@dotsetlabs/tollgate 0.2.2 → 0.3.0

package/dist/session/manager.js.map

@@ -1 +1 @@
-{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/session/manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AAEpC,OAAO,EAAE,aAAa,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAS7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD;;;GAGG;AACH,MAAM,UAAU;IACN,MAAM,GAAG,KAAK,CAAC;IACf,KAAK,GAAsB,EAAE,CAAC;IAEtC,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;YACnB,OAAO;QACT,CAAC;QAED,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YACnC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,EAAE,CAAC;QACT,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACtB,CAAC;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,OAAO,oBAAoB;IACvB,MAAM,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEtD,GAAG,CAAC,KAAmB;QACrB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IACnC,CAAC;IAED,GAAG,CAAC,EAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC7B,CAAC;IAED,YAAY,CAAC,OAAwB;QACnC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,OAAO,GAAmB,EAAE,CAAC;QAEnC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,sBAAsB;YACtB,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,SAAS;YACX,CAAC;YAED,oBAAoB;YACpB,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpC,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,EAAU;QACf,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAChC,CAAC;IAED,YAAY;QACV,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACvB,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM;QACJ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,KAAK;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,QAAQ;QACN,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,kBAAkB,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAEnE,MAAM,KAAK,GAAiB;YAC1B,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE;YAC3D,UAAU,EAAE,CAAC;YACb,YAAY,EAAE,CAAC;SAChB,CAAC;QAEF,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,eAAe;YACf,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,SAAS;YACX,CAAC;YAED,KAAK,CAAC,YAAY,EAAE,CAAC;YACrB,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC;YAErC,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,kBAAkB,EAAE,CAAC;gBAC5D,KAAK,CAAC,YAAY,EAAE,CAAC;YACvB,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,cAAc;IACR,KAAK,CAAe;IAC7B,aAAa,GAA0C,IAAI,CAAC;IACnD,KAAK,GAAG,IAAI,UAAU,EAAE,CAAC;IAC1C;;;;OAIG;IACc,cAAc,GAAG,IAAI,GAAG,EAAkD,CAAC;IAC3E,oBAAoB,GAAG,IAAI,CAAC;IAE7C;;;;;;OAMG;IACH,YACE,KAAoB,EACpB,YAAqB,IAAI,EACzB,kBAA0B,MAAM;QAEhC,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,IAAI,oBAAoB,EAAE,CAAC;QAEjD,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE;gBACpC,IAAI,CAAC;oBACH,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;oBAC1B,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC7B,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,mCAAmC;oBACnC,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE;wBAC1B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,EAAE,eAAe,CAAC,CAAC;YAEpB,gDAAgD;YAChD,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACrD,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACtD,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,WAAW,CAAC,KAA8B;QACxC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,KAAK,CAAC;QAElF,MAAM,UAAU,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QAEvB,mBAAmB;QACnB,IAAI,SAAS,GAAgB,IAAI,CAAC;QAClC,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,GAAG,IAAI,CAAC,CAAC;QAC1D,CAAC;aAAM,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;YAC5B,2DAA2D;YAC3D,SAAS,GAAG,GAAG,CAAC;QAClB,CAAC;QACD,gDAAgD;QAEhD,oBAAoB;QACpB,IAAI,UAA8B,CAAC;QACnC,IAAI,IAAwB,CAAC;QAE7B,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,OAAO;gBACV,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC1C,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACpB,MAAM;YACR,KAAK,MAAM;gBACT,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACpB,MAAM;YACR,KAAK,SAAS;gBACZ,UAAU,GAAG,OAAO,CAAC;gBACrB,MAAM;YACR,KAAK,QAAQ;gBACX,6BAA6B;gBAC7B,MAAM;QACV,CAAC;QAED,MAAM,KAAK,GAAiB;YAC1B,EAAE,EAAE,MAAM,EAAE;YACZ,SAAS,EAAE,GAAG;YACd,SAAS;YACT,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK;YACL,UAAU;YACV,IAAI;YACJ,SAAS;YACT,UAAU,EAAE,CAAC;YACb,iBAAiB;SAClB,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAEtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,UAAU,CAAC,OAAwB,EAAE,SAAkB;QACrD,2EAA2E;QAC3E,iEAAiE;QACjE,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAClD,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAC7C,IAAI,KAAK,IAAI,CAAC,CAAC,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;oBAChE,MAAM,CAAC,KAAK,CAAC,8CAA8C,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;oBACrG,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBAClC,CAAC;gBACD,sDAAsD;gBACtD,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEpD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAChD,CAAC;QAED,qDAAqD;QACrD,MAAM,aAAa,GAAiC;YAClD,KAAK,EAAE,CAAC;YACR,IAAI,EAAE,CAAC;YACP,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;SACV,CAAC;QAEF,sCAAsC;QACtC,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAC5B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAC1D,CAAC;QAEF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;gBAC7C,qEAAqE;gBACrE,oDAAoD;gBACpD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;oBAC9C,4CAA4C;oBAC5C,SAAS;gBACX,CAAC;gBAED,+CAA+C;gBAC/C,MAAM,YAAY,GAAG,EAAE,GAAG,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;gBACpE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAE7B,2DAA2D;gBAC3D,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBACnF,CAAC;gBAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;YAChD,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,KAAmB,EACnB,OAAwB;QAExB,8DAA8D;QAC9D,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;YACpB,KAAK,OAAO;gBACV,mCAAmC;gBACnC,OAAO,CACL,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI;oBAC3B,KAAK,CAAC,UAAU,KAAK,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAClD,CAAC;YAEJ,KAAK,MAAM;gBACT,uBAAuB;gBACvB,OAAO,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC;YAErC,KAAK,SAAS;gBACZ,0BAA0B;gBAC1B,IAAI,CAAC,KAAK,CAAC,UAAU;oBAAE,OAAO,KAAK,CAAC;gBACpC,OAAO,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;YAEnD,KAAK,QAAQ;gBACX,8CAA8C;gBAC9C,OAAO,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,WAAW,CAAC,EAAU;QACpB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IAED;;;;;OAKG;IACH,cAAc,CAAC,MAAc;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QACtE,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,eAAe;QACb,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,MAAM,CAC/B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG,CACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;IAC/B,CAAC;IAED;;;;OAIG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,KAAmB;QAC7B,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,mBAAmB;QACnB,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAE9B,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;YACpB,KAAK,OAAO;gBACV,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC;gBACpC,MAAM;YACR,KAAK,MAAM;gBACT,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC7B,MAAM;YACR,KAAK,SAAS;gBACZ,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,QAAQ;gBACX,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjB,MAAM;QACV,CAAC;QAED,SAAS;QACT,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACzD,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC;gBAC7C,KAAK,CAAC,IAAI,CAAC,KAAK,OAAO,cAAc,CAAC,CAAC;YACzC,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3B,CAAC;QAED,QAAQ;QACR,IAAI,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC5B,CAAC;IACH,CAAC;CACF"}
+{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/session/manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,aAAa,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAS7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAElD;;;GAGG;AACH,MAAM,UAAU;IACN,MAAM,GAAG,KAAK,CAAC;IACf,KAAK,GAAsB,EAAE,CAAC;IAEtC,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;YACnB,OAAO;QACT,CAAC;QAED,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YACnC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,EAAE,CAAC;QACT,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACtB,CAAC;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,OAAO,oBAAoB;IACvB,MAAM,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEtD,GAAG,CAAC,KAAmB;QACrB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IACnC,CAAC;IAED,GAAG,CAAC,EAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC7B,CAAC;IAED,YAAY,CAAC,OAAwB;QACnC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,OAAO,GAAmB,EAAE,CAAC;QAEnC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,sBAAsB;YACtB,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,SAAS;YACX,CAAC;YAED,oBAAoB;YACpB,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpC,SAAS;YACX,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,EAAU;QACf,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAChC,CAAC;IAED,YAAY;QACV,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACvB,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM;QACJ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,KAAK;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,QAAQ;QACN,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,kBAAkB,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAEnE,MAAM,KAAK,GAAiB;YAC1B,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE;YAC3D,UAAU,EAAE,CAAC;YACb,YAAY,EAAE,CAAC;SAChB,CAAC;QAEF,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,eAAe;YACf,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC7C,SAAS;YACX,CAAC;YAED,KAAK,CAAC,YAAY,EAAE,CAAC;YACrB,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC;YAErC,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,kBAAkB,EAAE,CAAC;gBAC5D,KAAK,CAAC,YAAY,EAAE,CAAC;YACvB,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,cAAc;IACR,KAAK,CAAe;IAC7B,aAAa,GAA0C,IAAI,CAAC;IACnD,KAAK,GAAG,IAAI,UAAU,EAAE,CAAC;IAC1C;;;;OAIG;IACc,cAAc,GAAG,IAAI,GAAG,EAAkD,CAAC;IAC3E,oBAAoB,GAAG,IAAI,CAAC;IAE7C;;;;;;OAMG;IACH,YACE,KAAoB,EACpB,YAAqB,IAAI,EACzB,kBAA0B,MAAM;QAEhC,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,IAAI,oBAAoB,EAAE,CAAC;QAEjD,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE;gBACpC,IAAI,CAAC;oBACH,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;oBAC1B,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC7B,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,mCAAmC;oBACnC,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE;wBAC1B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,EAAE,eAAe,CAAC,CAAC;YAEpB,gDAAgD;YAChD,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC7B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACrD,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACtD,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,WAAW,CAAC,KAA8B;QAC9C,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,KAAK,CAAC;YAElF,MAAM,UAAU,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YAEvB,mBAAmB;YACnB,IAAI,SAAS,GAAgB,IAAI,CAAC;YAClC,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;gBACnB,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,UAAU,GAAG,IAAI,CAAC,CAAC;YAC1D,CAAC;iBAAM,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;gBAC5B,2DAA2D;gBAC3D,SAAS,GAAG,GAAG,CAAC;YAClB,CAAC;YACD,gDAAgD;YAEhD,oBAAoB;YACpB,IAAI,UAA8B,CAAC;YACnC,IAAI,IAAwB,CAAC;YAE7B,QAAQ,KAAK,EAAE,CAAC;gBACd,KAAK,OAAO;oBACV,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAC1C,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;oBACpB,MAAM;gBACR,KAAK,MAAM;oBACT,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;oBACpB,MAAM;gBACR,KAAK,SAAS;oBACZ,UAAU,GAAG,OAAO,CAAC;oBACrB,MAAM;gBACR,KAAK,QAAQ;oBACX,6BAA6B;oBAC7B,8BAA8B;oBAC9B,MAAM,CAAC,IAAI,CAAC,+EAA+E,EAAE;wBAC3F,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,SAAS;wBACT,OAAO,EAAE,qGAAqG;qBAC/G,CAAC,CAAC;oBACH,MAAM;YACV,CAAC;YAED,MAAM,KAAK,GAAiB;gBAC1B,EAAE,EAAE,UAAU,EAAE;gBAChB,SAAS,EAAE,GAAG;gBACd,SAAS;gBACT,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK;gBACL,UAAU;gBACV,IAAI;gBACJ,SAAS;gBACT,UAAU,EAAE,CAAC;gBACb,iBAAiB;aAClB,CAAC;YAEF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAEtB,OAAO,KAAK,CAAC;QACf,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACvB,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,KAAK,CAAC,UAAU,CAAC,OAAwB,EAAE,SAAkB;QAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,2EAA2E;YAC3E,iEAAiE;YACjE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAClD,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;oBAC7C,IAAI,KAAK,IAAI,CAAC,CAAC,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;wBAChE,MAAM,CAAC,KAAK,CAAC,8CAA8C,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;wBACrG,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;oBAClC,CAAC;oBACD,sDAAsD;oBACtD,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAEpD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAChD,CAAC;YAED,qDAAqD;YACrD,MAAM,aAAa,GAAiC;gBAClD,KAAK,EAAE,CAAC;gBACR,IAAI,EAAE,CAAC;gBACP,OAAO,EAAE,CAAC;gBACV,MAAM,EAAE,CAAC;aACV,CAAC;YAEF,sCAAsC;YACtC,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAC5B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAC1D,CAAC;YAEF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IAAI,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;oBAC7C,qEAAqE;oBACrE,oDAAoD;oBACpD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;wBAC9C,4CAA4C;wBAC5C,SAAS;oBACX,CAAC;oBAED,+CAA+C;oBAC/C,MAAM,YAAY,GAAG,EAAE,GAAG,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;oBACpE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;oBAE7B,2DAA2D;oBAC3D,IAAI,SAAS,EAAE,CAAC;wBACd,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;oBACnF,CAAC;oBAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;gBAChD,CAAC;YACH,CAAC;YAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACtD,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACvB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,KAAmB,EACnB,OAAwB;QAExB,8DAA8D;QAC9D,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;YACpB,KAAK,OAAO;gBACV,mCAAmC;gBACnC,OAAO,CACL,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI;oBAC3B,KAAK,CAAC,UAAU,KAAK,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAClD,CAAC;YAEJ,KAAK,MAAM;gBACT,uBAAuB;gBACvB,OAAO,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC;YAErC,KAAK,SAAS;gBACZ,0BAA0B;gBAC1B,IAAI,CAAC,KAAK,CAAC,UAAU;oBAAE,OAAO,KAAK,CAAC;gBACpC,OAAO,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;YAEnD,KAAK,QAAQ;gBACX,8CAA8C;gBAC9C,OAAO,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,WAAW,CAAC,EAAU;QACpB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IAED;;;;;OAKG;IACH,cAAc,CAAC,MAAc;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QACtE,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,eAAe;QACb,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,MAAM,CAC/B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,GAAG,GAAG,CACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;IAC/B,CAAC;IAED;;;;OAIG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,KAAmB;QAC7B,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,mBAAmB;QACnB,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAE9B,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;YACpB,KAAK,OAAO;gBACV,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC;gBACpC,MAAM;YACR,KAAK,MAAM;gBACT,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC7B,MAAM;YACR,KAAK,SAAS;gBACZ,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,QAAQ;gBACX,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjB,MAAM;QACV,CAAC;QAED,SAAS;QACT,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACzD,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,CAAC;gBAC7C,KAAK,CAAC,IAAI,CAAC,KAAK,OAAO,cAAc,CAAC,CAAC;YACzC,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3B,CAAC;QAED,QAAQ;QACR,IAAI,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC5B,CAAC;IACH,CAAC;CACF"}

package/dist/session/signing.d.ts

@@ -0,0 +1,88 @@
+/**
+ * Session Grant Signing for Tollgate
+ *
+ * Provides HMAC-SHA256 signatures for session grants to detect
+ * unauthorized modification (anti-tampering).
+ *
+ * @module session/signing
+ */
+import type { SessionGrant } from './types.js';
+/**
+ * Configuration for session signing.
+ */
+export interface SigningConfig {
+    /** Secret key for HMAC signing */
+    secret: string;
+    /** Algorithm to use (default: sha256) */
+    algorithm?: string;
+}
+/**
+ * Result of signature verification.
+ */
+export interface VerificationResult {
+    /** Whether the signature is valid */
+    valid: boolean;
+    /** Reason if invalid */
+    reason?: string;
+}
+/**
+ * Compute HMAC-SHA256 signature for a session grant.
+ *
+ * The signature covers all security-critical fields:
+ * - id, server, scope, scopeValue, tool, expiresAt, createdAt
+ *
+ * @param grant - The session grant to sign
+ * @param secret - Secret key for HMAC
+ * @returns Hex-encoded signature
+ */
+export declare function signSessionGrant(grant: SessionGrant, secret: string): string;
+/**
+ * Verify the signature of a session grant.
+ *
+ * @param grant - The session grant to verify (must have signature field)
+ * @param secret - Secret key for HMAC
+ * @returns Verification result
+ */
+export declare function verifySessionGrant(grant: SessionGrant, secret: string): VerificationResult;
+/**
+ * Session signing manager with secret management.
+ */
+export declare class SessionSigner {
+    private secret;
+    private enabled;
+    constructor(secret?: string, enabled?: boolean);
+    /**
+     * Generate a cryptographically secure secret.
+     */
+    private generateSecret;
+    /**
+     * Sign a session grant and return a new grant with signature.
+     */
+    sign(grant: SessionGrant): SessionGrant;
+    /**
+     * Verify a session grant's signature.
+     */
+    verify(grant: SessionGrant): VerificationResult;
+    /**
+     * Check if signing is enabled.
+     */
+    isEnabled(): boolean;
+    /**
+     * Rotate the signing secret.
+     * Existing grants will fail verification after rotation.
+     */
+    rotateSecret(): void;
+}
+/**
+ * Get or create the global session signer.
+ */
+export declare function getSessionSigner(secret?: string): SessionSigner;
+/**
+ * Configure the global session signer.
+ */
+export declare function configureSessionSigner(secret: string, enabled?: boolean): void;
+/**
+ * Reset the global session signer.
+ */
+export declare function resetSessionSigner(): void;
+//# sourceMappingURL=signing.d.ts.map

package/dist/session/signing.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signing.d.ts","sourceRoot":"","sources":["../../src/session/signing.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAO/C;;GAEG;AACH,MAAM,WAAW,aAAa;IAC1B,kCAAkC;IAClC,MAAM,EAAE,MAAM,CAAC;IAEf,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,qCAAqC;IACrC,KAAK,EAAE,OAAO,CAAC;IAEf,wBAAwB;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;CACnB;AAMD;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAS5E;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,GAAG,kBAAkB,CAiC1F;AAwBD;;GAEG;AACH,qBAAa,aAAa;IACtB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,OAAO,CAAU;gBAEb,MAAM,CAAC,EAAE,MAAM,EAAE,OAAO,GAAE,OAAc;IAKpD;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACH,IAAI,CAAC,KAAK,EAAE,YAAY,GAAG,YAAY;IAWvC;;OAEG;IACH,MAAM,CAAC,KAAK,EAAE,YAAY,GAAG,kBAAkB;IAQ/C;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;;OAGG;IACH,YAAY,IAAI,IAAI;CAIvB;AAQD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,aAAa,CAK/D;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,GAAE,OAAc,GAAG,IAAI,CAEpF;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC"}

package/dist/session/signing.js

@@ -0,0 +1,166 @@
+/**
+ * Session Grant Signing for Tollgate
+ *
+ * Provides HMAC-SHA256 signatures for session grants to detect
+ * unauthorized modification (anti-tampering).
+ *
+ * @module session/signing
+ */
+import { createHmac, randomBytes, timingSafeEqual } from 'node:crypto';
+import { sessionLogger as logger } from '../utils/logger.js';
+// =============================================================================
+// Session Signing Implementation
+// =============================================================================
+/**
+ * Compute HMAC-SHA256 signature for a session grant.
+ *
+ * The signature covers all security-critical fields:
+ * - id, server, scope, scopeValue, tool, expiresAt, createdAt
+ *
+ * @param grant - The session grant to sign
+ * @param secret - Secret key for HMAC
+ * @returns Hex-encoded signature
+ */
+export function signSessionGrant(grant, secret) {
+    if (!secret || secret.length < 16) {
+        throw new Error('Session signing secret must be at least 16 characters');
+    }
+    const data = buildSignatureData(grant);
+    const hmac = createHmac('sha256', secret);
+    hmac.update(data);
+    return hmac.digest('hex');
+}
+/**
+ * Verify the signature of a session grant.
+ *
+ * @param grant - The session grant to verify (must have signature field)
+ * @param secret - Secret key for HMAC
+ * @returns Verification result
+ */
+export function verifySessionGrant(grant, secret) {
+    if (!grant.signature) {
+        return { valid: false, reason: 'No signature present' };
+    }
+    if (!secret || secret.length < 16) {
+        return { valid: false, reason: 'Invalid signing secret' };
+    }
+    try {
+        const expectedSignature = signSessionGrant(grant, secret);
+        // Use timing-safe comparison to prevent timing attacks
+        const sig1 = Buffer.from(grant.signature, 'hex');
+        const sig2 = Buffer.from(expectedSignature, 'hex');
+        if (sig1.length !== sig2.length) {
+            return { valid: false, reason: 'Signature length mismatch' };
+        }
+        if (!timingSafeEqual(sig1, sig2)) {
+            logger.warn('Session grant signature verification failed', {
+                grantId: grant.id,
+                server: grant.server,
+            });
+            return { valid: false, reason: 'Signature mismatch - possible tampering' };
+        }
+        return { valid: true };
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : 'Unknown error';
+        return { valid: false, reason: `Verification error: ${message}` };
+    }
+}
+/**
+ * Build the data string for signature computation.
+ * Ensures deterministic ordering of fields.
+ */
+function buildSignatureData(grant) {
+    const parts = [
+        `id:${grant.id}`,
+        `server:${grant.server}`,
+        `scope:${grant.scope}`,
+        `scopeValue:${grant.scopeValue ?? ''}`,
+        `tool:${grant.tool ?? ''}`,
+        `createdAt:${grant.createdAt.toISOString()}`,
+        `expiresAt:${grant.expiresAt?.toISOString() ?? 'null'}`,
+        `grantedBy:${grant.grantedBy}`,
+    ];
+    return parts.join('|');
+}
+// =============================================================================
+// Signing Manager
+// =============================================================================
+/**
+ * Session signing manager with secret management.
+ */
+export class SessionSigner {
+    secret;
+    enabled;
+    constructor(secret, enabled = true) {
+        this.secret = secret ?? this.generateSecret();
+        this.enabled = enabled;
+    }
+    /**
+     * Generate a cryptographically secure secret.
+     */
+    generateSecret() {
+        return randomBytes(32).toString('hex');
+    }
+    /**
+     * Sign a session grant and return a new grant with signature.
+     */
+    sign(grant) {
+        if (!this.enabled) {
+            return grant;
+        }
+        return {
+            ...grant,
+            signature: signSessionGrant(grant, this.secret),
+        };
+    }
+    /**
+     * Verify a session grant's signature.
+     */
+    verify(grant) {
+        if (!this.enabled) {
+            return { valid: true };
+        }
+        return verifySessionGrant(grant, this.secret);
+    }
+    /**
+     * Check if signing is enabled.
+     */
+    isEnabled() {
+        return this.enabled;
+    }
+    /**
+     * Rotate the signing secret.
+     * Existing grants will fail verification after rotation.
+     */
+    rotateSecret() {
+        this.secret = this.generateSecret();
+        logger.info('Session signing secret rotated');
+    }
+}
+// =============================================================================
+// Global Signer Instance
+// =============================================================================
+let globalSigner = null;
+/**
+ * Get or create the global session signer.
+ */
+export function getSessionSigner(secret) {
+    if (!globalSigner) {
+        globalSigner = new SessionSigner(secret);
+    }
+    return globalSigner;
+}
+/**
+ * Configure the global session signer.
+ */
+export function configureSessionSigner(secret, enabled = true) {
+    globalSigner = new SessionSigner(secret, enabled);
+}
+/**
+ * Reset the global session signer.
+ */
+export function resetSessionSigner() {
+    globalSigner = null;
+}
+//# sourceMappingURL=signing.js.map

package/dist/session/signing.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signing.js","sourceRoot":"","sources":["../../src/session/signing.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,OAAO,EAAE,aAAa,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAC;AA4B7D,gFAAgF;AAChF,iCAAiC;AACjC,gFAAgF;AAEhF;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAmB,EAAE,MAAc;IAChE,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,IAAI,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAClB,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,KAAmB,EAAE,MAAc;IAClE,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QACnB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC;IAC5D,CAAC;IAED,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC;QACD,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAE1D,uDAAuD;QACvD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAEnD,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;QACjE,CAAC;QAED,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBACvD,OAAO,EAAE,KAAK,CAAC,EAAE;gBACjB,MAAM,EAAE,KAAK,CAAC,MAAM;aACvB,CAAC,CAAC;YACH,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,yCAAyC,EAAE,CAAC;QAC/E,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;QACzE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,OAAO,EAAE,EAAE,CAAC;IACtE,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,KAAmB;IAC3C,MAAM,KAAK,GAAG;QACV,MAAM,KAAK,CAAC,EAAE,EAAE;QAChB,UAAU,KAAK,CAAC,MAAM,EAAE;QACxB,SAAS,KAAK,CAAC,KAAK,EAAE;QACtB,cAAc,KAAK,CAAC,UAAU,IAAI,EAAE,EAAE;QACtC,QAAQ,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;QAC1B,aAAa,KAAK,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE;QAC5C,aAAa,KAAK,CAAC,SAAS,EAAE,WAAW,EAAE,IAAI,MAAM,EAAE;QACvD,aAAa,KAAK,CAAC,SAAS,EAAE;KACjC,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC3B,CAAC;AAED,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,OAAO,aAAa;IACd,MAAM,CAAS;IACf,OAAO,CAAU;IAEzB,YAAY,MAAe,EAAE,UAAmB,IAAI;QAChD,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QAC9C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,cAAc;QAClB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,IAAI,CAAC,KAAmB;QACpB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAChB,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,OAAO;YACH,GAAG,KAAK;YACR,SAAS,EAAE,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC;SAClD,CAAC;IACN,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAmB;QACtB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAChB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,SAAS;QACL,OAAO,IAAI,CAAC,OAAO,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,YAAY;QACR,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QACpC,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAClD,CAAC;CACJ;AAED,gFAAgF;AAChF,yBAAyB;AACzB,gFAAgF;AAEhF,IAAI,YAAY,GAAyB,IAAI,CAAC;AAE9C;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAe;IAC5C,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,YAAY,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,YAAY,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAc,EAAE,UAAmB,IAAI;IAC1E,YAAY,GAAG,IAAI,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAC9B,YAAY,GAAG,IAAI,CAAC;AACxB,CAAC"}

package/dist/session/types.d.ts

@@ -77,6 +77,8 @@ export interface SessionGrant {
     usageCount: number;
     /** Original request that triggered this grant (for audit) */
     readonly originalRequestId?: string;
+    /** HMAC-SHA256 signature for tampering detection (added in v0.2.4) */
+    signature?: string;
 }
 /**
  * Input for creating a new session grant.

package/dist/session/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/session/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE1D;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEnE;;;GAGG;AACH,MAAM,MAAM,eAAe,GACvB,MAAM,GACN,MAAM,GACN,OAAO,GACP,OAAO,GACP,SAAS,CAAC;AAEd;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,eAAe,GAAG,MAAM,CAatE;AAED;;;;;GAKG;AACH,MAAM,WAAW,YAAY;IAC3B,uCAAuC;IACvC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB,iCAAiC;IACjC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC;IAEzB,uDAAuD;IACvD,QAAQ,CAAC,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;IAEhC,mCAAmC;IACnC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAExB,yBAAyB;IACzB,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAE7B;;;;;;OAMG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAE7B,gDAAgD;IAChD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAEvB,iCAAiC;IACjC,QAAQ,CAAC,SAAS,EAAE,UAAU,GAAG,SAAS,GAAG,KAAK,CAAC;IAEnD,+CAA+C;IAC/C,UAAU,EAAE,MAAM,CAAC;IAEnB,6DAA6D;IAC7D,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,oDAAoD;IACpD,OAAO,EAAE,eAAe,CAAC;IAEzB,yBAAyB;IACzB,KAAK,EAAE,YAAY,CAAC;IAEpB,4BAA4B;IAC5B,QAAQ,EAAE,eAAe,CAAC;IAE1B,gCAAgC;IAChC,SAAS,EAAE,UAAU,GAAG,SAAS,GAAG,KAAK,CAAC;IAE1C,kCAAkC;IAClC,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,8DAA8D;IAC9D,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,mCAAmC;IACnC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAE1B,mDAAmD;IACnD,QAAQ,CAAC,KAAK,CAAC,EAAE,YAAY,CAAC;IAE9B,4CAA4C;IAC5C,QAAQ,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,gBAAgB,CAAC;CAC7D;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAE5B;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC;;;OAGG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,sBAAsB,EAAE,QAAQ,CAAC,mBAAmB,CAMhE,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,0BAA0B;IAC1B,YAAY,EAAE,MAAM,CAAC;IAErB,sBAAsB;IACtB,aAAa,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAE5C,8CAA8C;IAC9C,UAAU,EAAE,MAAM,CAAC;IAEnB,4CAA4C;IAC5C,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,wBAAwB;IACxB,GAAG,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;IAE/B,wBAAwB;IACxB,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS,CAAC;IAE1C,6CAA6C;IAC7C,YAAY,CAAC,OAAO,EAAE,eAAe,GAAG,YAAY,EAAE,CAAC;IAEvD,qBAAqB;IACrB,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC;IAE5B,gCAAgC;IAChC,YAAY,IAAI,MAAM,CAAC;IAEvB,4BAA4B;IAC5B,MAAM,IAAI,YAAY,EAAE,CAAC;IAEzB,uBAAuB;IACvB,KAAK,IAAI,IAAI,CAAC;IAEd,qBAAqB;IACrB,QAAQ,IAAI,YAAY,CAAC;CAC1B"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/session/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAE1D;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEnE;;;GAGG;AACH,MAAM,MAAM,eAAe,GACvB,MAAM,GACN,MAAM,GACN,OAAO,GACP,OAAO,GACP,SAAS,CAAC;AAEd;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,eAAe,GAAG,MAAM,CAatE;AAED;;;;;GAKG;AACH,MAAM,WAAW,YAAY;IAC3B,uCAAuC;IACvC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB,iCAAiC;IACjC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC;IAEzB,uDAAuD;IACvD,QAAQ,CAAC,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;IAEhC,mCAAmC;IACnC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAExB,yBAAyB;IACzB,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAE7B;;;;;;OAMG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAE7B,gDAAgD;IAChD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAEvB,iCAAiC;IACjC,QAAQ,CAAC,SAAS,EAAE,UAAU,GAAG,SAAS,GAAG,KAAK,CAAC;IAEnD,+CAA+C;IAC/C,UAAU,EAAE,MAAM,CAAC;IAEnB,6DAA6D;IAC7D,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAEpC,sEAAsE;IACtE,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,oDAAoD;IACpD,OAAO,EAAE,eAAe,CAAC;IAEzB,yBAAyB;IACzB,KAAK,EAAE,YAAY,CAAC;IAEpB,4BAA4B;IAC5B,QAAQ,EAAE,eAAe,CAAC;IAE1B,gCAAgC;IAChC,SAAS,EAAE,UAAU,GAAG,SAAS,GAAG,KAAK,CAAC;IAE1C,kCAAkC;IAClC,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,8DAA8D;IAC9D,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,mCAAmC;IACnC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAE1B,mDAAmD;IACnD,QAAQ,CAAC,KAAK,CAAC,EAAE,YAAY,CAAC;IAE9B,4CAA4C;IAC5C,QAAQ,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,gBAAgB,CAAC;CAC7D;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAE5B;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC;;;OAGG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,sBAAsB,EAAE,QAAQ,CAAC,mBAAmB,CAMhE,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,0BAA0B;IAC1B,YAAY,EAAE,MAAM,CAAC;IAErB,sBAAsB;IACtB,aAAa,EAAE,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAE5C,8CAA8C;IAC9C,UAAU,EAAE,MAAM,CAAC;IAEnB,4CAA4C;IAC5C,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,wBAAwB;IACxB,GAAG,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;IAE/B,wBAAwB;IACxB,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS,CAAC;IAE1C,6CAA6C;IAC7C,YAAY,CAAC,OAAO,EAAE,eAAe,GAAG,YAAY,EAAE,CAAC;IAEvD,qBAAqB;IACrB,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC;IAE5B,gCAAgC;IAChC,YAAY,IAAI,MAAM,CAAC;IAEvB,4BAA4B;IAC5B,MAAM,IAAI,YAAY,EAAE,CAAC;IAEzB,uBAAuB;IACvB,KAAK,IAAI,IAAI,CAAC;IAEd,qBAAqB;IACrB,QAAQ,IAAI,YAAY,CAAC;CAC1B"}

package/dist/session/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/session/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA0CH;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAyB;IAC5D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,MAAM;YACT,OAAO,CAAC,CAAC;QACX,KAAK,MAAM;YACT,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,KAAK,OAAO;YACV,OAAO,EAAE,GAAG,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,EAAE,GAAG,EAAE,CAAC;QACjB,KAAK,SAAS;YACZ,OAAO,CAAC,CAAC,CAAC,CAAC,yCAAyC;IACxD,CAAC;AACH,CAAC;AAuHD;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAkC;IACnE,aAAa,EAAE,IAAI;IACnB,YAAY,EAAE,MAAM;IACpB,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,aAAa;IAC9B,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC;IACtD,OAAO,EAAE,KAAK;CACf,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/session/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA0CH;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAyB;IAC5D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,MAAM;YACT,OAAO,CAAC,CAAC;QACX,KAAK,MAAM;YACT,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,KAAK,OAAO;YACV,OAAO,EAAE,GAAG,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,EAAE,GAAG,EAAE,CAAC;QACjB,KAAK,SAAS;YACZ,OAAO,CAAC,CAAC,CAAC,CAAC,yCAAyC;IACxD,CAAC;AACH,CAAC;AA0HD;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAkC;IACnE,aAAa,EAAE,IAAI;IACnB,YAAY,EAAE,MAAM;IACpB,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,aAAa;IAC9B,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC;IACtD,OAAO,EAAE,KAAK;CACf,CAAC"}

package/dist/utils/security-logger.d.ts

@@ -0,0 +1,146 @@
+/**
+ * Security Event Logger
+ *
+ * Provides structured logging for security-relevant events.
+ * Makes it easy to identify, filter, and alert on security issues.
+ *
+ * @module utils/security-logger
+ */
+/**
+ * Types of security events.
+ */
+export type SecurityEventType = 'prompt_injection' | 'ssrf_attempt' | 'credential_leak' | 'policy_bypass' | 'rate_limit_exceeded' | 'signature_mismatch' | 'audit_tampering' | 'privilege_escalation' | 'dangerous_command' | 'path_traversal';
+/**
+ * Severity levels for security events.
+ */
+export type SecuritySeverity = 'low' | 'medium' | 'high' | 'critical';
+/**
+ * A structured security event.
+ */
+export interface SecurityEvent {
+    /** Type of security event */
+    type: SecurityEventType;
+    /** Severity level */
+    severity: SecuritySeverity;
+    /** Human-readable message */
+    message: string;
+    /** Event timestamp */
+    timestamp: Date;
+    /** Context for the event */
+    context: SecurityEventContext;
+    /** Triggers that caused detection (patterns, rules, etc.) */
+    triggers?: string[];
+    /** Whether the event was blocked */
+    blocked: boolean;
+    /** Action taken */
+    action: 'blocked' | 'warned' | 'logged';
+}
+/**
+ * Context for a security event.
+ */
+export interface SecurityEventContext {
+    /** MCP server name (if applicable) */
+    server?: string;
+    /** Tool name (if applicable) */
+    tool?: string;
+    /** Source of the event (analyzer, policy, etc.) */
+    source: string;
+    /** Request ID for correlation */
+    requestId?: string;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Options for the security logger.
+ */
+export interface SecurityLoggerOptions {
+    /** Whether to log to console */
+    consoleOutput?: boolean;
+    /** Minimum severity to log */
+    minSeverity?: SecuritySeverity;
+    /** Custom event handler */
+    onEvent?: (event: SecurityEvent) => void;
+}
+/**
+ * Security event logger with structured output.
+ */
+export declare class SecurityLogger {
+    private options;
+    private eventHistory;
+    private maxHistorySize;
+    constructor(options?: SecurityLoggerOptions);
+    /**
+     * Log a security event.
+     */
+    log(type: SecurityEventType, severity: SecuritySeverity, message: string, context: Omit<SecurityEventContext, 'source'> & {
+        source?: string;
+    }, options?: {
+        triggers?: string[];
+        blocked?: boolean;
+        action?: 'blocked' | 'warned' | 'logged';
+    }): SecurityEvent;
+    /**
+     * Log to console with structured format.
+     */
+    private logToConsole;
+    /**
+     * Log a prompt injection detection.
+     */
+    promptInjection(context: SecurityEventContext, triggers: string[], blocked?: boolean): SecurityEvent;
+    /**
+     * Log an SSRF attempt.
+     */
+    ssrfAttempt(context: SecurityEventContext, url: string, reason: string): SecurityEvent;
+    /**
+     * Log a credential leak detection.
+     */
+    credentialLeak(context: SecurityEventContext, credentialTypes: string[], redacted?: boolean): SecurityEvent;
+    /**
+     * Log a rate limit exceeded event.
+     */
+    rateLimitExceeded(context: SecurityEventContext, key: string, limit: number): SecurityEvent;
+    /**
+     * Log a signature mismatch (tampering detection).
+     */
+    signatureMismatch(context: SecurityEventContext, itemType: 'session' | 'webhook' | 'audit'): SecurityEvent;
+    /**
+     * Log a dangerous command attempt.
+     */
+    dangerousCommand(context: SecurityEventContext, command: string, reason: string): SecurityEvent;
+    /**
+     * Log a path traversal attempt.
+     */
+    pathTraversal(context: SecurityEventContext, path: string): SecurityEvent;
+    /**
+     * Get recent security events.
+     */
+    getRecentEvents(limit?: number, severity?: SecuritySeverity): SecurityEvent[];
+    /**
+     * Get event counts by type.
+     */
+    getEventCounts(): Record<SecurityEventType, number>;
+    /**
+     * Clear event history.
+     */
+    clearHistory(): void;
+    /**
+     * Sanitize sensitive data for logging.
+     */
+    private sanitize;
+}
+/**
+ * Get the global security logger instance.
+ */
+export declare function getSecurityLogger(options?: SecurityLoggerOptions): SecurityLogger;
+/**
+ * Reset the global security logger.
+ */
+export declare function resetSecurityLogger(): void;
+/**
+ * Log a security event using the global logger.
+ */
+export declare function logSecurityEvent(type: SecurityEventType, severity: SecuritySeverity, message: string, context: SecurityEventContext, options?: {
+    triggers?: string[];
+    blocked?: boolean;
+}): SecurityEvent;
+//# sourceMappingURL=security-logger.d.ts.map

package/dist/utils/security-logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-logger.d.ts","sourceRoot":"","sources":["../../src/utils/security-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACvB,kBAAkB,GAClB,cAAc,GACd,iBAAiB,GACjB,eAAe,GACf,qBAAqB,GACrB,oBAAoB,GACpB,iBAAiB,GACjB,sBAAsB,GACtB,mBAAmB,GACnB,gBAAgB,CAAC;AAEvB;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAEtE;;GAEG;AACH,MAAM,WAAW,aAAa;IAC1B,6BAA6B;IAC7B,IAAI,EAAE,iBAAiB,CAAC;IAExB,qBAAqB;IACrB,QAAQ,EAAE,gBAAgB,CAAC;IAE3B,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAEhB,sBAAsB;IACtB,SAAS,EAAE,IAAI,CAAC;IAEhB,4BAA4B;IAC5B,OAAO,EAAE,oBAAoB,CAAC;IAE9B,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpB,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IAEjB,mBAAmB;IACnB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;CAC3C;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACjC,sCAAsC;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,gCAAgC;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;IAEf,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IAClC,gCAAgC;IAChC,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,8BAA8B;IAC9B,WAAW,CAAC,EAAE,gBAAgB,CAAC;IAE/B,2BAA2B;IAC3B,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,CAAC;CAC5C;AAkBD;;GAEG;AACH,qBAAa,cAAc;IACvB,OAAO,CAAC,OAAO,CAAkC;IACjD,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,cAAc,CAAgB;gBAE1B,OAAO,GAAE,qBAA0B;IAQ/C;;OAEG;IACH,GAAG,CACC,IAAI,EAAE,iBAAiB,EACvB,QAAQ,EAAE,gBAAgB,EAC1B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,IAAI,CAAC,oBAAoB,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,EACnE,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAA;KAAO,GACnG,aAAa;IAmChB;;OAEG;IACH,OAAO,CAAC,YAAY;IAgCpB;;OAEG;IACH,eAAe,CACX,OAAO,EAAE,oBAAoB,EAC7B,QAAQ,EAAE,MAAM,EAAE,EAClB,OAAO,GAAE,OAAc,GACxB,aAAa;IAUhB;;OAEG;IACH,WAAW,CACP,OAAO,EAAE,oBAAoB,EAC7B,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,GACf,aAAa;IAUhB;;OAEG;IACH,cAAc,CACV,OAAO,EAAE,oBAAoB,EAC7B,eAAe,EAAE,MAAM,EAAE,EACzB,QAAQ,GAAE,OAAc,GACzB,aAAa;IAUhB;;OAEG;IACH,iBAAiB,CACb,OAAO,EAAE,oBAAoB,EAC7B,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,MAAM,GACd,aAAa;IAUhB;;OAEG;IACH,iBAAiB,CACb,OAAO,EAAE,oBAAoB,EAC7B,QAAQ,EAAE,SAAS,GAAG,SAAS,GAAG,OAAO,GAC1C,aAAa;IAUhB;;OAEG;IACH,gBAAgB,CACZ,OAAO,EAAE,oBAAoB,EAC7B,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACf,aAAa;IAUhB;;OAEG;IACH,aAAa,CACT,OAAO,EAAE,oBAAoB,EAC7B,IAAI,EAAE,MAAM,GACb,aAAa;IAchB;;OAEG;IACH,eAAe,CAAC,KAAK,GAAE,MAAY,EAAE,QAAQ,CAAC,EAAE,gBAAgB,GAAG,aAAa,EAAE;IAWlF;;OAEG;IACH,cAAc,IAAI,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC;IAUnD;;OAEG;IACH,YAAY,IAAI,IAAI;IAQpB;;OAEG;IACH,OAAO,CAAC,QAAQ;CAkBnB;AAQD;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,cAAc,CAKjF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC5B,IAAI,EAAE,iBAAiB,EACvB,QAAQ,EAAE,gBAAgB,EAC1B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,oBAAoB,EAC7B,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,GACrD,aAAa,CAEf"}