@disruptorganic/mcp-google-search-console 1.1.0 → 2.0.0

package/.env.example

@@ -1,115 +1,73 @@
-# ============================================
-# Google Search Console MCP Server Configuration
-# ============================================
-#
-# This file is a template for optional environment variables.
-# Copy this file to .env and customize as needed.
-#
-# IMPORTANT: OAuth2 credentials are now embedded in the package.
-# You do NOT need to create your own Google Cloud project or credentials.
-
-# =============================================================================
-# AUTHENTICATION
-# =============================================================================
-#
-# OAuth2 credentials are pre-configured and embedded in this package.
-# No setup required - just install and authenticate on first use!
-
-# =============================================================================
-# OPTIONAL: Token Storage Configuration
-# =============================================================================
-#
-# Path where OAuth2 access and refresh tokens are stored.
-# The directory will be created automatically with secure permissions (0700).
-#
-# Default: ~/.mcp-gsc/tokens.json
-#
-# You can customize this to store tokens in a different location:
-# GSC_TOKEN_PATH=/path/to/your/tokens.json
-#
-# Leave commented to use the default location.
-
-# GSC_TOKEN_PATH=~/.mcp-gsc/tokens.json
-
-# =============================================================================
-# OPTIONAL: OAuth Redirect URI
-# =============================================================================
-#
-# The OAuth2 redirect URI for the authentication flow.
-#
-# Default: urn:ietf:wg:oauth:2.0:oob
-#
-# The default value uses the "out-of-band" flow, which is appropriate for
-# command-line applications. With this flow, Google displays the authorization
-# code in the browser, and you manually paste it into the terminal.
-#
-# Alternative options:
-# - http://localhost:3000/callback (for local web server flow)
-# - Any custom redirect URI you've configured in Google Cloud Console
-#
-# Note: If you change this, you must also add the same URI to your OAuth2
-# client's "Authorized redirect URIs" in Google Cloud Console.
-#
-# Leave commented to use the default out-of-band flow.
-
-# GSC_REDIRECT_URI=urn:ietf:wg:oauth:2.0:oob
-
-# =============================================================================
-# OPTIONAL: Logging Configuration
-# =============================================================================
-#
-# Set the logging verbosity level for the MCP server.
-#
-# Default: info
-#
-# Available levels:
-# - error: Only critical errors that prevent operation
-# - warn:  Warnings and errors (potential issues)
-# - info:  General information, warnings, and errors (recommended)
-# - debug: Verbose debugging information (for troubleshooting)
-#
-# Leave commented to use the default 'info' level.
+# Google OAuth 2.0 Configuration
+# Get these from Google Cloud Console: https://console.cloud.google.com
+# See docs/GOOGLE_OAUTH_SETUP.md for detailed setup instructions
+
+# REQUIRED: OAuth 2.0 Client ID
+# Example: 123456789-abcdefghijklmnopqrstuvwxyz.apps.googleusercontent.com
+GOOGLE_CLIENT_ID=
+
+# REQUIRED: OAuth 2.0 Client Secret
+# Example: GOCSPX-abcdefghijklmnopqrstuvwxyz
+GOOGLE_CLIENT_SECRET=
+
+# OPTIONAL: OAuth 2.0 Redirect URI
+# Default: http://localhost:3456/oauth/callback
+# Only change if Claude Code uses a different callback URI
+# GOOGLE_REDIRECT_URI=http://localhost:3456/oauth/callback
+
+# MCP Server Configuration
 
+# OPTIONAL: Server port
+# Default: 3456
+# Change if port 3456 is already in use
+# MCP_PORT=3456
+
+# OPTIONAL: Server host
+# Default: localhost (0.0.0.0 binds to all interfaces)
+# For security, keep as localhost unless deploying remotely
+# MCP_HOST=localhost
+
+# Logging Configuration
+
+# OPTIONAL: Log level
+# Options: debug, info, warn, error
+# Default: info
+# Use 'debug' for detailed troubleshooting
 # LOG_LEVEL=info
 
-# =============================================================================
-# OPTIONAL: Node.js Environment
-# =============================================================================
-#
-# Standard Node.js environment variable.
-# Not required by the MCP server, but may be useful for development.
-#
-# NODE_ENV=development
-
-# =============================================================================
-# Setup Instructions
-# =============================================================================
-#
-# Quick Start:
-# 1. Install the package: claude mcp add --transport stdio google-search-console -- npx -y @disruptorganic/mcp-google-search-console
-# 2. On first use, authenticate via browser (one-time setup)
-# 3. Done! No additional configuration needed.
-#
-# First-Time Authentication Flow:
-# When you first run the server, it will:
-# 1. Check for existing tokens at the configured token path
-# 2. If no tokens exist, initiate the OAuth2 authentication flow
-# 3. Display a URL and code in the terminal
-# 4. You visit the URL in your browser and authorize access
-# 5. After authorization, tokens are saved and the server starts
-# 6. Subsequent runs use the saved tokens (with automatic refresh)
-#
-# Security Best Practices:
-# - Tokens are stored with secure file permissions (0600)
-# - Tokens automatically refresh before expiry
-# - Read-only access to Search Console data
-#
-# Troubleshooting:
-# - "Authentication required": Follow the browser authentication flow
-# - "Token expired": Tokens will automatically refresh
-# - "Permission denied": Check token file permissions at ~/.mcp-gsc/tokens.json
-#
-# For more information, see:
-# - README.md
-# - docs/USER_GUIDE.md
-# - https://developers.google.com/webmaster-tools/v1/how-tos/authorizing
+# Token Storage (Claude Code manages tokens, but keeping for reference)
+
+# OPTIONAL: Token storage path
+# Default: ~/.config/gsc-mcp/tokens.json
+# Note: In v2.0.0, Claude Code manages tokens, not the server
+# This is here for backward compatibility only
+# GSC_TOKEN_PATH=~/.config/gsc-mcp/tokens.json
+
+# Advanced Configuration
+
+# OPTIONAL: Rate limiter - Queries per minute
+# Default: 1200 (Google Search Console API limit)
+# Don't change unless you have a quota increase
+# GSC_RATE_LIMIT_QPM=1200
+
+# OPTIONAL: Token validation cache TTL (seconds)
+# Default: 300 (5 minutes)
+# How long to cache Google token validations
+# TOKEN_VALIDATION_CACHE_TTL=300
+
+# OPTIONAL: Property list cache TTL (seconds)
+# Default: 86400 (24 hours)
+# How long to cache GSC property list
+# PROPERTY_CACHE_TTL=86400
+
+# Development Configuration (not for production)
+
+# OPTIONAL: Environment
+# Default: production
+# Set to 'development' for more verbose logging
+# NODE_ENV=production
+
+# OPTIONAL: Enable debug mode
+# Default: false
+# Set to 'true' for maximum verbosity
+# DEBUG=false

package/dist/auth/account-lock.d.ts

@@ -0,0 +1,26 @@
+export interface LockedUser {
+    userId: string;
+    email: string;
+    lockedAt: Date;
+}
+export interface LockCheckResult {
+    allowed: boolean;
+    lockedUser?: LockedUser;
+    reason?: string;
+}
+export declare function isLocked(): boolean;
+export declare function getLockedUser(): LockedUser | null;
+export declare function checkUserAccess(userId: string, email: string): LockCheckResult;
+export declare function getLockStatus(): {
+    locked: boolean;
+    account: null;
+    since: null;
+    userId?: undefined;
+} | {
+    locked: boolean;
+    account: string;
+    userId: string;
+    since: string;
+};
+export declare function clearLock(): void;
+//# sourceMappingURL=account-lock.d.ts.map

package/dist/auth/account-lock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-lock.d.ts","sourceRoot":"","sources":["../../src/auth/account-lock.ts"],"names":[],"mappings":"AA6BA,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,IAAI,CAAC;CAChB;AAKD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAWD,wBAAgB,QAAQ,IAAI,OAAO,CAElC;AAKD,wBAAgB,aAAa,IAAI,UAAU,GAAG,IAAI,CAEjD;AASD,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,eAAe,CA+C9E;AAKD,wBAAgB,aAAa;;;;;;;;;;EAe5B;AAMD,wBAAgB,SAAS,IAAI,IAAI,CAQhC"}

package/dist/auth/account-lock.js

@@ -0,0 +1,72 @@
+import { logger } from '../utils/logger.js';
+let lockedUser = null;
+export function isLocked() {
+    return lockedUser !== null;
+}
+export function getLockedUser() {
+    return lockedUser;
+}
+export function checkUserAccess(userId, email) {
+    if (lockedUser === null) {
+        lockedUser = {
+            userId,
+            email,
+            lockedAt: new Date(),
+        };
+        logger.info('Server locked to user account', {
+            userId,
+            email,
+            lockedAt: lockedUser.lockedAt.toISOString(),
+        });
+        return {
+            allowed: true,
+            lockedUser,
+        };
+    }
+    if (lockedUser.userId === userId) {
+        logger.debug('Access allowed for locked user', {
+            userId,
+            email,
+        });
+        return {
+            allowed: true,
+            lockedUser,
+        };
+    }
+    logger.warn('Access denied for different user', {
+        requestingUserId: userId,
+        requestingEmail: email,
+        lockedUserId: lockedUser.userId,
+        lockedEmail: lockedUser.email,
+    });
+    return {
+        allowed: false,
+        lockedUser,
+        reason: `Server is locked to account ${lockedUser.email}`,
+    };
+}
+export function getLockStatus() {
+    if (lockedUser === null) {
+        return {
+            locked: false,
+            account: null,
+            since: null,
+        };
+    }
+    return {
+        locked: true,
+        account: lockedUser.email,
+        userId: lockedUser.userId,
+        since: lockedUser.lockedAt.toISOString(),
+    };
+}
+export function clearLock() {
+    if (lockedUser) {
+        logger.info('Lock cleared', {
+            previousUser: lockedUser.email,
+            previousUserId: lockedUser.userId,
+        });
+    }
+    lockedUser = null;
+}
+//# sourceMappingURL=account-lock.js.map

package/dist/auth/account-lock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-lock.js","sourceRoot":"","sources":["../../src/auth/account-lock.ts"],"names":[],"mappings":"AAwBA,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAwB5C,IAAI,UAAU,GAAsB,IAAI,CAAC;AAKzC,MAAM,UAAU,QAAQ;IACtB,OAAO,UAAU,KAAK,IAAI,CAAC;AAC7B,CAAC;AAKD,MAAM,UAAU,aAAa;IAC3B,OAAO,UAAU,CAAC;AACpB,CAAC;AASD,MAAM,UAAU,eAAe,CAAC,MAAc,EAAE,KAAa;IAE3D,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QACxB,UAAU,GAAG;YACX,MAAM;YACN,KAAK;YACL,QAAQ,EAAE,IAAI,IAAI,EAAE;SACrB,CAAC;QAEF,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;YAC3C,MAAM;YACN,KAAK;YACL,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE;SAC5C,CAAC,CAAC;QAEH,OAAO;YACL,OAAO,EAAE,IAAI;YACb,UAAU;SACX,CAAC;IACJ,CAAC;IAGD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QACjC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE;YAC7C,MAAM;YACN,KAAK;SACN,CAAC,CAAC;QAEH,OAAO;YACL,OAAO,EAAE,IAAI;YACb,UAAU;SACX,CAAC;IACJ,CAAC;IAGD,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;QAC9C,gBAAgB,EAAE,MAAM;QACxB,eAAe,EAAE,KAAK;QACtB,YAAY,EAAE,UAAU,CAAC,MAAM;QAC/B,WAAW,EAAE,UAAU,CAAC,KAAK;KAC9B,CAAC,CAAC;IAEH,OAAO;QACL,OAAO,EAAE,KAAK;QACd,UAAU;QACV,MAAM,EAAE,+BAA+B,UAAU,CAAC,KAAK,EAAE;KAC1D,CAAC;AACJ,CAAC;AAKD,MAAM,UAAU,aAAa;IAC3B,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QACxB,OAAO;YACL,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAED,OAAO;QACL,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,UAAU,CAAC,KAAK;QACzB,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,KAAK,EAAE,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE;KACzC,CAAC;AACJ,CAAC;AAMD,MAAM,UAAU,SAAS;IACvB,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE;YAC1B,YAAY,EAAE,UAAU,CAAC,KAAK;YAC9B,cAAc,EAAE,UAAU,CAAC,MAAM;SAClC,CAAC,CAAC;IACL,CAAC;IACD,UAAU,GAAG,IAAI,CAAC;AACpB,CAAC"}

package/dist/auth/token-validator.d.ts

@@ -0,0 +1,18 @@
+export interface TokenValidationResult {
+    valid: boolean;
+    email?: string;
+    userId?: string;
+    scope?: string;
+    accessToken?: string;
+    error?: string;
+}
+export declare function validateToken(accessToken: string): Promise<TokenValidationResult>;
+export declare function clearValidationCache(): void;
+export declare function getCacheStats(): {
+    keys: number;
+    hits: number;
+    misses: number;
+    hitRate: number;
+    ttl: number;
+};
+//# sourceMappingURL=token-validator.d.ts.map

package/dist/auth/token-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-validator.d.ts","sourceRoot":"","sources":["../../src/auth/token-validator.ts"],"names":[],"mappings":"AA2BA,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAmND,wBAAsB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAgDvF;AAMD,wBAAgB,oBAAoB,IAAI,IAAI,CAG3C;AAMD,wBAAgB,aAAa;;;;;;EAS5B"}

package/dist/auth/token-validator.js

@@ -0,0 +1,175 @@
+import { OAuth2Client } from 'google-auth-library';
+import NodeCache from 'node-cache';
+import { logger } from '../utils/logger.js';
+const CACHE_TTL_SECONDS = 5 * 60;
+const CACHE_CHECK_PERIOD = 60;
+const MAX_RETRIES = 3;
+const BASE_DELAY_MS = 1000;
+const validationCache = new NodeCache({
+    stdTTL: CACHE_TTL_SECONDS,
+    checkperiod: CACHE_CHECK_PERIOD,
+    useClones: false,
+});
+const oauth2Client = new OAuth2Client();
+function redactToken(token) {
+    if (!token || token.length <= 8) {
+        return '***';
+    }
+    return `${token.substring(0, 8)}...`;
+}
+function getCacheKey(accessToken) {
+    let hash = 0;
+    for (let i = 0; i < accessToken.length; i++) {
+        const char = accessToken.charCodeAt(i);
+        hash = ((hash << 5) - hash) + char;
+        hash = hash & hash;
+    }
+    return `token_${Math.abs(hash)}`;
+}
+function sleep(ms) {
+    return new Promise(resolve => setTimeout(resolve, ms));
+}
+async function validateWithGoogle(accessToken) {
+    let lastError;
+    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+        try {
+            logger.debug('Validating token with Google API', {
+                attempt: attempt + 1,
+                maxAttempts: MAX_RETRIES + 1,
+                token: redactToken(accessToken),
+            });
+            const tokenInfo = await oauth2Client.getTokenInfo(accessToken);
+            logger.debug('Token validation successful', {
+                email: tokenInfo.email,
+                userId: tokenInfo.sub,
+                hasScope: !!tokenInfo.scope,
+                expiresIn: tokenInfo.expires_in,
+            });
+            if (tokenInfo.expires_in !== undefined && tokenInfo.expires_in <= 0) {
+                logger.warn('Token is expired', {
+                    expiresIn: tokenInfo.expires_in,
+                });
+                return {
+                    valid: false,
+                    error: 'Token expired',
+                };
+            }
+            return {
+                valid: true,
+                email: tokenInfo.email,
+                userId: tokenInfo.sub,
+                scope: tokenInfo.scope,
+                accessToken,
+            };
+        }
+        catch (error) {
+            lastError = error;
+            const errorMessage = error.message || String(error);
+            const statusCode = error.response?.status || error.code;
+            logger.debug('Token validation error', {
+                attempt: attempt + 1,
+                error: errorMessage,
+                statusCode,
+            });
+            if (errorMessage.includes('invalid_token') ||
+                errorMessage.includes('Invalid Value') ||
+                statusCode === 400) {
+                logger.warn('Invalid token', {
+                    error: errorMessage,
+                    token: redactToken(accessToken),
+                });
+                return {
+                    valid: false,
+                    error: 'Invalid token',
+                };
+            }
+            if (statusCode === 429) {
+                const retryAfter = error.response?.headers?.['retry-after'];
+                logger.warn('Rate limited by Google API', {
+                    retryAfter,
+                    attempt: attempt + 1,
+                });
+                return {
+                    valid: false,
+                    error: retryAfter
+                        ? `Rate limited. Retry after ${retryAfter} seconds.`
+                        : 'Rate limited by Google API. Please try again later.',
+                };
+            }
+            if (attempt < MAX_RETRIES) {
+                const delay = BASE_DELAY_MS * Math.pow(2, attempt);
+                logger.debug('Retrying token validation', {
+                    attempt: attempt + 1,
+                    delayMs: delay,
+                    error: errorMessage,
+                });
+                await sleep(delay);
+                continue;
+            }
+            logger.error('Token validation failed after retries', {
+                attempts: MAX_RETRIES + 1,
+                error: errorMessage,
+            });
+            return {
+                valid: false,
+                error: `Token validation failed: ${errorMessage}`,
+            };
+        }
+    }
+    return {
+        valid: false,
+        error: `Token validation failed: ${lastError?.message || 'Unknown error'}`,
+    };
+}
+export async function validateToken(accessToken) {
+    if (!accessToken || typeof accessToken !== 'string' || !accessToken.trim()) {
+        logger.debug('Empty or invalid token provided');
+        return {
+            valid: false,
+            error: 'Missing or invalid token',
+        };
+    }
+    const token = accessToken.trim();
+    const cacheKey = getCacheKey(token);
+    const cached = validationCache.get(cacheKey);
+    if (cached) {
+        logger.debug('Token validation cache hit', {
+            valid: cached.valid,
+            email: cached.email,
+            userId: cached.userId,
+            token: redactToken(token),
+        });
+        return {
+            ...cached,
+            accessToken: token,
+        };
+    }
+    logger.debug('Token validation cache miss', {
+        token: redactToken(token),
+    });
+    const result = await validateWithGoogle(token);
+    validationCache.set(cacheKey, result);
+    logger.info('Token validated and cached', {
+        valid: result.valid,
+        email: result.email,
+        userId: result.userId,
+        error: result.error,
+        token: redactToken(token),
+    });
+    return result;
+}
+export function clearValidationCache() {
+    validationCache.flushAll();
+    logger.info('Token validation cache cleared');
+}
+export function getCacheStats() {
+    const stats = validationCache.getStats();
+    return {
+        keys: validationCache.keys().length,
+        hits: stats.hits,
+        misses: stats.misses,
+        hitRate: stats.hits / (stats.hits + stats.misses) || 0,
+        ttl: CACHE_TTL_SECONDS,
+    };
+}
+//# sourceMappingURL=token-validator.js.map

package/dist/auth/token-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-validator.js","sourceRoot":"","sources":["../../src/auth/token-validator.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,SAAS,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAgC5C,MAAM,iBAAiB,GAAG,CAAC,GAAG,EAAE,CAAC;AACjC,MAAM,kBAAkB,GAAG,EAAE,CAAC;AAK9B,MAAM,WAAW,GAAG,CAAC,CAAC;AACtB,MAAM,aAAa,GAAG,IAAI,CAAC;AAQ3B,MAAM,eAAe,GAAG,IAAI,SAAS,CAAC;IACpC,MAAM,EAAE,iBAAiB;IACzB,WAAW,EAAE,kBAAkB;IAC/B,SAAS,EAAE,KAAK;CACjB,CAAC,CAAC;AAMH,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;AAKxC,SAAS,WAAW,CAAC,KAAa;IAChC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC;AACvC,CAAC;AAMD,SAAS,WAAW,CAAC,WAAmB;IAEtC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QACvC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;QACnC,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;IACrB,CAAC;IACD,OAAO,SAAS,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;AACnC,CAAC;AAKD,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AACzD,CAAC;AAKD,KAAK,UAAU,kBAAkB,CAAC,WAAmB;IACnD,IAAI,SAA4B,CAAC;IAEjC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,IAAI,CAAC;YACH,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE;gBAC/C,OAAO,EAAE,OAAO,GAAG,CAAC;gBACpB,WAAW,EAAE,WAAW,GAAG,CAAC;gBAC5B,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC;aAChC,CAAC,CAAC;YAGH,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,WAAW,CAAoB,CAAC;YAElF,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;gBAC1C,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,MAAM,EAAE,SAAS,CAAC,GAAG;gBACrB,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,KAAK;gBAC3B,SAAS,EAAE,SAAS,CAAC,UAAU;aAChC,CAAC,CAAC;YAGH,IAAI,SAAS,CAAC,UAAU,KAAK,SAAS,IAAI,SAAS,CAAC,UAAU,IAAI,CAAC,EAAE,CAAC;gBACpE,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE;oBAC9B,SAAS,EAAE,SAAS,CAAC,UAAU;iBAChC,CAAC,CAAC;gBAEH,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,eAAe;iBACvB,CAAC;YACJ,CAAC;YAGD,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,MAAM,EAAE,SAAS,CAAC,GAAG;gBACrB,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,WAAW;aACZ,CAAC;QACJ,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,SAAS,GAAG,KAAK,CAAC;YAGlB,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,KAAK,CAAC,QAAQ,EAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC;YAExD,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;gBACrC,OAAO,EAAE,OAAO,GAAG,CAAC;gBACpB,KAAK,EAAE,YAAY;gBACnB,UAAU;aACX,CAAC,CAAC;YAGH,IACE,YAAY,CAAC,QAAQ,CAAC,eAAe,CAAC;gBACtC,YAAY,CAAC,QAAQ,CAAC,eAAe,CAAC;gBACtC,UAAU,KAAK,GAAG,EAClB,CAAC;gBACD,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;oBAC3B,KAAK,EAAE,YAAY;oBACnB,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC;iBAChC,CAAC,CAAC;gBAEH,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,eAAe;iBACvB,CAAC;YACJ,CAAC;YAGD,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;gBACvB,MAAM,UAAU,GAAG,KAAK,CAAC,QAAQ,EAAE,OAAO,EAAE,CAAC,aAAa,CAAC,CAAC;gBAC5D,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;oBACxC,UAAU;oBACV,OAAO,EAAE,OAAO,GAAG,CAAC;iBACrB,CAAC,CAAC;gBAEH,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,UAAU;wBACf,CAAC,CAAC,6BAA6B,UAAU,WAAW;wBACpD,CAAC,CAAC,qDAAqD;iBAC1D,CAAC;YACJ,CAAC;YAGD,IAAI,OAAO,GAAG,WAAW,EAAE,CAAC;gBAC1B,MAAM,KAAK,GAAG,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;gBACnD,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;oBACxC,OAAO,EAAE,OAAO,GAAG,CAAC;oBACpB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,YAAY;iBACpB,CAAC,CAAC;gBAEH,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;gBACnB,SAAS;YACX,CAAC;YAGD,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACpD,QAAQ,EAAE,WAAW,GAAG,CAAC;gBACzB,KAAK,EAAE,YAAY;aACpB,CAAC,CAAC;YAEH,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,4BAA4B,YAAY,EAAE;aAClD,CAAC;QACJ,CAAC;IACH,CAAC;IAGD,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,4BAA4B,SAAS,EAAE,OAAO,IAAI,eAAe,EAAE;KAC3E,CAAC;AACJ,CAAC;AAWD,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,WAAmB;IACrD,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;QAC3E,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;QAChD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,0BAA0B;SAClC,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC;IACjC,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAGpC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAwB,QAAQ,CAAC,CAAC;IACpE,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;YACzC,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,KAAK,EAAE,WAAW,CAAC,KAAK,CAAC;SAC1B,CAAC,CAAC;QAGH,OAAO;YACL,GAAG,MAAM;YACT,WAAW,EAAE,KAAK;SACnB,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;QAC1C,KAAK,EAAE,WAAW,CAAC,KAAK,CAAC;KAC1B,CAAC,CAAC;IAGH,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,KAAK,CAAC,CAAC;IAG/C,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAEtC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;QACxC,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,WAAW,CAAC,KAAK,CAAC;KAC1B,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAMD,MAAM,UAAU,oBAAoB;IAClC,eAAe,CAAC,QAAQ,EAAE,CAAC;IAC3B,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;AAChD,CAAC;AAMD,MAAM,UAAU,aAAa;IAC3B,MAAM,KAAK,GAAG,eAAe,CAAC,QAAQ,EAAE,CAAC;IACzC,OAAO;QACL,IAAI,EAAE,eAAe,CAAC,IAAI,EAAE,CAAC,MAAM;QACnC,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,OAAO,EAAE,KAAK,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC;QACtD,GAAG,EAAE,iBAAiB;KACvB,CAAC;AACJ,CAAC"}

package/dist/config/index.d.ts

@@ -1,36 +1,23 @@
-import { z } from 'zod';
-declare const configSchema: z.ZodObject<{
-    clientId: z.ZodString;
-    clientSecret: z.ZodString;
-    tokenPath: z.ZodDefault<z.ZodString>;
-    redirectUri: z.ZodDefault<z.ZodString>;
-    logLevel: z.ZodDefault<z.ZodEnum<["error", "warn", "info", "debug"]>>;
-}, "strip", z.ZodTypeAny, {
+export interface AppConfig {
     clientId: string;
     clientSecret: string;
-    tokenPath: string;
     redirectUri: string;
-    logLevel: "info" | "error" | "warn" | "debug";
-}, {
-    clientId: string;
-    clientSecret: string;
-    tokenPath?: string | undefined;
-    redirectUri?: string | undefined;
-    logLevel?: "info" | "error" | "warn" | "debug" | undefined;
-}>;
-export type Config = z.infer<typeof configSchema>;
-export declare const config: {
-    clientId: string;
-    clientSecret: string;
+    port: number;
+    host: string;
+    logLevel: string;
     tokenPath: string;
-    redirectUri: string;
-    logLevel: "info" | "error" | "warn" | "debug";
-};
+    rateLimitQPM: number;
+    tokenValidationCacheTTL: number;
+    propertyCacheTTL: number;
+    nodeEnv: string;
+    isDevelopment: boolean;
+    isProduction: boolean;
+}
+export declare const config: AppConfig;
+export declare function getEnvironment(): string;
 export declare function getTokenDirectory(): string;
 export declare function isDevelopment(): boolean;
 export declare function isProduction(): boolean;
-export declare function getEnvironment(): string;
+export declare function logConfiguration(): void;
 export declare function getConfigSummary(): Record<string, string>;
-export declare function logConfigSummary(): void;
-export {};
 //# sourceMappingURL=index.d.ts.map

package/dist/config/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA+BxB,QAAA,MAAM,YAAY;;;;;;;;;;;;;;;;;;EAiDhB,CAAC;AASH,MAAM,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AA+ElD,eAAO,MAAM,MAAM;;;;;;CAAe,CAAC;AASnC,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAKD,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAKD,wBAAgB,YAAY,IAAI,OAAO,CAEtC;AAKD,wBAAgB,cAAc,IAAI,MAAM,CAEvC;AAUD,wBAAgB,gBAAgB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CASzD;AAKD,wBAAgB,gBAAgB,IAAI,IAAI,CAMvC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AA0BA,MAAM,WAAW,SAAS;IAExB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IAGpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IAGb,QAAQ,EAAE,MAAM,CAAC;IAGjB,SAAS,EAAE,MAAM,CAAC;IAGlB,YAAY,EAAE,MAAM,CAAC;IAGrB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gBAAgB,EAAE,MAAM,CAAC;IAGzB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,OAAO,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB;AA8GD,eAAO,MAAM,MAAM,EAAE,SAAwB,CAAC;AAS9C,wBAAgB,cAAc,IAAI,MAAM,CAEvC;AAKD,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAKD,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAKD,wBAAgB,YAAY,IAAI,OAAO,CAEtC;AASD,wBAAgB,gBAAgB,IAAI,IAAI,CAsBvC;AAMD,wBAAgB,gBAAgB,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAczD"}