|
164
|
+
scopes: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.scopes) || [],
|
|
165
|
+
expiresAt: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.expiresAt) || 1,
|
|
166
|
+
extra: (storedToken === null || storedToken === void 0 ? void 0 : storedToken.extra) || {},
|
|
167
|
+
};
|
|
168
|
+
}
|
|
169
|
+
return storedToken;
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
exports.LarkOIDC2OAuthServerProvider = LarkOIDC2OAuthServerProvider;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';
|
|
2
|
+
import { OAuthClientInformationFull } from '@modelcontextprotocol/sdk/shared/auth.js';
|
|
3
|
+
import { OAuthRegisteredClientsStore } from '@modelcontextprotocol/sdk/server/auth/clients.js';
|
|
4
|
+
export declare class AuthStore implements OAuthRegisteredClientsStore {
|
|
5
|
+
private storageDataCache;
|
|
6
|
+
private codeVerifiers;
|
|
7
|
+
private initializePromise;
|
|
8
|
+
private fileWatcher;
|
|
9
|
+
private isReloading;
|
|
10
|
+
private isInitializedStorageSuccess;
|
|
11
|
+
constructor();
|
|
12
|
+
private initialize;
|
|
13
|
+
private performInitialization;
|
|
14
|
+
private setupFileWatcher;
|
|
15
|
+
private handleFileChange;
|
|
16
|
+
private loadFromStorage;
|
|
17
|
+
private saveToStorage;
|
|
18
|
+
private clearExpiredTokens;
|
|
19
|
+
storeToken(token: AuthInfo): Promise<AuthInfo>;
|
|
20
|
+
removeToken(accessToken: string): Promise<void>;
|
|
21
|
+
getToken(accessToken: string): Promise<AuthInfo | undefined>;
|
|
22
|
+
getTokenByRefreshToken(refreshToken: string): Promise<AuthInfo | undefined>;
|
|
23
|
+
getLocalAccessToken(appId: string): Promise<string | undefined>;
|
|
24
|
+
storeLocalAccessToken(accessToken: string, appId: string): Promise<string>;
|
|
25
|
+
removeLocalAccessToken(appId: string): Promise<void>;
|
|
26
|
+
removeAllLocalAccessTokens(): Promise<void>;
|
|
27
|
+
getAllLocalAccessTokens(): Promise<{
|
|
28
|
+
[appId: string]: string;
|
|
29
|
+
}>;
|
|
30
|
+
registerClient(client: OAuthClientInformationFull): Promise<OAuthClientInformationFull>;
|
|
31
|
+
getClient(id: string): Promise<OAuthClientInformationFull | undefined>;
|
|
32
|
+
removeClient(clientId: string): Promise<void>;
|
|
33
|
+
storeCodeVerifier(key: string, codeVerifier: string): void;
|
|
34
|
+
getCodeVerifier(key: string): string | undefined;
|
|
35
|
+
removeCodeVerifier(key: string): void;
|
|
36
|
+
clearExpiredCodeVerifiers(): void;
|
|
37
|
+
destroy(): void;
|
|
38
|
+
}
|
|
39
|
+
export declare const authStore: AuthStore;
|