@dataflint/mcp-server 1.0.12 → 1.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dataflint-server-service.d.ts.map +1 -1
- package/dist/dataflint-server-service.js +27 -2
- package/dist/dataflint-server-service.js.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -1
- package/dist/index.js.map +1 -1
- package/dist/server.js +2 -2
- package/dist/server.js.map +1 -1
- package/dist/standalone/config.d.ts +10 -9
- package/dist/standalone/config.d.ts.map +1 -1
- package/dist/standalone/config.js +213 -143
- package/dist/standalone/config.js.map +4 -4
- package/dist/standalone/logger.js +2 -2
- package/dist/standalone/logger.js.map +1 -1
- package/dist/standalone/server.d.ts.map +1 -1
- package/dist/standalone/server.js +10 -7
- package/dist/standalone/server.js.map +1 -1
- package/dist/tools/highlight-tools.js +5 -3
- package/dist/tools/highlight-tools.js.map +1 -1
- package/dist/types.d.ts +4 -17
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +5 -0
- package/dist/types.js.map +1 -1
- package/package.json +2 -1
|
@@ -62,6 +62,27 @@ var require_customer_auth_configs = __commonJS({
|
|
|
62
62
|
}
|
|
63
63
|
});
|
|
64
64
|
|
|
65
|
+
// ../shared-auth-config/dist/types.js
|
|
66
|
+
var require_types = __commonJS({
|
|
67
|
+
"../shared-auth-config/dist/types.js"(exports2) {
|
|
68
|
+
"use strict";
|
|
69
|
+
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
70
|
+
exports2.M2MType = exports2.AuthStrategyType = void 0;
|
|
71
|
+
var AuthStrategyType;
|
|
72
|
+
(function(AuthStrategyType2) {
|
|
73
|
+
AuthStrategyType2["SERVICE_ACCOUNT"] = "service_account";
|
|
74
|
+
AuthStrategyType2["AUTH0_M2M"] = "auth0_m2m";
|
|
75
|
+
AuthStrategyType2["AUTH0_USER"] = "auth0_user";
|
|
76
|
+
})(AuthStrategyType || (exports2.AuthStrategyType = AuthStrategyType = {}));
|
|
77
|
+
var M2MType;
|
|
78
|
+
(function(M2MType2) {
|
|
79
|
+
M2MType2["NONE"] = "none";
|
|
80
|
+
M2MType2["SERVICE_ACCOUNT"] = "service_account";
|
|
81
|
+
M2MType2["AUTH0_M2M"] = "auth0_m2m";
|
|
82
|
+
})(M2MType || (exports2.M2MType = M2MType = {}));
|
|
83
|
+
}
|
|
84
|
+
});
|
|
85
|
+
|
|
65
86
|
// ../shared-auth-config/dist/auth0-service.js
|
|
66
87
|
var require_auth0_service = __commonJS({
|
|
67
88
|
"../shared-auth-config/dist/auth0-service.js"(exports2) {
|
|
@@ -361,6 +382,7 @@ var require_auth0_m2m_service = __commonJS({
|
|
|
361
382
|
"use strict";
|
|
362
383
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
363
384
|
exports2.Auth0M2MService = void 0;
|
|
385
|
+
var types_12 = require_types();
|
|
364
386
|
var noopLogger = {
|
|
365
387
|
info: () => {
|
|
366
388
|
},
|
|
@@ -393,7 +415,7 @@ var require_auth0_m2m_service = __commonJS({
|
|
|
393
415
|
* Get the strategy type identifier
|
|
394
416
|
*/
|
|
395
417
|
getType() {
|
|
396
|
-
return
|
|
418
|
+
return types_12.AuthStrategyType.AUTH0_M2M;
|
|
397
419
|
}
|
|
398
420
|
/**
|
|
399
421
|
* Initialize the M2M service
|
|
@@ -564,6 +586,7 @@ var require_service_account_service = __commonJS({
|
|
|
564
586
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
565
587
|
exports2.ServiceAccountService = void 0;
|
|
566
588
|
var fs2 = __importStar3(require("fs"));
|
|
589
|
+
var types_12 = require_types();
|
|
567
590
|
var noopLogger = {
|
|
568
591
|
info: () => {
|
|
569
592
|
},
|
|
@@ -588,7 +611,7 @@ var require_service_account_service = __commonJS({
|
|
|
588
611
|
* Get the strategy type identifier
|
|
589
612
|
*/
|
|
590
613
|
getType() {
|
|
591
|
-
return
|
|
614
|
+
return types_12.AuthStrategyType.SERVICE_ACCOUNT;
|
|
592
615
|
}
|
|
593
616
|
/**
|
|
594
617
|
* Initialize the service account strategy
|
|
@@ -23534,6 +23557,7 @@ var require_auth_strategy_factory = __commonJS({
|
|
|
23534
23557
|
"use strict";
|
|
23535
23558
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
23536
23559
|
exports2.AuthStrategyFactory = void 0;
|
|
23560
|
+
var types_12 = require_types();
|
|
23537
23561
|
var service_account_service_1 = require_service_account_service();
|
|
23538
23562
|
var auth0_m2m_service_1 = require_auth0_m2m_service();
|
|
23539
23563
|
var secrets_1 = require_secrets();
|
|
@@ -23554,85 +23578,53 @@ var require_auth_strategy_factory = __commonJS({
|
|
|
23554
23578
|
this.configProvider = configProvider;
|
|
23555
23579
|
this.logger = logger2 || noopLogger;
|
|
23556
23580
|
}
|
|
23557
|
-
/**
|
|
23558
|
-
* Create the appropriate authentication strategy
|
|
23559
|
-
*
|
|
23560
|
-
* Priority:
|
|
23561
|
-
* 1. Service Account (if M2M_SA_TOKEN_PATH is set)
|
|
23562
|
-
* 2. Auth0 M2M (if secrets are available)
|
|
23563
|
-
* 3. Returns null (caller should use Auth0Service for interactive OAuth)
|
|
23564
|
-
*/
|
|
23565
23581
|
async createStrategy() {
|
|
23566
|
-
this.
|
|
23567
|
-
|
|
23568
|
-
|
|
23569
|
-
|
|
23570
|
-
|
|
23571
|
-
|
|
23572
|
-
|
|
23573
|
-
|
|
23574
|
-
|
|
23575
|
-
|
|
23576
|
-
|
|
23582
|
+
const m2mMode = this.configProvider.getM2MMode();
|
|
23583
|
+
switch (m2mMode.type) {
|
|
23584
|
+
case types_12.M2MType.SERVICE_ACCOUNT:
|
|
23585
|
+
return this.buildServiceAccountStrategy(m2mMode);
|
|
23586
|
+
case types_12.M2MType.AUTH0_M2M:
|
|
23587
|
+
return await this.buildAuth0M2MStrategy(m2mMode);
|
|
23588
|
+
default:
|
|
23589
|
+
this.logger.info("Using interactive OAuth flow");
|
|
23590
|
+
return {
|
|
23591
|
+
strategy: null,
|
|
23592
|
+
strategyType: types_12.AuthStrategyType.AUTH0_USER
|
|
23593
|
+
};
|
|
23577
23594
|
}
|
|
23578
|
-
this.logger.info("No M2M strategy available, falling back to interactive OAuth");
|
|
23579
|
-
return {
|
|
23580
|
-
strategy: null,
|
|
23581
|
-
strategyType: "auth0_user"
|
|
23582
|
-
};
|
|
23583
23595
|
}
|
|
23584
|
-
|
|
23585
|
-
|
|
23586
|
-
*/
|
|
23587
|
-
createServiceAccountStrategy() {
|
|
23588
|
-
const tokenPath = this.configProvider.getM2MTokenPath();
|
|
23589
|
-
const tenantId = this.configProvider.getTenantId();
|
|
23590
|
-
if (!tokenPath) {
|
|
23591
|
-
this.logger.error("M2M mode enabled but M2M_SA_TOKEN_PATH not set");
|
|
23592
|
-
throw new Error("M2M mode requires M2M_SA_TOKEN_PATH environment variable");
|
|
23593
|
-
}
|
|
23594
|
-
this.logger.info(`Creating ServiceAccountService with token path: ${tokenPath}`);
|
|
23595
|
-
if (tenantId) {
|
|
23596
|
-
this.logger.info(`Tenant ID: ${tenantId}`);
|
|
23597
|
-
}
|
|
23598
|
-
const strategy = new service_account_service_1.ServiceAccountService(tokenPath, tenantId, this.logger);
|
|
23596
|
+
buildServiceAccountStrategy(mode) {
|
|
23597
|
+
this.logger.info(`Service Account mode: ${mode.tokenPath}`);
|
|
23599
23598
|
return {
|
|
23600
|
-
strategy,
|
|
23601
|
-
strategyType:
|
|
23599
|
+
strategy: new service_account_service_1.ServiceAccountService(mode.tokenPath, mode.tenantId, this.logger),
|
|
23600
|
+
strategyType: types_12.AuthStrategyType.SERVICE_ACCOUNT
|
|
23602
23601
|
};
|
|
23603
23602
|
}
|
|
23604
|
-
|
|
23605
|
-
|
|
23606
|
-
*/
|
|
23607
|
-
async tryCreateAuth0M2MStrategy() {
|
|
23608
|
-
const environment = this.configProvider.getEnvironment();
|
|
23609
|
-
const secretsProvider = new secrets_1.SecretsProvider(environment, this.logger);
|
|
23603
|
+
async buildAuth0M2MStrategy(mode) {
|
|
23604
|
+
const secretsProvider = new secrets_1.SecretsProvider(this.configProvider.getEnvironment(), this.logger);
|
|
23610
23605
|
if (!await secretsProvider.isAvailable()) {
|
|
23611
|
-
|
|
23612
|
-
return null;
|
|
23606
|
+
throw new Error(`Auth0 M2M mode requires a secrets provider. M2M_AUTH0_SECRET_NAME is set to "${mode.secretName}" but no secrets provider is available. Ensure AWS credentials are configured or use Service Account mode instead.`);
|
|
23613
23607
|
}
|
|
23614
|
-
const
|
|
23615
|
-
this.logger.info(`Attempting to load M2M credentials: ${secretName}`);
|
|
23616
|
-
const credentials = await secretsProvider.loadAuth0M2MCredentials(secretName);
|
|
23608
|
+
const credentials = await secretsProvider.loadAuth0M2MCredentials(mode.secretName);
|
|
23617
23609
|
if (!credentials) {
|
|
23618
|
-
|
|
23619
|
-
return null;
|
|
23610
|
+
throw new Error(`Auth0 M2M credentials not found: "${mode.secretName}". Ensure the secret exists and contains valid Auth0 M2M credentials.`);
|
|
23620
23611
|
}
|
|
23621
|
-
this.logger.info(
|
|
23622
|
-
|
|
23623
|
-
|
|
23612
|
+
this.logger.info(`Auth0 M2M mode: ${mode.secretName}`);
|
|
23613
|
+
return {
|
|
23614
|
+
strategy: new auth0_m2m_service_1.Auth0M2MService(credentials, mode.tenantId, this.logger),
|
|
23615
|
+
strategyType: types_12.AuthStrategyType.AUTH0_M2M
|
|
23616
|
+
};
|
|
23624
23617
|
}
|
|
23625
|
-
/**
|
|
23626
|
-
* Check if M2M authentication is available
|
|
23627
|
-
* (useful for determining if interactive login is needed)
|
|
23628
|
-
*/
|
|
23629
23618
|
async isM2MAvailable() {
|
|
23630
|
-
|
|
23619
|
+
const mode = this.configProvider.getM2MMode();
|
|
23620
|
+
if (mode.type === types_12.M2MType.SERVICE_ACCOUNT) {
|
|
23631
23621
|
return true;
|
|
23632
23622
|
}
|
|
23633
|
-
|
|
23634
|
-
|
|
23635
|
-
|
|
23623
|
+
if (mode.type === types_12.M2MType.AUTH0_M2M) {
|
|
23624
|
+
const secretsProvider = new secrets_1.SecretsProvider(this.configProvider.getEnvironment(), this.logger);
|
|
23625
|
+
return secretsProvider.isAvailable();
|
|
23626
|
+
}
|
|
23627
|
+
return false;
|
|
23636
23628
|
}
|
|
23637
23629
|
};
|
|
23638
23630
|
exports2.AuthStrategyFactory = AuthStrategyFactory;
|
|
@@ -23681,9 +23673,9 @@ var require_dist = __commonJS({
|
|
|
23681
23673
|
};
|
|
23682
23674
|
}();
|
|
23683
23675
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
23684
|
-
exports2.SecretsProvider = exports2.LocalFileSecretsProvider = exports2.AWSSecretsProvider = exports2.AuthStrategyFactory = exports2.ServiceAccountService = exports2.Auth0M2MService = exports2.Auth0Service = exports2.customerAuthConfigs = void 0;
|
|
23676
|
+
exports2.SecretsProvider = exports2.LocalFileSecretsProvider = exports2.AWSSecretsProvider = exports2.AuthStrategyFactory = exports2.ServiceAccountService = exports2.Auth0M2MService = exports2.Auth0Service = exports2.M2MType = exports2.AuthStrategyType = exports2.customerAuthConfigs = void 0;
|
|
23685
23677
|
exports2.getCustomerAuthConfig = getCustomerAuthConfig;
|
|
23686
|
-
var crypto3 = __importStar3(require("crypto"));
|
|
23678
|
+
var crypto3 = __importStar3(require("node:crypto"));
|
|
23687
23679
|
var customer_auth_configs_1 = require_customer_auth_configs();
|
|
23688
23680
|
Object.defineProperty(exports2, "customerAuthConfigs", { enumerable: true, get: function() {
|
|
23689
23681
|
return customer_auth_configs_1.customerAuthConfigs;
|
|
@@ -23706,6 +23698,13 @@ var require_dist = __commonJS({
|
|
|
23706
23698
|
serverUrl: `https://api.${customerDomain}.dataflint.io`
|
|
23707
23699
|
};
|
|
23708
23700
|
}
|
|
23701
|
+
var types_12 = require_types();
|
|
23702
|
+
Object.defineProperty(exports2, "AuthStrategyType", { enumerable: true, get: function() {
|
|
23703
|
+
return types_12.AuthStrategyType;
|
|
23704
|
+
} });
|
|
23705
|
+
Object.defineProperty(exports2, "M2MType", { enumerable: true, get: function() {
|
|
23706
|
+
return types_12.M2MType;
|
|
23707
|
+
} });
|
|
23709
23708
|
var auth0_service_1 = require_auth0_service();
|
|
23710
23709
|
Object.defineProperty(exports2, "Auth0Service", { enumerable: true, get: function() {
|
|
23711
23710
|
return auth0_service_1.Auth0Service;
|
|
@@ -23735,6 +23734,22 @@ var require_dist = __commonJS({
|
|
|
23735
23734
|
}
|
|
23736
23735
|
});
|
|
23737
23736
|
|
|
23737
|
+
// dist/types.js
|
|
23738
|
+
var require_types2 = __commonJS({
|
|
23739
|
+
"dist/types.js"(exports2) {
|
|
23740
|
+
"use strict";
|
|
23741
|
+
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
23742
|
+
exports2.M2MType = exports2.AuthStrategyType = void 0;
|
|
23743
|
+
var shared_auth_config_12 = require_dist();
|
|
23744
|
+
Object.defineProperty(exports2, "AuthStrategyType", { enumerable: true, get: function() {
|
|
23745
|
+
return shared_auth_config_12.AuthStrategyType;
|
|
23746
|
+
} });
|
|
23747
|
+
Object.defineProperty(exports2, "M2MType", { enumerable: true, get: function() {
|
|
23748
|
+
return shared_auth_config_12.M2MType;
|
|
23749
|
+
} });
|
|
23750
|
+
}
|
|
23751
|
+
});
|
|
23752
|
+
|
|
23738
23753
|
// dist/logger.js
|
|
23739
23754
|
var require_logger = __commonJS({
|
|
23740
23755
|
"dist/logger.js"(exports2) {
|
|
@@ -23801,29 +23816,96 @@ var __importStar2 = exports && exports.__importStar || /* @__PURE__ */ function(
|
|
|
23801
23816
|
}();
|
|
23802
23817
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23803
23818
|
exports.StandaloneConfigService = void 0;
|
|
23804
|
-
var fs = __importStar2(require("fs"));
|
|
23805
|
-
var
|
|
23806
|
-
var
|
|
23807
|
-
var
|
|
23819
|
+
var fs = __importStar2(require("node:fs"));
|
|
23820
|
+
var fsPromises = __importStar2(require("node:fs/promises"));
|
|
23821
|
+
var path = __importStar2(require("node:path"));
|
|
23822
|
+
var os = __importStar2(require("node:os"));
|
|
23823
|
+
var crypto2 = __importStar2(require("node:crypto"));
|
|
23824
|
+
var zod_1 = require("zod");
|
|
23825
|
+
var types_1 = require_types2();
|
|
23808
23826
|
var shared_auth_config_1 = require_dist();
|
|
23809
23827
|
var logger_1 = require_logger();
|
|
23828
|
+
var DEFAULT_CLIENT_ID_FOR_HASH = "default";
|
|
23829
|
+
var HASH_PREFIX_LENGTH = 8;
|
|
23830
|
+
var DEFAULT_ADMIN_COMPANY_DOMAIN = "none";
|
|
23831
|
+
var DEFAULT_SERVER_URL = "https://api.dataflint.io";
|
|
23832
|
+
var DEFAULT_AUTH_DOMAIN = "https://dataflint.us.auth0.com/";
|
|
23833
|
+
var DEFAULT_AUDIENCE = "https://api.dataflint.io";
|
|
23834
|
+
var DEFAULT_SCOPE = "openid profile email offline_access";
|
|
23835
|
+
var DEFAULT_PUBLIC_CLIENT_ID = "1NdbhkYoLyqQWtevBNal1BozB9pSZe3g";
|
|
23836
|
+
var CREDENTIALS_DIR_MODE = 448;
|
|
23837
|
+
var CREDENTIALS_FILE_MODE = 384;
|
|
23838
|
+
var StandaloneConfigSchema = zod_1.z.object({
|
|
23839
|
+
serverUrl: zod_1.z.string().url().optional(),
|
|
23840
|
+
authDomain: zod_1.z.string().optional(),
|
|
23841
|
+
clientId: zod_1.z.string().optional(),
|
|
23842
|
+
audience: zod_1.z.string().optional(),
|
|
23843
|
+
scope: zod_1.z.string().optional(),
|
|
23844
|
+
credentialsPath: zod_1.z.string().optional(),
|
|
23845
|
+
adminCompanyDomain: zod_1.z.string().optional(),
|
|
23846
|
+
customerDomain: zod_1.z.string().optional(),
|
|
23847
|
+
m2mTokenPath: zod_1.z.string().optional(),
|
|
23848
|
+
m2mSecretName: zod_1.z.string().optional(),
|
|
23849
|
+
tenantId: zod_1.z.string().optional()
|
|
23850
|
+
}).strict();
|
|
23810
23851
|
var StandaloneConfigService = class {
|
|
23811
23852
|
config;
|
|
23812
23853
|
credentialsPath;
|
|
23854
|
+
m2mMode;
|
|
23813
23855
|
constructor(config = {}) {
|
|
23814
23856
|
this.config = this.mergeWithDefaults(config);
|
|
23815
|
-
|
|
23816
|
-
|
|
23817
|
-
|
|
23818
|
-
const clientIdHash = crypto2.createHash("sha256").update(this.config.clientId).digest("hex").substring(0, 8);
|
|
23819
|
-
this.credentialsPath = path.join(os.homedir(), ".dataflint", `credentials-${clientIdHash}.json`);
|
|
23820
|
-
}
|
|
23857
|
+
this.m2mMode = this.detectM2MMode();
|
|
23858
|
+
this.validateM2MConfig();
|
|
23859
|
+
this.credentialsPath = config.credentialsPath || this.defaultCredentialsPath();
|
|
23821
23860
|
this.ensureDataflintDirectory();
|
|
23822
23861
|
}
|
|
23862
|
+
defaultCredentialsPath() {
|
|
23863
|
+
const hash = crypto2.createHash("sha256").update(this.config.clientId || DEFAULT_CLIENT_ID_FOR_HASH).digest("hex").substring(0, HASH_PREFIX_LENGTH);
|
|
23864
|
+
return path.join(os.homedir(), ".dataflint", `credentials-${hash}.json`);
|
|
23865
|
+
}
|
|
23823
23866
|
ensureDataflintDirectory() {
|
|
23824
|
-
const
|
|
23825
|
-
if (!fs.existsSync(
|
|
23826
|
-
fs.mkdirSync(
|
|
23867
|
+
const dir = path.dirname(this.credentialsPath);
|
|
23868
|
+
if (!fs.existsSync(dir)) {
|
|
23869
|
+
fs.mkdirSync(dir, { recursive: true, mode: CREDENTIALS_DIR_MODE });
|
|
23870
|
+
}
|
|
23871
|
+
}
|
|
23872
|
+
detectM2MMode() {
|
|
23873
|
+
const tokenPath = this.config.m2mTokenPath;
|
|
23874
|
+
const secretName = this.config.m2mSecretName;
|
|
23875
|
+
const tenantId = this.config.tenantId;
|
|
23876
|
+
const logger2 = logger_1.Logger.getInstance();
|
|
23877
|
+
if (tokenPath) {
|
|
23878
|
+
logger2.info("M2M mode: Service Account");
|
|
23879
|
+
return { type: types_1.M2MType.SERVICE_ACCOUNT, tokenPath, tenantId };
|
|
23880
|
+
}
|
|
23881
|
+
if (secretName) {
|
|
23882
|
+
logger2.info("M2M mode: Auth0 M2M");
|
|
23883
|
+
return { type: types_1.M2MType.AUTH0_M2M, secretName, tenantId };
|
|
23884
|
+
}
|
|
23885
|
+
return { type: types_1.M2MType.NONE };
|
|
23886
|
+
}
|
|
23887
|
+
validateM2MConfig() {
|
|
23888
|
+
if (this.m2mMode.type !== types_1.M2MType.NONE && !this.config.serverUrl) {
|
|
23889
|
+
throw new Error("DATAFLINT_SERVER_URL is required in M2M mode");
|
|
23890
|
+
}
|
|
23891
|
+
}
|
|
23892
|
+
loadFileConfig() {
|
|
23893
|
+
const configFilePath = path.join(os.homedir(), ".dataflint", "config.json");
|
|
23894
|
+
if (!fs.existsSync(configFilePath)) {
|
|
23895
|
+
return {};
|
|
23896
|
+
}
|
|
23897
|
+
const logger2 = logger_1.Logger.getInstance();
|
|
23898
|
+
try {
|
|
23899
|
+
const rawContent = JSON.parse(fs.readFileSync(configFilePath, "utf8"));
|
|
23900
|
+
const result = StandaloneConfigSchema.safeParse(rawContent);
|
|
23901
|
+
if (!result.success) {
|
|
23902
|
+
logger2.warn(`Invalid config file format at ${configFilePath}: ${result.error.issues.map((i4) => i4.message).join(", ")}`);
|
|
23903
|
+
return {};
|
|
23904
|
+
}
|
|
23905
|
+
return result.data;
|
|
23906
|
+
} catch (error2) {
|
|
23907
|
+
logger2.warn(`Failed to parse config file at ${configFilePath}: ${error2 instanceof Error ? error2.message : String(error2)}`);
|
|
23908
|
+
return {};
|
|
23827
23909
|
}
|
|
23828
23910
|
}
|
|
23829
23911
|
mergeWithDefaults(config) {
|
|
@@ -23836,42 +23918,11 @@ var StandaloneConfigService = class {
|
|
|
23836
23918
|
adminCompanyDomain: process.env.DATAFLINT_ADMIN_COMPANY_DOMAIN,
|
|
23837
23919
|
customerDomain: process.env.DATAFLINT_CUSTOMER_DOMAIN,
|
|
23838
23920
|
m2mTokenPath: process.env.M2M_SA_TOKEN_PATH,
|
|
23921
|
+
m2mSecretName: process.env.M2M_AUTH0_SECRET_NAME,
|
|
23839
23922
|
tenantId: process.env.TENANT_ID
|
|
23840
23923
|
};
|
|
23841
|
-
const
|
|
23842
|
-
let fileConfig = {};
|
|
23843
|
-
if (fs.existsSync(configFilePath)) {
|
|
23844
|
-
try {
|
|
23845
|
-
const fileContent = fs.readFileSync(configFilePath, "utf8");
|
|
23846
|
-
fileConfig = JSON.parse(fileContent);
|
|
23847
|
-
} catch (error2) {
|
|
23848
|
-
}
|
|
23849
|
-
}
|
|
23924
|
+
const fileConfig = this.loadFileConfig();
|
|
23850
23925
|
const logger2 = logger_1.Logger.getInstance();
|
|
23851
|
-
const m2mTokenPath = config.m2mTokenPath || envConfig.m2mTokenPath;
|
|
23852
|
-
const tenantId = config.tenantId || envConfig.tenantId;
|
|
23853
|
-
if (m2mTokenPath) {
|
|
23854
|
-
logger2.info("M2M mode detected");
|
|
23855
|
-
logger2.info(`M2M token path: ${m2mTokenPath}`);
|
|
23856
|
-
if (tenantId) {
|
|
23857
|
-
logger2.info(`M2M tenant ID: ${tenantId}`);
|
|
23858
|
-
} else {
|
|
23859
|
-
logger2.info("M2M tenant ID: not provided");
|
|
23860
|
-
}
|
|
23861
|
-
const serverUrl = process.env.DATAFLINT_SERVER_URI_LOCAL || "http://dataflint-server-service.default.svc.cluster.local:80";
|
|
23862
|
-
return {
|
|
23863
|
-
serverUrl,
|
|
23864
|
-
authDomain: "",
|
|
23865
|
-
clientId: "",
|
|
23866
|
-
audience: "",
|
|
23867
|
-
scope: "",
|
|
23868
|
-
credentialsPath: void 0,
|
|
23869
|
-
adminCompanyDomain: "none",
|
|
23870
|
-
customerDomain: void 0,
|
|
23871
|
-
m2mTokenPath,
|
|
23872
|
-
tenantId
|
|
23873
|
-
};
|
|
23874
|
-
}
|
|
23875
23926
|
const customerDomain = config.customerDomain || envConfig.customerDomain || fileConfig.customerDomain;
|
|
23876
23927
|
if (customerDomain) {
|
|
23877
23928
|
logger2.info(`Customer domain detected: ${customerDomain}`);
|
|
@@ -23889,86 +23940,105 @@ var StandaloneConfigService = class {
|
|
|
23889
23940
|
authDomain: customerConfig.domain,
|
|
23890
23941
|
clientId: customerConfig.clientId,
|
|
23891
23942
|
audience: customerConfig.audience,
|
|
23892
|
-
scope:
|
|
23943
|
+
scope: DEFAULT_SCOPE,
|
|
23893
23944
|
// Credentials path only configurable via CLI argument for security
|
|
23894
23945
|
credentialsPath: config.credentialsPath,
|
|
23895
|
-
adminCompanyDomain: config.adminCompanyDomain || envConfig.adminCompanyDomain || fileConfig.adminCompanyDomain ||
|
|
23896
|
-
customerDomain
|
|
23946
|
+
adminCompanyDomain: config.adminCompanyDomain || envConfig.adminCompanyDomain || fileConfig.adminCompanyDomain || DEFAULT_ADMIN_COMPANY_DOMAIN,
|
|
23947
|
+
customerDomain,
|
|
23948
|
+
m2mTokenPath: config.m2mTokenPath || envConfig.m2mTokenPath || fileConfig.m2mTokenPath,
|
|
23949
|
+
m2mSecretName: config.m2mSecretName || envConfig.m2mSecretName || fileConfig.m2mSecretName,
|
|
23950
|
+
tenantId: config.tenantId || envConfig.tenantId || fileConfig.tenantId
|
|
23897
23951
|
};
|
|
23898
23952
|
}
|
|
23899
23953
|
logger2.info(`No customer domain - using default/explicit configuration`);
|
|
23900
23954
|
return {
|
|
23901
|
-
serverUrl: config.serverUrl || envConfig.serverUrl || fileConfig.serverUrl ||
|
|
23902
|
-
authDomain: config.authDomain || envConfig.authDomain || fileConfig.authDomain ||
|
|
23903
|
-
clientId: config.clientId || envConfig.clientId || fileConfig.clientId ||
|
|
23904
|
-
audience: config.audience || envConfig.audience || fileConfig.audience ||
|
|
23905
|
-
scope: config.scope || envConfig.scope || fileConfig.scope ||
|
|
23906
|
-
adminCompanyDomain: config.adminCompanyDomain || envConfig.adminCompanyDomain || fileConfig.adminCompanyDomain ||
|
|
23955
|
+
serverUrl: config.serverUrl || envConfig.serverUrl || fileConfig.serverUrl || DEFAULT_SERVER_URL,
|
|
23956
|
+
authDomain: config.authDomain || envConfig.authDomain || fileConfig.authDomain || DEFAULT_AUTH_DOMAIN,
|
|
23957
|
+
clientId: config.clientId || envConfig.clientId || fileConfig.clientId || DEFAULT_PUBLIC_CLIENT_ID,
|
|
23958
|
+
audience: config.audience || envConfig.audience || fileConfig.audience || DEFAULT_AUDIENCE,
|
|
23959
|
+
scope: config.scope || envConfig.scope || fileConfig.scope || DEFAULT_SCOPE,
|
|
23960
|
+
adminCompanyDomain: config.adminCompanyDomain || envConfig.adminCompanyDomain || fileConfig.adminCompanyDomain || DEFAULT_ADMIN_COMPANY_DOMAIN,
|
|
23907
23961
|
// Credentials path only configurable via CLI argument for security
|
|
23908
23962
|
credentialsPath: config.credentialsPath,
|
|
23909
|
-
customerDomain: void 0
|
|
23963
|
+
customerDomain: void 0,
|
|
23964
|
+
m2mTokenPath: config.m2mTokenPath || envConfig.m2mTokenPath || fileConfig.m2mTokenPath,
|
|
23965
|
+
m2mSecretName: config.m2mSecretName || envConfig.m2mSecretName || fileConfig.m2mSecretName,
|
|
23966
|
+
tenantId: config.tenantId || envConfig.tenantId || fileConfig.tenantId
|
|
23910
23967
|
};
|
|
23911
23968
|
}
|
|
23912
23969
|
// IConfigService interface implementation
|
|
23913
23970
|
getServerUrl() {
|
|
23971
|
+
if (!this.config.serverUrl) {
|
|
23972
|
+
throw new Error("Server URL not configured. Set DATAFLINT_SERVER_URL environment variable or configure in ~/.dataflint/config.json");
|
|
23973
|
+
}
|
|
23914
23974
|
return this.config.serverUrl;
|
|
23915
23975
|
}
|
|
23916
23976
|
getEnvironment() {
|
|
23917
23977
|
return "prod";
|
|
23918
23978
|
}
|
|
23919
23979
|
getCustomerDomain() {
|
|
23920
|
-
return this.config.customerDomain
|
|
23980
|
+
return this.config.customerDomain ?? null;
|
|
23921
23981
|
}
|
|
23922
23982
|
getAdminCompanyDomain() {
|
|
23923
|
-
return this.config.adminCompanyDomain
|
|
23983
|
+
return this.config.adminCompanyDomain ?? DEFAULT_ADMIN_COMPANY_DOMAIN;
|
|
23924
23984
|
}
|
|
23925
23985
|
getAuthConfig() {
|
|
23986
|
+
if (!this.config.authDomain) {
|
|
23987
|
+
throw new Error("Auth domain not configured. Set DATAFLINT_AUTH_DOMAIN environment variable or configure in ~/.dataflint/config.json");
|
|
23988
|
+
}
|
|
23989
|
+
if (!this.config.clientId) {
|
|
23990
|
+
throw new Error("Client ID not configured. Set DATAFLINT_CLIENT_ID environment variable or configure in ~/.dataflint/config.json");
|
|
23991
|
+
}
|
|
23992
|
+
if (!this.config.audience) {
|
|
23993
|
+
throw new Error("Audience not configured. Set DATAFLINT_AUDIENCE environment variable or configure in ~/.dataflint/config.json");
|
|
23994
|
+
}
|
|
23926
23995
|
return {
|
|
23927
23996
|
domain: this.config.authDomain,
|
|
23928
23997
|
clientId: this.config.clientId,
|
|
23929
23998
|
audience: this.config.audience,
|
|
23930
|
-
scope: this.config.scope
|
|
23999
|
+
scope: this.config.scope ?? DEFAULT_SCOPE
|
|
23931
24000
|
};
|
|
23932
24001
|
}
|
|
23933
24002
|
async getAuthSecret() {
|
|
23934
24003
|
try {
|
|
23935
|
-
|
|
23936
|
-
const content = fs.readFileSync(this.credentialsPath, "utf8");
|
|
23937
|
-
return content;
|
|
23938
|
-
}
|
|
23939
|
-
return void 0;
|
|
24004
|
+
return await fsPromises.readFile(this.credentialsPath, "utf8");
|
|
23940
24005
|
} catch (error2) {
|
|
24006
|
+
const nodeError = error2;
|
|
24007
|
+
if (nodeError.code === "ENOENT") {
|
|
24008
|
+
return void 0;
|
|
24009
|
+
}
|
|
24010
|
+
logger_1.Logger.getInstance().warn(`Failed to read credentials from ${this.credentialsPath}: ${nodeError.message}`);
|
|
23941
24011
|
return void 0;
|
|
23942
24012
|
}
|
|
23943
24013
|
}
|
|
23944
24014
|
async setAuthSecret(value) {
|
|
23945
24015
|
this.ensureDataflintDirectory();
|
|
23946
|
-
|
|
23947
|
-
mode:
|
|
24016
|
+
await fsPromises.writeFile(this.credentialsPath, value, {
|
|
24017
|
+
mode: CREDENTIALS_FILE_MODE,
|
|
23948
24018
|
encoding: "utf8"
|
|
23949
24019
|
});
|
|
23950
24020
|
}
|
|
23951
24021
|
async deleteAuthSecret() {
|
|
23952
24022
|
try {
|
|
23953
|
-
|
|
23954
|
-
fs.unlinkSync(this.credentialsPath);
|
|
23955
|
-
}
|
|
24023
|
+
await fsPromises.unlink(this.credentialsPath);
|
|
23956
24024
|
} catch (error2) {
|
|
24025
|
+
const nodeError = error2;
|
|
24026
|
+
if (nodeError.code === "ENOENT") {
|
|
24027
|
+
return;
|
|
24028
|
+
}
|
|
24029
|
+
logger_1.Logger.getInstance().warn(`Failed to delete credentials at ${this.credentialsPath}: ${nodeError.message}`);
|
|
23957
24030
|
}
|
|
23958
24031
|
}
|
|
23959
24032
|
getSendSourceCode() {
|
|
23960
24033
|
const envValue = process.env.DATAFLINT_SEND_SOURCE_CODE;
|
|
23961
24034
|
return (envValue == null ? void 0 : envValue.toLowerCase()) === "true";
|
|
23962
24035
|
}
|
|
23963
|
-
|
|
23964
|
-
return this.
|
|
24036
|
+
getM2MMode() {
|
|
24037
|
+
return this.m2mMode;
|
|
23965
24038
|
}
|
|
23966
24039
|
getTenantId() {
|
|
23967
24040
|
return this.config.tenantId;
|
|
23968
24041
|
}
|
|
23969
|
-
isM2MMode() {
|
|
23970
|
-
return !!this.config.m2mTokenPath;
|
|
23971
|
-
}
|
|
23972
24042
|
};
|
|
23973
24043
|
exports.StandaloneConfigService = StandaloneConfigService;
|
|
23974
24044
|
//# sourceMappingURL=config.js.map
|