@dataflint/mcp-server 1.0.14 → 1.0.17

package/dist/auth/auth0-service.js

@@ -0,0 +1,326 @@
+"use strict";
+/**
+ * Auth0 OAuth2/PKCE Authentication Service
+ *
+ * Provides interactive browser-based authentication using Auth0 with PKCE flow.
+ * This is the primary authentication method for user-facing applications.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Auth0Service = void 0;
+const http = __importStar(require("http"));
+const openid_client_1 = require("openid-client");
+const url_1 = require("url");
+const AUTH_DISCOVERY_TIMEOUT_MS = 10_000; // 10 seconds
+openid_client_1.custom.setHttpOptionsDefaults({
+    timeout: AUTH_DISCOVERY_TIMEOUT_MS,
+});
+/**
+ * Default no-op logger for when no logger is provided
+ */
+const noopLogger = {
+    info: () => { },
+    warn: () => { },
+    error: () => { },
+    debug: () => { },
+};
+/**
+ * Auth0 service for interactive OAuth2/PKCE authentication
+ *
+ * @example
+ * ```typescript
+ * const auth0Service = new Auth0Service(
+ *   async (url) => { await open(url); },
+ *   () => configService.getAuthConfig(),
+ *   logger
+ * );
+ *
+ * await auth0Service.initialize();
+ * const result = await auth0Service.authenticate();
+ * console.log('Access Token:', result.accessToken);
+ * ```
+ */
+class Auth0Service {
+    config;
+    redirectUri;
+    callbackPort;
+    client = null;
+    issuer = null;
+    initialized = false;
+    openUrlHandler;
+    logger;
+    constructor(openUrlHandler, configProvider, logger, callbackPort = 11334) {
+        this.logger = logger || noopLogger;
+        this.openUrlHandler = openUrlHandler;
+        this.config = {
+            ...configProvider(),
+            scope: configProvider().scope || "openid profile email",
+        };
+        this.callbackPort = callbackPort;
+        this.redirectUri = `http://localhost:${callbackPort}/callback`;
+        this.logger.info(`Auth0Service initialized for domain: ${this.config.domain}`);
+    }
+    /**
+     * Initialize the Auth0 client by discovering the issuer metadata
+     */
+    async initialize() {
+        if (this.initialized) {
+            this.logger.debug("Auth0 client already initialized");
+            return;
+        }
+        try {
+            const issuerUrl = this.config.domain.startsWith("http")
+                ? this.config.domain
+                : `https://${this.config.domain}`;
+            this.logger.info(`Attempting to discover Auth0 issuer at: ${issuerUrl}`);
+            this.logger.debug(`Discovery URL will be: ${issuerUrl}`);
+            this.issuer = await openid_client_1.Issuer.discover(issuerUrl);
+            this.logger.info(`Auth0 issuer discovered successfully: ${this.issuer.issuer}`);
+            this.client = new this.issuer.Client({
+                client_id: this.config.clientId,
+                redirect_uris: [this.redirectUri],
+                response_types: ["code"],
+                token_endpoint_auth_method: "none", // Public client, no client secret required
+            });
+            this.initialized = true;
+            this.logger.info("Auth0 client initialized successfully");
+        }
+        catch (error) {
+            this.logger.error("Failed to initialize Auth0 client", error);
+            this.logger.error(`Auth0 domain: ${this.config.domain}`);
+            this.logger.error(`Client ID: ${this.config.clientId}`);
+            this.logger.error(`Constructed issuer URL: ${this.config.domain.startsWith("http") ? this.config.domain : `https://${this.config.domain}`}`);
+            // Check if it's a network/discovery error
+            if (error instanceof Error) {
+                if (error.message.includes("404") ||
+                    error.message.includes("Not Found")) {
+                    throw new Error(`Auth0 domain '${this.config.domain}' not found. Please verify your Auth0 domain configuration. The discovery endpoint ${this.config.domain} returned 404.`);
+                }
+                else if (error.message.includes("ENOTFOUND") ||
+                    error.message.includes("getaddrinfo")) {
+                    throw new Error(`Cannot connect to Auth0 domain '${this.config.domain}'. Please check your internet connection and verify the domain is correct.`);
+                }
+            }
+            throw new Error(`Auth0 initialization failed: ${error}`);
+        }
+    }
+    /**
+     * Start the authentication flow
+     */
+    async authenticate() {
+        if (!this.client) {
+            await this.initialize();
+        }
+        if (!this.client) {
+            throw new Error("Auth0 client not initialized");
+        }
+        // Generate PKCE code verifier/challenge for security
+        const codeVerifier = openid_client_1.generators.codeVerifier();
+        const codeChallenge = openid_client_1.generators.codeChallenge(codeVerifier);
+        // Create the authorization URL
+        const authUrl = this.client.authorizationUrl({
+            scope: this.config.scope,
+            code_challenge: codeChallenge,
+            code_challenge_method: "S256",
+            ...(this.config.audience && { audience: this.config.audience }),
+        });
+        this.logger.info("Opening browser for authentication...");
+        try {
+            await this.openUrlHandler(authUrl);
+        }
+        catch (error) {
+            this.logger.error("Failed to open browser", error);
+            this.logger.info(`Please manually navigate to: ${authUrl}`);
+        }
+        // Wait for the callback and exchange the code for tokens
+        return new Promise((resolve, reject) => {
+            const server = http.createServer(async (req, res) => {
+                try {
+                    if (!req.url?.startsWith("/callback")) {
+                        res.writeHead(404, { "Content-Type": "text/plain" });
+                        res.end("Not Found");
+                        return;
+                    }
+                    const callbackUrl = new url_1.URL(`http://localhost:${this.callbackPort}${req.url}`);
+                    const params = this.client.callbackParams(callbackUrl.toString());
+                    // Exchange authorization code for tokens
+                    const tokenSet = await this.client.callback(this.redirectUri, params, {
+                        code_verifier: codeVerifier,
+                    });
+                    const authResult = this.processTokenSet(tokenSet);
+                    // Send success response
+                    res.writeHead(200, { "Content-Type": "text/html" });
+                    res.end(`
+            <html>
+              <body style="font-family: Arial, sans-serif; text-align: center; padding: 50px;">
+                <h2 style="color: #4CAF50;">Authentication Successful!</h2>
+                <p>You can now close this tab and return to VS Code/Cursor.</p>
+                <script>
+                  setTimeout(() => {
+                    window.close();
+                  }, 3000);
+                </script>
+              </body>
+            </html>
+          `);
+                    server.close();
+                    resolve(authResult);
+                }
+                catch (error) {
+                    this.logger.error("Authentication callback error", error);
+                    // Send error response
+                    res.writeHead(400, { "Content-Type": "text/html" });
+                    res.end(`
+            <html>
+              <body style="font-family: Arial, sans-serif; text-align: center; padding: 50px;">
+                <h2 style="color: #f44336;">Authentication Failed</h2>
+                <p>Error: ${error}</p>
+                <p>Please try again.</p>
+              </body>
+            </html>
+          `);
+                    server.close();
+                    reject(error);
+                }
+            });
+            server.listen(this.callbackPort, () => {
+                this.logger.info(`Listening for Auth0 callback on http://localhost:${this.callbackPort}/callback`);
+            });
+            // Add timeout to prevent hanging
+            setTimeout(() => {
+                server.close();
+                reject(new Error("Authentication timeout - no response received within 5 minutes"));
+            }, 300000); // 5 minutes timeout
+        });
+    }
+    /**
+     * Get user information using the access token
+     */
+    async getUserInfo(accessToken) {
+        if (!this.client) {
+            throw new Error("Auth0 client not initialized");
+        }
+        try {
+            this.logger.info("Fetching user information...");
+            const userInfo = await this.client.userinfo(accessToken);
+            this.logger.info("User information retrieved successfully");
+            this.logger.debug(`User ID: ${userInfo.sub}`);
+            return userInfo;
+        }
+        catch (error) {
+            this.logger.error("Failed to get user info", error);
+            throw error;
+        }
+    }
+    /**
+     * Refresh the access token using refresh token
+     */
+    async refreshToken(refreshToken) {
+        if (!this.client) {
+            throw new Error("Auth0 client not initialized");
+        }
+        try {
+            this.logger.info("Refreshing access token...");
+            const tokenSet = await this.client.refresh(refreshToken);
+            const result = this.processTokenSet(tokenSet);
+            this.logger.info("Token refresh completed successfully");
+            return result;
+        }
+        catch (error) {
+            this.logger.error("Token refresh failed", error);
+            throw error;
+        }
+    }
+    /**
+     * Process token set and return structured result
+     */
+    processTokenSet(tokenSet) {
+        const result = {
+            accessToken: tokenSet.access_token,
+            idToken: tokenSet.id_token,
+            refreshToken: tokenSet.refresh_token,
+        };
+        if (tokenSet.expires_at) {
+            result.expiresAt = new Date(tokenSet.expires_at * 1000);
+        }
+        this.logger.info("Authentication tokens processed successfully");
+        this.logger.debug(`Access Token: ${result.accessToken?.substring(0, 20)}...`);
+        this.logger.debug(`ID Token: ${result.idToken ? "Present" : "Not provided"}`);
+        this.logger.debug(`Refresh Token: ${result.refreshToken ? "Present" : "Not provided"}`);
+        this.logger.debug(`Expires At: ${result.expiresAt}`);
+        return result;
+    }
+    /**
+     * Check if a token is expired
+     */
+    isTokenExpired(authResult) {
+        if (!authResult.expiresAt) {
+            this.logger.debug("No expiration time available, considering token valid");
+            return false; // If no expiration time, assume it's still valid
+        }
+        // Ensure expiresAt is a Date object (it might be a string if serialized)
+        const expiresAt = authResult.expiresAt instanceof Date
+            ? authResult.expiresAt
+            : new Date(authResult.expiresAt);
+        const now = new Date();
+        const buffer = 5 * 60 * 1000; // 5 minutes buffer
+        const isExpired = expiresAt.getTime() - buffer < now.getTime();
+        if (isExpired) {
+            this.logger.warn("Access token is expired or will expire soon");
+        }
+        else {
+            this.logger.debug("Access token is still valid");
+        }
+        return isExpired;
+    }
+    /**
+     * Logout (revoke tokens if supported)
+     */
+    async logout(accessToken) {
+        if (!this.client) {
+            throw new Error("Auth0 client not initialized");
+        }
+        try {
+            await this.client.revoke(accessToken);
+            this.logger.info("Token revoked successfully");
+        }
+        catch (error) {
+            this.logger.error("Failed to revoke token", error);
+            // Don't throw error as logout should be graceful
+        }
+    }
+}
+exports.Auth0Service = Auth0Service;
+//# sourceMappingURL=auth0-service.js.map

package/dist/auth/auth0-service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth0-service.js","sourceRoot":"","sources":["../../src/auth/auth0-service.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,2CAA6B;AAC7B,iDAAmE;AACnE,6BAA0B;AAS1B,MAAM,yBAAyB,GAAG,MAAM,CAAC,CAAC,aAAa;AAEvD,sBAAM,CAAC,sBAAsB,CAAC;IAC1B,OAAO,EAAE,yBAAyB;CACrC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,UAAU,GAAgB;IAC5B,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;IACd,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;IACd,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;IACf,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;CAClB,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,MAAa,YAAY;IACb,MAAM,CAAa;IACnB,WAAW,CAAS;IACpB,YAAY,CAAS;IACrB,MAAM,GAAkB,IAAI,CAAC;IAC7B,MAAM,GAAkB,IAAI,CAAC;IAC7B,WAAW,GAAG,KAAK,CAAC;IACpB,cAAc,CAAiB;IAC/B,MAAM,CAAc;IAE5B,YACI,cAA8B,EAC9B,cAA8B,EAC9B,MAAoB,EACpB,eAAuB,KAAK;QAE5B,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,UAAU,CAAC;QACnC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,MAAM,GAAG;YACV,GAAG,cAAc,EAAE;YACnB,KAAK,EAAE,cAAc,EAAE,CAAC,KAAK,IAAI,sBAAsB;SAC1D,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,WAAW,GAAG,oBAAoB,YAAY,WAAW,CAAC;QAC/D,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,wCAAwC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAC/D,CAAC;IACN,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QACZ,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,OAAO;QACX,CAAC;QAED,IAAI,CAAC;YACD,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;gBACnD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM;gBACpB,CAAC,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAEtC,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,2CAA2C,SAAS,EAAE,CACzD,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,SAAS,EAAE,CAAC,CAAC;YAEzD,IAAI,CAAC,MAAM,GAAG,MAAM,sBAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,yCAAyC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAChE,CAAC;YAEF,IAAI,CAAC,MAAM,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;gBACjC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC/B,aAAa,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC;gBACjC,cAAc,EAAE,CAAC,MAAM,CAAC;gBACxB,0BAA0B,EAAE,MAAM,EAAE,2CAA2C;aAClF,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QAC9D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAC9D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YACxD,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,2BAA2B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAC5H,CAAC;YAEF,0CAA0C;YAC1C,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBACzB,IACI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;oBAC7B,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EACrC,CAAC;oBACC,MAAM,IAAI,KAAK,CACX,iBAAiB,IAAI,CAAC,MAAM,CAAC,MAAM,sFAAsF,IAAI,CAAC,MAAM,CAAC,MAAM,gBAAgB,CAC9J,CAAC;gBACN,CAAC;qBAAM,IACH,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;oBACnC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EACvC,CAAC;oBACC,MAAM,IAAI,KAAK,CACX,mCAAmC,IAAI,CAAC,MAAM,CAAC,MAAM,4EAA4E,CACpI,CAAC;gBACN,CAAC;YACL,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,gCAAgC,KAAK,EAAE,CAAC,CAAC;QAC7D,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QACd,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;QAED,qDAAqD;QACrD,MAAM,YAAY,GAAG,0BAAU,CAAC,YAAY,EAAE,CAAC;QAC/C,MAAM,aAAa,GAAG,0BAAU,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;QAE7D,+BAA+B;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;YACzC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,cAAc,EAAE,aAAa;YAC7B,qBAAqB,EAAE,MAAM;YAC7B,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;SAClE,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QAE1D,IAAI,CAAC;YACD,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,OAAO,EAAE,CAAC,CAAC;QAChE,CAAC;QAED,yDAAyD;QACzD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;gBAChD,IAAI,CAAC;oBACD,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;wBACpC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;wBACrD,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;wBACrB,OAAO;oBACX,CAAC;oBAED,MAAM,WAAW,GAAG,IAAI,SAAG,CACvB,oBAAoB,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,EAAE,CACpD,CAAC;oBACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAO,CAAC,cAAc,CACtC,WAAW,CAAC,QAAQ,EAAE,CACzB,CAAC;oBAEF,yCAAyC;oBACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAO,CAAC,QAAQ,CACxC,IAAI,CAAC,WAAW,EAChB,MAAM,EACN;wBACI,aAAa,EAAE,YAAY;qBAC9B,CACJ,CAAC;oBAEF,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;oBAElD,wBAAwB;oBACxB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC;;;;;;;;;;;;WAYjB,CAAC,CAAC;oBAEO,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,OAAO,CAAC,UAAU,CAAC,CAAC;gBACxB,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE,KAAK,CAAC,CAAC;oBAE1D,sBAAsB;oBACtB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC;;;;4BAIA,KAAK;;;;WAItB,CAAC,CAAC;oBAEO,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClB,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,EAAE;gBAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,oDAAoD,IAAI,CAAC,YAAY,WAAW,CACnF,CAAC;YACN,CAAC,CAAC,CAAC;YAEH,iCAAiC;YACjC,UAAU,CAAC,GAAG,EAAE;gBACZ,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CACF,IAAI,KAAK,CACL,gEAAgE,CACnE,CACJ,CAAC;YACN,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,oBAAoB;QACpC,CAAC,CAAC,CAAC;IACP,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,WAAmB;QACjC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;QAED,IAAI,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAEzD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;YAC5D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;YAE9C,OAAO,QAAQ,CAAC;QACpB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;YACpD,MAAM,KAAK,CAAC;QAChB,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,YAAoB;QACnC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;QAED,IAAI,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAE/C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YACzD,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAE9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD,OAAO,MAAM,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;YACjD,MAAM,KAAK,CAAC;QAChB,CAAC;IACL,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,QAKvB;QACG,MAAM,MAAM,GAAe;YACvB,WAAW,EAAE,QAAQ,CAAC,YAAa;YACnC,OAAO,EAAE,QAAQ,CAAC,QAAQ;YAC1B,YAAY,EAAE,QAAQ,CAAC,aAAa;SACvC,CAAC;QAEF,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YACtB,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;QACjE,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,iBAAiB,MAAM,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAC7D,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,aAAa,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,EAAE,CAC7D,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,kBAAkB,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,EAAE,CACvE,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAErD,OAAO,MAAM,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,UAAsB;QACjC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,uDAAuD,CAC1D,CAAC;YACF,OAAO,KAAK,CAAC,CAAC,iDAAiD;QACnE,CAAC;QAED,yEAAyE;QACzE,MAAM,SAAS,GACX,UAAU,CAAC,SAAS,YAAY,IAAI;YAChC,CAAC,CAAC,UAAU,CAAC,SAAS;YACtB,CAAC,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAEzC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,mBAAmB;QACjD,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC;QAE/D,IAAI,SAAS,EAAE,CAAC;YACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACJ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,WAAmB;QAC5B,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;QAED,IAAI,CAAC;YACD,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACtC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACnD,iDAAiD;QACrD,CAAC;IACL,CAAC;CACJ;AA/UD,oCA+UC"}

package/dist/auth/customer-auth-configs.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Customer-specific authentication configurations
+ *
+ * This file contains mappings from hashed customer domains to their Auth0 configurations.
+ * Customer domains are hashed using SHA-256 for privacy.
+ *
+ * To add a new customer:
+ * 1. Generate hash: npm run hash-domain -- "customer.domain.com"
+ * 2. Add entry to customerAuthConfigs with the hash as key
+ */
+export interface CustomerAuthConfig {
+    /**
+     * Auth0 client ID for this customer
+     */
+    clientId: string;
+    /**
+     * Optional function to produce customer-specific Auth0 domain
+     * @param customerDomain - The customer's domain (e.g., "acme.corp")
+     * @returns Auth0 domain URL (e.g., "https://dataflint-acme.us.auth0.com/")
+     */
+    domainProducer?: (customerDomain: string) => string;
+}
+/**
+ * Mapping from hashed customer domain to Auth0 configuration
+ * Key: SHA-256 hash of customer domain
+ * Value: CustomerAuthConfig with clientId and optional domainProducer
+ */
+export declare const customerAuthConfigs: {
+    [key: string]: CustomerAuthConfig;
+};
+//# sourceMappingURL=customer-auth-configs.d.ts.map

package/dist/auth/customer-auth-configs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"customer-auth-configs.d.ts","sourceRoot":"","sources":["../../src/auth/customer-auth-configs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,WAAW,kBAAkB;IAC/B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,cAAc,CAAC,EAAE,CAAC,cAAc,EAAE,MAAM,KAAK,MAAM,CAAC;CACvD;AAED;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,kBAAkB,CAAA;CAwBpE,CAAC"}

package/dist/auth/customer-auth-configs.js

@@ -0,0 +1,39 @@
+"use strict";
+/**
+ * Customer-specific authentication configurations
+ *
+ * This file contains mappings from hashed customer domains to their Auth0 configurations.
+ * Customer domains are hashed using SHA-256 for privacy.
+ *
+ * To add a new customer:
+ * 1. Generate hash: npm run hash-domain -- "customer.domain.com"
+ * 2. Add entry to customerAuthConfigs with the hash as key
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.customerAuthConfigs = void 0;
+/**
+ * Mapping from hashed customer domain to Auth0 configuration
+ * Key: SHA-256 hash of customer domain
+ * Value: CustomerAuthConfig with clientId and optional domainProducer
+ */
+exports.customerAuthConfigs = {
+    // Customer domain hash → Auth0 configuration
+    "857064adfec4e0e5e37be8afef397155db006bb6009d1b395388d9174eb40795": {
+        clientId: "CWvpqujjEV2aoRSDVWFSh1U6HQALygB0",
+        domainProducer: (customerDomain) => `https://dataflint-${customerDomain}.us.auth0.com/`,
+    },
+    cafe6e0af028d729afd3c4a386482621af90e8e117b1216f2bbc08e86a5e9445: {
+        clientId: "HRLICLhE0BP4AeZ8dSPAoDHFmMZVacxi",
+    },
+    "1613f29ea956158d2ad56a10780feb45d78755819565e76c4bf0d9069d17aab9": {
+        clientId: "CnyJJKVqes0Y0uU57GreAeaPbJlm4l4w",
+    },
+    eae8e3404182477f008479b38a6629ee86b23cefe2c418c5dc5c2f0d02af5475: {
+        clientId: "etY3z44ssWohe77PEBIMPzktW4BmvWGT",
+    },
+    // dataflint-demo (added from commit f38928c)
+    cc1677626e05d82b301cc83c22a850eac849555e704f288083108d79f600cea1: {
+        clientId: "u9W23NGvlV58W2N9WXMMhsM12bKK8oGI",
+    },
+};
+//# sourceMappingURL=customer-auth-configs.js.map

package/dist/auth/customer-auth-configs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"customer-auth-configs.js","sourceRoot":"","sources":["../../src/auth/customer-auth-configs.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAgBH;;;;GAIG;AACU,QAAA,mBAAmB,GAA0C;IACtE,6CAA6C;IAC7C,kEAAkE,EAAE;QAChE,QAAQ,EAAE,kCAAkC;QAC5C,cAAc,EAAE,CAAC,cAAc,EAAE,EAAE,CAC/B,qBAAqB,cAAc,gBAAgB;KAC1D;IAED,gEAAgE,EAAE;QAC9D,QAAQ,EAAE,kCAAkC;KAC/C;IAED,kEAAkE,EAAE;QAChE,QAAQ,EAAE,kCAAkC;KAC/C;IAED,gEAAgE,EAAE;QAC9D,QAAQ,EAAE,kCAAkC;KAC/C;IAED,6CAA6C;IAC7C,gEAAgE,EAAE;QAC9D,QAAQ,EAAE,kCAAkC;KAC/C;CACJ,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,75 @@
+/**
+ * Shared authentication configuration and services for DataFlint
+ *
+ * This package provides:
+ * - Customer-specific Auth0 configuration lookup
+ * - Multiple authentication strategies (Service Account, Auth0 M2M, Auth0 User)
+ * - Secrets providers (AWS Secrets Manager, Local File)
+ * - Strategy factory for automatic strategy selection
+ *
+ * @example Basic usage with Auth0 user flow:
+ * ```typescript
+ * import { Auth0Service, getCustomerAuthConfig } from "@dataflint/shared-auth-config";
+ *
+ * const config = getCustomerAuthConfig("acme.corp");
+ * const auth0 = new Auth0Service(openUrl, () => config, logger);
+ * await auth0.authenticate();
+ * ```
+ *
+ * @example Using the strategy factory (MCP standalone):
+ * ```typescript
+ * import { AuthStrategyFactory } from "@dataflint/shared-auth-config";
+ *
+ * const factory = new AuthStrategyFactory(configService, logger);
+ * const { strategy, strategyType } = await factory.createStrategy();
+ *
+ * if (strategy) {
+ *   await strategy.initialize();
+ *   const token = await strategy.getToken();
+ * } else {
+ *   // Fall back to interactive OAuth
+ * }
+ * ```
+ */
+import { customerAuthConfigs, CustomerAuthConfig } from "./customer-auth-configs";
+/**
+ * Resolved authentication configuration for a customer
+ */
+export interface ResolvedAuthConfig {
+    /**
+     * Auth0 domain URL (e.g., "https://dataflint-acme.us.auth0.com/")
+     */
+    domain: string;
+    /**
+     * Auth0 client ID
+     */
+    clientId: string;
+    /**
+     * Auth0 audience (API identifier)
+     */
+    audience: string;
+    /**
+     * DataFlint API server URL
+     */
+    serverUrl: string;
+}
+/**
+ * Get customer-specific authentication configuration
+ *
+ * This function:
+ * 1. Hashes the customer domain using SHA-256
+ * 2. Looks up the hash in customerAuthConfigs
+ * 3. Returns the resolved Auth0 configuration
+ *
+ * @param customerDomain - Customer's domain (e.g., "acme.corp")
+ * @returns ResolvedAuthConfig or null if customer not found
+ */
+export declare function getCustomerAuthConfig(customerDomain: string): ResolvedAuthConfig | null;
+export { customerAuthConfigs, CustomerAuthConfig };
+export { AuthConfig, AuthResult, Auth0M2MCredentials, AuthStrategyType, M2MType, M2MMode, AuthUserInfo, IAuthStrategy, IAuthConfigProvider, IAuthLogger, OpenUrlHandler, ConfigProvider, } from "./types";
+export { Auth0Service } from "./auth0-service";
+export { Auth0M2MService } from "./auth0-m2m-service";
+export { ServiceAccountService } from "./service-account-service";
+export { AuthStrategyFactory, StrategyResult } from "./auth-strategy-factory";
+export { ISecretsProvider, AWSSecretsProvider, LocalFileSecretsProvider, SecretsProvider, } from "./secrets";
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAGH,OAAO,EACH,mBAAmB,EACnB,kBAAkB,EACrB,MAAM,yBAAyB,CAAC;AAMjC;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,qBAAqB,CACjC,cAAc,EAAE,MAAM,GACvB,kBAAkB,GAAG,IAAI,CA8B3B;AAGD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,CAAC;AAMnD,OAAO,EACH,UAAU,EACV,UAAU,EACV,mBAAmB,EACnB,gBAAgB,EAChB,OAAO,EACP,OAAO,EACP,YAAY,EACZ,aAAa,EACb,mBAAmB,EACnB,WAAW,EACX,cAAc,EACd,cAAc,GACjB,MAAM,SAAS,CAAC;AAMjB,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAMlE,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAM9E,OAAO,EACH,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,GAClB,MAAM,WAAW,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,137 @@
+"use strict";
+/**
+ * Shared authentication configuration and services for DataFlint
+ *
+ * This package provides:
+ * - Customer-specific Auth0 configuration lookup
+ * - Multiple authentication strategies (Service Account, Auth0 M2M, Auth0 User)
+ * - Secrets providers (AWS Secrets Manager, Local File)
+ * - Strategy factory for automatic strategy selection
+ *
+ * @example Basic usage with Auth0 user flow:
+ * ```typescript
+ * import { Auth0Service, getCustomerAuthConfig } from "@dataflint/shared-auth-config";
+ *
+ * const config = getCustomerAuthConfig("acme.corp");
+ * const auth0 = new Auth0Service(openUrl, () => config, logger);
+ * await auth0.authenticate();
+ * ```
+ *
+ * @example Using the strategy factory (MCP standalone):
+ * ```typescript
+ * import { AuthStrategyFactory } from "@dataflint/shared-auth-config";
+ *
+ * const factory = new AuthStrategyFactory(configService, logger);
+ * const { strategy, strategyType } = await factory.createStrategy();
+ *
+ * if (strategy) {
+ *   await strategy.initialize();
+ *   const token = await strategy.getToken();
+ * } else {
+ *   // Fall back to interactive OAuth
+ * }
+ * ```
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecretsProvider = exports.LocalFileSecretsProvider = exports.AWSSecretsProvider = exports.AuthStrategyFactory = exports.ServiceAccountService = exports.Auth0M2MService = exports.Auth0Service = exports.M2MType = exports.AuthStrategyType = exports.customerAuthConfigs = void 0;
+exports.getCustomerAuthConfig = getCustomerAuthConfig;
+const crypto = __importStar(require("node:crypto"));
+const customer_auth_configs_1 = require("./customer-auth-configs");
+Object.defineProperty(exports, "customerAuthConfigs", { enumerable: true, get: function () { return customer_auth_configs_1.customerAuthConfigs; } });
+/**
+ * Get customer-specific authentication configuration
+ *
+ * This function:
+ * 1. Hashes the customer domain using SHA-256
+ * 2. Looks up the hash in customerAuthConfigs
+ * 3. Returns the resolved Auth0 configuration
+ *
+ * @param customerDomain - Customer's domain (e.g., "acme.corp")
+ * @returns ResolvedAuthConfig or null if customer not found
+ */
+function getCustomerAuthConfig(customerDomain) {
+    // Step 1: Hash the customer domain using SHA-256
+    const customerHash = crypto
+        .createHash("sha256")
+        .update(customerDomain)
+        .digest("hex");
+    // Step 2: Look up the hash in our customer configurations
+    const customerConfig = customer_auth_configs_1.customerAuthConfigs[customerHash];
+    if (!customerConfig) {
+        // Customer not found in registry
+        return null;
+    }
+    // Step 3: Build the complete authentication configuration
+    return {
+        // Use custom Auth0 domain if domainProducer is defined, otherwise use default
+        domain: customerConfig.domainProducer?.(customerDomain) ||
+            "https://dataflint.us.auth0.com/",
+        // Customer-specific Auth0 client ID
+        clientId: customerConfig.clientId,
+        // Customer-specific API audience
+        audience: `https://api.${customerDomain}.dataflint.io`,
+        // Customer-specific server URL
+        serverUrl: `https://api.${customerDomain}.dataflint.io`,
+    };
+}
+// ============================================================================
+// Types
+// ============================================================================
+var types_1 = require("./types");
+Object.defineProperty(exports, "AuthStrategyType", { enumerable: true, get: function () { return types_1.AuthStrategyType; } });
+Object.defineProperty(exports, "M2MType", { enumerable: true, get: function () { return types_1.M2MType; } });
+// ============================================================================
+// Authentication Services
+// ============================================================================
+var auth0_service_1 = require("./auth0-service");
+Object.defineProperty(exports, "Auth0Service", { enumerable: true, get: function () { return auth0_service_1.Auth0Service; } });
+var auth0_m2m_service_1 = require("./auth0-m2m-service");
+Object.defineProperty(exports, "Auth0M2MService", { enumerable: true, get: function () { return auth0_m2m_service_1.Auth0M2MService; } });
+var service_account_service_1 = require("./service-account-service");
+Object.defineProperty(exports, "ServiceAccountService", { enumerable: true, get: function () { return service_account_service_1.ServiceAccountService; } });
+// ============================================================================
+// Authentication Strategy Factory
+// ============================================================================
+var auth_strategy_factory_1 = require("./auth-strategy-factory");
+Object.defineProperty(exports, "AuthStrategyFactory", { enumerable: true, get: function () { return auth_strategy_factory_1.AuthStrategyFactory; } });
+// ============================================================================
+// Secrets Providers
+// ============================================================================
+var secrets_1 = require("./secrets");
+Object.defineProperty(exports, "AWSSecretsProvider", { enumerable: true, get: function () { return secrets_1.AWSSecretsProvider; } });
+Object.defineProperty(exports, "LocalFileSecretsProvider", { enumerable: true, get: function () { return secrets_1.LocalFileSecretsProvider; } });
+Object.defineProperty(exports, "SecretsProvider", { enumerable: true, get: function () { return secrets_1.SecretsProvider; } });
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDH,sDAgCC;AA9ED,oDAAsC;AACtC,mEAGiC;AA6ExB,oGA/EL,2CAAmB,OA+EK;AA9C5B;;;;;;;;;;GAUG;AACH,SAAgB,qBAAqB,CACjC,cAAsB;IAEtB,iDAAiD;IACjD,MAAM,YAAY,GAAG,MAAM;SACtB,UAAU,CAAC,QAAQ,CAAC;SACpB,MAAM,CAAC,cAAc,CAAC;SACtB,MAAM,CAAC,KAAK,CAAC,CAAC;IAEnB,0DAA0D;IAC1D,MAAM,cAAc,GAAG,2CAAmB,CAAC,YAAY,CAAC,CAAC;IACzD,IAAI,CAAC,cAAc,EAAE,CAAC;QAClB,iCAAiC;QACjC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,0DAA0D;IAC1D,OAAO;QACH,8EAA8E;QAC9E,MAAM,EACF,cAAc,CAAC,cAAc,EAAE,CAAC,cAAc,CAAC;YAC/C,iCAAiC;QAErC,oCAAoC;QACpC,QAAQ,EAAE,cAAc,CAAC,QAAQ;QAEjC,iCAAiC;QACjC,QAAQ,EAAE,eAAe,cAAc,eAAe;QAEtD,+BAA+B;QAC/B,SAAS,EAAE,eAAe,cAAc,eAAe;KAC1D,CAAC;AACN,CAAC;AAKD,+EAA+E;AAC/E,QAAQ;AACR,+EAA+E;AAE/E,iCAaiB;AATb,yGAAA,gBAAgB,OAAA;AAChB,gGAAA,OAAO,OAAA;AAUX,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E,iDAA+C;AAAtC,6GAAA,YAAY,OAAA;AACrB,yDAAsD;AAA7C,oHAAA,eAAe,OAAA;AACxB,qEAAkE;AAAzD,gIAAA,qBAAqB,OAAA;AAE9B,+EAA+E;AAC/E,kCAAkC;AAClC,+EAA+E;AAE/E,iEAA8E;AAArE,4HAAA,mBAAmB,OAAA;AAE5B,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E,qCAKmB;AAHf,6GAAA,kBAAkB,OAAA;AAClB,mHAAA,wBAAwB,OAAA;AACxB,0GAAA,eAAe,OAAA"}