@executor-js/sdk 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -29
- package/dist/api-errors.d.ts +10 -0
- package/dist/api-errors.d.ts.map +1 -0
- package/dist/blob.d.ts.map +1 -1
- package/dist/chunk-6SQWMOM4.js +51 -0
- package/dist/chunk-6SQWMOM4.js.map +1 -0
- package/dist/chunk-FPV6KONN.js +78 -0
- package/dist/chunk-FPV6KONN.js.map +1 -0
- package/dist/chunk-VLVPSIQ4.js +5532 -0
- package/dist/chunk-VLVPSIQ4.js.map +1 -0
- package/dist/client.d.ts +2 -5
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +12 -18
- package/dist/client.js.map +1 -1
- package/dist/connections.d.ts +7 -0
- package/dist/connections.d.ts.map +1 -1
- package/dist/core-schema.d.ts +83 -3
- package/dist/core-schema.d.ts.map +1 -1
- package/dist/core.js +92 -52
- package/dist/core.js.map +1 -1
- package/dist/credential-bindings.d.ts +173 -0
- package/dist/credential-bindings.d.ts.map +1 -0
- package/dist/credential-bindings.test.d.ts +2 -0
- package/dist/credential-bindings.test.d.ts.map +1 -0
- package/dist/errors.d.ts +27 -5
- package/dist/errors.d.ts.map +1 -1
- package/dist/executor.d.ts +47 -13
- package/dist/executor.d.ts.map +1 -1
- package/dist/hosted-http-client.d.ts +17 -0
- package/dist/hosted-http-client.d.ts.map +1 -0
- package/dist/hosted-http-client.test.d.ts +2 -0
- package/dist/hosted-http-client.test.d.ts.map +1 -0
- package/dist/ids.d.ts +2 -0
- package/dist/ids.d.ts.map +1 -1
- package/dist/index.d.ts +14 -9
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +16 -18
- package/dist/index.js.map +1 -1
- package/dist/oauth-discovery.d.ts +19 -4
- package/dist/oauth-discovery.d.ts.map +1 -1
- package/dist/oauth-helpers.d.ts +21 -0
- package/dist/oauth-helpers.d.ts.map +1 -1
- package/dist/oauth-popup-types.d.ts.map +1 -1
- package/dist/oauth-service.d.ts +16 -5
- package/dist/oauth-service.d.ts.map +1 -1
- package/dist/oauth.d.ts +19 -16
- package/dist/oauth.d.ts.map +1 -1
- package/dist/oxlint-plugin-executor.test.d.ts +2 -0
- package/dist/oxlint-plugin-executor.test.d.ts.map +1 -0
- package/dist/plugin.d.ts +59 -14
- package/dist/plugin.d.ts.map +1 -1
- package/dist/policies.d.ts +10 -15
- package/dist/policies.d.ts.map +1 -1
- package/dist/promise-executor.d.ts.map +1 -1
- package/dist/promise.d.ts +5 -3
- package/dist/promise.d.ts.map +1 -1
- package/dist/schema-types.d.ts.map +1 -1
- package/dist/scoped-adapter.d.ts +17 -2
- package/dist/scoped-adapter.d.ts.map +1 -1
- package/dist/secrets.d.ts +12 -0
- package/dist/secrets.d.ts.map +1 -1
- package/dist/test-config.d.ts +10 -0
- package/dist/test-config.d.ts.map +1 -0
- package/dist/testing.d.ts +30 -8
- package/dist/testing.d.ts.map +1 -1
- package/dist/testing.js +56 -0
- package/dist/testing.js.map +1 -0
- package/dist/types.d.ts +11 -3
- package/dist/types.d.ts.map +1 -1
- package/dist/usage-visibility.test.d.ts +2 -0
- package/dist/usage-visibility.test.d.ts.map +1 -0
- package/dist/usages.d.ts +20 -0
- package/dist/usages.d.ts.map +1 -0
- package/package.json +25 -14
- package/dist/chunk-2WV7VSNL.js +0 -4440
- package/dist/chunk-2WV7VSNL.js.map +0 -1
package/dist/ids.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ids.d.ts","sourceRoot":"","sources":["../src/ids.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,eAAO,MAAM,OAAO,wCAA8C,CAAC;AACnE,MAAM,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,IAAI,CAAC;AAE1C,eAAO,MAAM,MAAM,uCAA6C,CAAC;AACjE,MAAM,MAAM,MAAM,GAAG,OAAO,MAAM,CAAC,IAAI,CAAC;AAExC,eAAO,MAAM,QAAQ,yCAA+C,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,OAAO,QAAQ,CAAC,IAAI,CAAC;AAE5C,eAAO,MAAM,QAAQ,yCAA+C,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,OAAO,QAAQ,CAAC,IAAI,CAAC;AAE5C,eAAO,MAAM,YAAY,6CAAmD,CAAC;AAC7E,MAAM,MAAM,YAAY,GAAG,OAAO,YAAY,CAAC,IAAI,CAAC"}
|
|
1
|
+
{"version":3,"file":"ids.d.ts","sourceRoot":"","sources":["../src/ids.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,eAAO,MAAM,OAAO,wCAA8C,CAAC;AACnE,MAAM,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,IAAI,CAAC;AAE1C,eAAO,MAAM,MAAM,uCAA6C,CAAC;AACjE,MAAM,MAAM,MAAM,GAAG,OAAO,MAAM,CAAC,IAAI,CAAC;AAExC,eAAO,MAAM,QAAQ,yCAA+C,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,OAAO,QAAQ,CAAC,IAAI,CAAC;AAE5C,eAAO,MAAM,QAAQ,yCAA+C,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,OAAO,QAAQ,CAAC,IAAI,CAAC;AAE5C,eAAO,MAAM,YAAY,6CAAmD,CAAC;AAC7E,MAAM,MAAM,YAAY,GAAG,OAAO,YAAY,CAAC,IAAI,CAAC;AAEpD,eAAO,MAAM,mBAAmB,oDAA0D,CAAC;AAC3F,MAAM,MAAM,mBAAmB,GAAG,OAAO,mBAAmB,CAAC,IAAI,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -3,26 +3,31 @@ export { HttpApi, HttpApiBuilder, HttpApiClient, HttpApiEndpoint, HttpApiGroup,
|
|
|
3
3
|
export type { DBAdapter, DBSchema, DBFieldAttribute, DBFieldType, StorageFailure, TypedAdapter, Where, WhereOperator, } from "@executor-js/storage-core";
|
|
4
4
|
export { typedAdapter } from "@executor-js/storage-core";
|
|
5
5
|
export { StorageError, UniqueViolationError } from "@executor-js/storage-core";
|
|
6
|
-
export { ScopeId, ToolId, SecretId, PolicyId, ConnectionId } from "./ids";
|
|
6
|
+
export { ScopeId, ToolId, SecretId, PolicyId, ConnectionId, CredentialBindingId } from "./ids";
|
|
7
7
|
export { Scope } from "./scope";
|
|
8
|
-
export { ToolNotFoundError, ToolInvocationError, ToolBlockedError, NoHandlerError, SourceNotFoundError, SourceRemovalNotAllowedError, PluginNotLoadedError, SecretNotFoundError, SecretResolutionError, SecretOwnedByConnectionError, ConnectionNotFoundError, ConnectionProviderNotRegisteredError, ConnectionRefreshNotSupportedError, ConnectionReauthRequiredError, type ExecutorError, } from "./errors";
|
|
9
|
-
export { ToolSchema, SourceDetectionResult, type Source, type Tool, type ToolListFilter, } from "./types";
|
|
10
|
-
export { coreSchema, isToolPolicyAction, TOOL_POLICY_ACTIONS, type CoreSchema, type SourceInput, type SourceInputTool, type SourceRow, type ToolRow, type DefinitionRow, type SecretRow, type ConnectionRow, type ToolPolicyRow, type ToolPolicyAction, type DefinitionsInput, type ToolAnnotations, } from "./core-schema";
|
|
11
|
-
export { matchPattern, isValidPattern, resolveToolPolicy, resolveEffectivePolicy, effectivePolicyFromSorted, rowToToolPolicy, ToolPolicyActionSchema, type ToolPolicy, type CreateToolPolicyInput, type UpdateToolPolicyInput, type PolicyMatch, type EffectivePolicy, type PolicySource, } from "./policies";
|
|
12
|
-
export { SecretRef, SetSecretInput, type SecretProvider } from "./secrets";
|
|
8
|
+
export { ToolNotFoundError, ToolInvocationError, ToolBlockedError, NoHandlerError, SourceNotFoundError, SourceRemovalNotAllowedError, PluginNotLoadedError, SecretNotFoundError, SecretResolutionError, SecretOwnedByConnectionError, SecretInUseError, ConnectionNotFoundError, ConnectionProviderNotRegisteredError, ConnectionRefreshNotSupportedError, ConnectionReauthRequiredError, ConnectionInUseError, type ExecutorError, } from "./errors";
|
|
9
|
+
export { ToolSchema, SourceDetectionResult, type RefreshSourceInput, type RemoveSourceInput, type Source, type Tool, type ToolListFilter, } from "./types";
|
|
10
|
+
export { coreSchema, isToolPolicyAction, TOOL_POLICY_ACTIONS, type CoreSchema, type SourceInput, type SourceInputTool, type SourceRow, type ToolRow, type DefinitionRow, type SecretRow, type ConnectionRow, type CredentialBindingRow, type ToolPolicyRow, type ToolPolicyAction, type DefinitionsInput, type ToolAnnotations, } from "./core-schema";
|
|
11
|
+
export { matchPattern, isValidPattern, resolveToolPolicy, resolveEffectivePolicy, effectivePolicyFromSorted, rowToToolPolicy, ToolPolicyActionSchema, type ToolPolicy, type CreateToolPolicyInput, type UpdateToolPolicyInput, type RemoveToolPolicyInput, type PolicyMatch, type EffectivePolicy, type PolicySource, } from "./policies";
|
|
12
|
+
export { SecretRef, SetSecretInput, RemoveSecretInput, type SecretProvider } from "./secrets";
|
|
13
13
|
export { SecretBackedMap, SecretBackedValue, isSecretBackedRef, resolveSecretBackedMap, type ResolveSecretBackedMapOptions, } from "./secret-backed-value";
|
|
14
|
-
export {
|
|
14
|
+
export { CredentialBindingKind, CredentialBindingValue, ConfiguredCredentialBinding, ConfiguredCredentialValue, ConfiguredCredentialValueSchema, ScopedSecretCredentialInput, CredentialBindingRef, SetCredentialBindingInput, CredentialBindingSourceInput, CredentialBindingSlotInput, RemoveCredentialBindingInput, ReplaceCredentialBindingValue, ReplaceCredentialBindingsInput, CredentialBindingResolutionStatus, ResolvedCredentialSlot, credentialBindingId, credentialSlotKey, credentialSlotPart, credentialBindingRowToRef, credentialBindingValueFromRow, type CredentialBindingsFacade, } from "./credential-bindings";
|
|
15
|
+
export { Usage, type UsagesForSecretInput, type UsagesForConnectionInput } from "./usages";
|
|
16
|
+
export { ConnectionRef, ConnectionProviderState, CreateConnectionInput, RemoveConnectionInput, UpdateConnectionTokensInput, TokenMaterial, ConnectionRefreshError, type ConnectionProvider, type ConnectionRefreshInput, type ConnectionRefreshResult, } from "./connections";
|
|
15
17
|
export { FormElicitation, UrlElicitation, ElicitationAction, ElicitationResponse, ElicitationDeclinedError, type ElicitationRequest, type ElicitationHandler, type ElicitationContext, } from "./elicitation";
|
|
16
18
|
export { type BlobStore, type PluginBlobStore, pluginBlobStore, makeInMemoryBlobStore, } from "./blob";
|
|
17
19
|
export { type OAuthService, type OAuthStrategy, type OAuthDynamicDcrStrategy, type OAuthAuthorizationCodeStrategy, type OAuthClientCredentialsStrategy, type OAuthProviderState, type OAuthProbeInput, type OAuthProbeResult, type OAuthStartInput, type OAuthStartResult, type OAuthCompleteInput, type OAuthCompleteResult, OAuthProbeError, OAuthStartError, OAuthCompleteError, OAuthSessionNotFoundError, OAUTH2_PROVIDER_KEY, OAUTH2_SESSION_TTL_MS, OAuthStrategy as OAuthStrategySchema, OAuthProviderState as OAuthProviderStateSchema, OAuthDynamicDcrStrategy as OAuthDynamicDcrStrategySchema, OAuthAuthorizationCodeStrategy as OAuthAuthorizationCodeStrategySchema, OAuthClientCredentialsStrategy as OAuthClientCredentialsStrategySchema, } from "./oauth";
|
|
18
|
-
export { OAuth2Error, OAUTH2_DEFAULT_TIMEOUT_MS, OAUTH2_REFRESH_SKEW_MS, buildAuthorizationUrl, createPkceCodeChallenge, createPkceCodeVerifier, exchangeAuthorizationCode, exchangeClientCredentials, refreshAccessToken, shouldRefreshToken, type OAuth2TokenResponse, type BuildAuthorizationUrlInput, type ClientAuthMethod, type ExchangeAuthorizationCodeInput, type ExchangeClientCredentialsInput, type RefreshAccessTokenInput, } from "./oauth-helpers";
|
|
20
|
+
export { OAuth2Error, OAUTH2_DEFAULT_TIMEOUT_MS, OAUTH2_REFRESH_SKEW_MS, assertSupportedOAuthEndpointUrl, buildAuthorizationUrl, createPkceCodeChallenge, createPkceCodeVerifier, exchangeAuthorizationCode, exchangeClientCredentials, isSupportedOAuthEndpointUrl, refreshAccessToken, shouldRefreshToken, type OAuth2TokenResponse, type BuildAuthorizationUrlInput, type ClientAuthMethod, type ExchangeAuthorizationCodeInput, type ExchangeClientCredentialsInput, type RefreshAccessTokenInput, } from "./oauth-helpers";
|
|
19
21
|
export { makeOAuth2Service, type OAuthServiceDeps } from "./oauth-service";
|
|
22
|
+
export type { ScopedDBAdapter, ScopedTypedAdapter } from "./scoped-adapter";
|
|
23
|
+
export { HostedOutboundRequestBlocked, makeHostedHttpClientLayer, validateHostedOutboundUrl, type HostedHttpClientOptions, } from "./hosted-http-client";
|
|
20
24
|
export { OAuthDiscoveryError, OAuthAuthorizationServerMetadataSchema, OAuthClientInformationSchema, OAuthProtectedResourceMetadataSchema, beginDynamicAuthorization, discoverAuthorizationServerMetadata, discoverProtectedResourceMetadata, registerDynamicClient, type BeginDynamicAuthorizationInput, type DiscoveryRequestOptions, type DynamicAuthorizationState, type DynamicAuthorizationStartResult, type DynamicClientMetadata, type OAuthAuthorizationServerMetadata, type OAuthClientInformation, type OAuthProtectedResourceMetadata, type RegisterDynamicClientInput, } from "./oauth-discovery";
|
|
21
25
|
export { OAUTH_POPUP_MESSAGE_TYPE, type OAuthPopupResult, isOAuthPopupResult, } from "./oauth-popup-types";
|
|
22
26
|
export { type Plugin, type PluginSpec, type PluginCtx, type PluginExtensions, type ConfiguredPlugin, type AnyPlugin, type StorageDeps, type StaticSourceDecl, type StaticToolDecl, type StaticToolHandlerInput, type InvokeToolInput, type SourceLifecycleInput, type SecretListEntry, type Elicit, definePlugin, defineSchema, } from "./plugin";
|
|
23
27
|
export { type Executor, type ExecutorConfig, type OnElicitation, type InvokeOptions, createExecutor, collectSchemas, } from "./executor";
|
|
24
28
|
export { defineExecutorConfig, type ExecutorCliConfig, type ExecutorDialect, type ExecutorPluginsFactory, } from "./config";
|
|
25
|
-
export { makeTestConfig } from "./
|
|
29
|
+
export { makeTestConfig } from "./test-config";
|
|
26
30
|
export { hoistDefinitions, collectRefs, reattachDefs, normalizeRefs } from "./schema-refs";
|
|
27
31
|
export { schemaToTypeScriptPreview, schemaToTypeScriptPreviewWithDefs, buildToolTypeScriptPreview, type TypeScriptRenderOptions, type TypeScriptSchemaPreview, } from "./schema-types";
|
|
32
|
+
export { InternalError } from "./api-errors";
|
|
28
33
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACtE,OAAO,EACL,OAAO,EACP,cAAc,EACd,aAAa,EACb,eAAe,EACf,YAAY,EACZ,iBAAiB,EACjB,aAAa,GACd,MAAM,yBAAyB,CAAC;AAKjC,YAAY,EACV,SAAS,EACT,QAAQ,EACR,gBAAgB,EAChB,WAAW,EACX,cAAc,EACd,YAAY,EACZ,KAAK,EACL,aAAa,GACd,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAIzD,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAG/E,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AACtE,OAAO,EACL,OAAO,EACP,cAAc,EACd,aAAa,EACb,eAAe,EACf,YAAY,EACZ,iBAAiB,EACjB,aAAa,GACd,MAAM,yBAAyB,CAAC;AAKjC,YAAY,EACV,SAAS,EACT,QAAQ,EACR,gBAAgB,EAChB,WAAW,EACX,cAAc,EACd,YAAY,EACZ,KAAK,EACL,aAAa,GACd,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAIzD,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAG/E,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,OAAO,CAAC;AAG/F,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAGhC,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EACnB,4BAA4B,EAC5B,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,EACrB,4BAA4B,EAC5B,gBAAgB,EAChB,uBAAuB,EACvB,oCAAoC,EACpC,kCAAkC,EAClC,6BAA6B,EAC7B,oBAAoB,EACpB,KAAK,aAAa,GACnB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,UAAU,EACV,qBAAqB,EACrB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,MAAM,EACX,KAAK,IAAI,EACT,KAAK,cAAc,GACpB,MAAM,SAAS,CAAC;AAGjB,OAAO,EACL,UAAU,EACV,kBAAkB,EAClB,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,SAAS,EACd,KAAK,OAAO,EACZ,KAAK,aAAa,EAClB,KAAK,SAAS,EACd,KAAK,aAAa,EAClB,KAAK,oBAAoB,EACzB,KAAK,aAAa,EAClB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,eAAe,GACrB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,sBAAsB,EACtB,yBAAyB,EACzB,eAAe,EACf,sBAAsB,EACtB,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,YAAY,GAClB,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,iBAAiB,EAAE,KAAK,cAAc,EAAE,MAAM,WAAW,CAAC;AAE9F,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,sBAAsB,EACtB,KAAK,6BAA6B,GACnC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,2BAA2B,EAC3B,yBAAyB,EACzB,+BAA+B,EAC/B,2BAA2B,EAC3B,oBAAoB,EACpB,yBAAyB,EACzB,4BAA4B,EAC5B,0BAA0B,EAC1B,4BAA4B,EAC5B,6BAA6B,EAC7B,8BAA8B,EAC9B,iCAAiC,EACjC,sBAAsB,EACtB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,yBAAyB,EACzB,6BAA6B,EAC7B,KAAK,wBAAwB,GAC9B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,KAAK,EAAE,KAAK,oBAAoB,EAAE,KAAK,wBAAwB,EAAE,MAAM,UAAU,CAAC;AAG3F,OAAO,EACL,aAAa,EACb,uBAAuB,EACvB,qBAAqB,EACrB,qBAAqB,EACrB,2BAA2B,EAC3B,aAAa,EACb,sBAAsB,EACtB,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,mBAAmB,EACnB,wBAAwB,EACxB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,GACxB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,KAAK,SAAS,EACd,KAAK,eAAe,EACpB,eAAe,EACf,qBAAqB,GACtB,MAAM,QAAQ,CAAC;AAGhB,OAAO,EACL,KAAK,YAAY,EACjB,KAAK,aAAa,EAClB,KAAK,uBAAuB,EAC5B,KAAK,8BAA8B,EACnC,KAAK,8BAA8B,EACnC,KAAK,kBAAkB,EACvB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,qBAAqB,EACrB,aAAa,IAAI,mBAAmB,EACpC,kBAAkB,IAAI,wBAAwB,EAC9C,uBAAuB,IAAI,6BAA6B,EACxD,8BAA8B,IAAI,oCAAoC,EACtE,8BAA8B,IAAI,oCAAoC,GACvE,MAAM,SAAS,CAAC;AAEjB,OAAO,EACL,WAAW,EACX,yBAAyB,EACzB,sBAAsB,EACtB,+BAA+B,EAC/B,qBAAqB,EACrB,uBAAuB,EACvB,sBAAsB,EACtB,yBAAyB,EACzB,yBAAyB,EACzB,2BAA2B,EAC3B,kBAAkB,EAClB,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,KAAK,0BAA0B,EAC/B,KAAK,gBAAgB,EACrB,KAAK,8BAA8B,EACnC,KAAK,8BAA8B,EACnC,KAAK,uBAAuB,GAC7B,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,iBAAiB,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAC3E,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAE5E,OAAO,EACL,4BAA4B,EAC5B,yBAAyB,EACzB,yBAAyB,EACzB,KAAK,uBAAuB,GAC7B,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,mBAAmB,EACnB,sCAAsC,EACtC,4BAA4B,EAC5B,oCAAoC,EACpC,yBAAyB,EACzB,mCAAmC,EACnC,iCAAiC,EACjC,qBAAqB,EACrB,KAAK,8BAA8B,EACnC,KAAK,uBAAuB,EAC5B,KAAK,yBAAyB,EAC9B,KAAK,+BAA+B,EACpC,KAAK,qBAAqB,EAC1B,KAAK,gCAAgC,EACrC,KAAK,sBAAsB,EAC3B,KAAK,8BAA8B,EACnC,KAAK,0BAA0B,GAChC,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,wBAAwB,EACxB,KAAK,gBAAgB,EACrB,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,SAAS,EACd,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,SAAS,EACd,KAAK,WAAW,EAChB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACpB,KAAK,oBAAoB,EACzB,KAAK,eAAe,EACpB,KAAK,MAAM,EACX,YAAY,EACZ,YAAY,GACb,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,cAAc,EACd,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,oBAAoB,EACpB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,sBAAsB,GAC5B,MAAM,UAAU,CAAC;AAGlB,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAG/C,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAG3F,OAAO,EACL,yBAAyB,EACzB,iCAAiC,EACjC,0BAA0B,EAC1B,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,GAC7B,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
import {
|
|
2
|
+
SecretBackedMap,
|
|
3
|
+
SecretBackedValue,
|
|
4
|
+
defineExecutorConfig,
|
|
5
|
+
isSecretBackedRef,
|
|
6
|
+
resolveSecretBackedMap
|
|
7
|
+
} from "./chunk-6SQWMOM4.js";
|
|
1
8
|
import {
|
|
2
9
|
ElicitationAction,
|
|
3
10
|
ElicitationResponse,
|
|
@@ -5,10 +12,10 @@ import {
|
|
|
5
12
|
NoHandlerError,
|
|
6
13
|
PluginNotLoadedError,
|
|
7
14
|
PolicyId,
|
|
15
|
+
RemoveConnectionInput,
|
|
16
|
+
RemoveSecretInput,
|
|
8
17
|
Scope,
|
|
9
18
|
ScopeId,
|
|
10
|
-
SecretBackedMap,
|
|
11
|
-
SecretBackedValue,
|
|
12
19
|
SecretId,
|
|
13
20
|
SecretNotFoundError,
|
|
14
21
|
SecretRef,
|
|
@@ -24,11 +31,8 @@ import {
|
|
|
24
31
|
UrlElicitation,
|
|
25
32
|
collectSchemas,
|
|
26
33
|
createExecutor,
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
makeInMemoryBlobStore,
|
|
30
|
-
resolveSecretBackedMap
|
|
31
|
-
} from "./chunk-2WV7VSNL.js";
|
|
34
|
+
makeInMemoryBlobStore
|
|
35
|
+
} from "./chunk-VLVPSIQ4.js";
|
|
32
36
|
|
|
33
37
|
// src/promise-executor.ts
|
|
34
38
|
import { Effect } from "effect";
|
|
@@ -37,10 +41,7 @@ var isPlainObject = (v) => v !== null && typeof v === "object" && !Array.isArray
|
|
|
37
41
|
var promisifyDeep = (value) => {
|
|
38
42
|
if (typeof value === "function") {
|
|
39
43
|
return ((...args) => {
|
|
40
|
-
const result = value.apply(
|
|
41
|
-
void 0,
|
|
42
|
-
args
|
|
43
|
-
);
|
|
44
|
+
const result = value.apply(void 0, args);
|
|
44
45
|
if (Effect.isEffect(result)) {
|
|
45
46
|
return Effect.runPromise(result);
|
|
46
47
|
}
|
|
@@ -53,10 +54,7 @@ var promisifyDeep = (value) => {
|
|
|
53
54
|
const v = Reflect.get(target, prop, receiver);
|
|
54
55
|
if (typeof v === "function") {
|
|
55
56
|
return (...args) => {
|
|
56
|
-
const result = v.apply(
|
|
57
|
-
target,
|
|
58
|
-
args
|
|
59
|
-
);
|
|
57
|
+
const result = v.apply(target, args);
|
|
60
58
|
if (Effect.isEffect(result)) {
|
|
61
59
|
return Effect.runPromise(result);
|
|
62
60
|
}
|
|
@@ -91,9 +89,7 @@ var createExecutor2 = async (config) => {
|
|
|
91
89
|
plugins,
|
|
92
90
|
onElicitation: config.onElicitation
|
|
93
91
|
};
|
|
94
|
-
const effectExecutor = await Effect.runPromise(
|
|
95
|
-
createExecutor(effectConfig)
|
|
96
|
-
);
|
|
92
|
+
const effectExecutor = await Effect.runPromise(createExecutor(effectConfig));
|
|
97
93
|
return promisifyDeep(effectExecutor);
|
|
98
94
|
};
|
|
99
95
|
export {
|
|
@@ -103,6 +99,8 @@ export {
|
|
|
103
99
|
NoHandlerError,
|
|
104
100
|
PluginNotLoadedError,
|
|
105
101
|
PolicyId,
|
|
102
|
+
RemoveConnectionInput,
|
|
103
|
+
RemoveSecretInput,
|
|
106
104
|
Scope,
|
|
107
105
|
ScopeId,
|
|
108
106
|
SecretBackedMap,
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/promise-executor.ts"],"sourcesContent":["// ---------------------------------------------------------------------------\n// @executor-js/sdk/promise — thin Promise façade over the Effect SDK.\n//\n// Consumer goal: use executors + plugins without touching Effect. The\n// façade wraps `createExecutor` so it returns a Promise, and proxies\n// every method on the returned executor to unwrap its Effect into a\n// Promise. Plugin factories are Effect-native but consumers never see\n// that — the proxy flattens plugin extension methods too.\n//\n// Not a goal: authoring plugins in Promise style. The plugin model\n// (storage, schema, staticSources, Effect ctx) is Effect-only. Bring\n// your own `@executor-js/plugin-*` from the Effect side.\n// ---------------------------------------------------------------------------\n\nimport { Brand, Effect } from \"effect\";\n\nimport { makeMemoryAdapter } from \"@executor-js/storage-core/testing/memory\";\n\nimport { makeInMemoryBlobStore } from \"./blob\";\nimport {\n createExecutor as createEffectExecutor,\n collectSchemas,\n type Executor as EffectExecutor,\n type OnElicitation,\n} from \"./executor\";\nimport { ScopeId } from \"./ids\";\nimport type { AnyPlugin } from \"./plugin\";\nimport { Scope } from \"./scope\";\n\n// ---------------------------------------------------------------------------\n// Types\n//\n// Promise consumers shouldn't need to construct Effect `Brand`s to call into\n// the executor — branded ids (`SecretId`, `ScopeId`, `ToolId`, `PolicyId`,\n// `ConnectionId`) are typed as `string & Brand<...>` on the Effect side, but\n// at runtime they're plain strings. `Unbrand` strips brand tags from\n// parameter types (recursively, so it walks into object fields like\n// `secrets.set({ id, scope })`) so consumers can pass plain strings. Return\n// types are passed through unchanged — caller code that reads `.id` etc.\n// off a returned ref still gets the branded type for use as an opaque token.\n// ---------------------------------------------------------------------------\n\ntype Unbrand<T>
|
|
1
|
+
{"version":3,"sources":["../src/promise-executor.ts"],"sourcesContent":["// ---------------------------------------------------------------------------\n// @executor-js/sdk/promise — thin Promise façade over the Effect SDK.\n//\n// Consumer goal: use executors + plugins without touching Effect. The\n// façade wraps `createExecutor` so it returns a Promise, and proxies\n// every method on the returned executor to unwrap its Effect into a\n// Promise. Plugin factories are Effect-native but consumers never see\n// that — the proxy flattens plugin extension methods too.\n//\n// Not a goal: authoring plugins in Promise style. The plugin model\n// (storage, schema, staticSources, Effect ctx) is Effect-only. Bring\n// your own `@executor-js/plugin-*` from the Effect side.\n// ---------------------------------------------------------------------------\n\nimport { Brand, Effect } from \"effect\";\n\nimport { makeMemoryAdapter } from \"@executor-js/storage-core/testing/memory\";\n\nimport { makeInMemoryBlobStore } from \"./blob\";\nimport {\n createExecutor as createEffectExecutor,\n collectSchemas,\n type Executor as EffectExecutor,\n type OnElicitation,\n} from \"./executor\";\nimport { ScopeId } from \"./ids\";\nimport type { AnyPlugin } from \"./plugin\";\nimport { Scope } from \"./scope\";\n\n// ---------------------------------------------------------------------------\n// Types\n//\n// Promise consumers shouldn't need to construct Effect `Brand`s to call into\n// the executor — branded ids (`SecretId`, `ScopeId`, `ToolId`, `PolicyId`,\n// `ConnectionId`) are typed as `string & Brand<...>` on the Effect side, but\n// at runtime they're plain strings. `Unbrand` strips brand tags from\n// parameter types (recursively, so it walks into object fields like\n// `secrets.set({ id, scope })`) so consumers can pass plain strings. Return\n// types are passed through unchanged — caller code that reads `.id` etc.\n// off a returned ref still gets the branded type for use as an opaque token.\n// ---------------------------------------------------------------------------\n\ntype Unbrand<T> =\n T extends Brand.Brand<string>\n ? string\n : T extends readonly (infer U)[]\n ? readonly Unbrand<U>[]\n : T extends ReadonlyMap<infer K, infer V>\n ? ReadonlyMap<Unbrand<K>, Unbrand<V>>\n : T extends ReadonlySet<infer U>\n ? ReadonlySet<Unbrand<U>>\n : T extends Date\n ? T\n : T extends (...args: infer A) => infer R\n ? (...args: { [I in keyof A]: Unbrand<A[I]> }) => Unbrand<R>\n : T extends object\n ? { readonly [K in keyof T]: Unbrand<T[K]> }\n : T;\n\nexport type Promisified<T> = T extends (...args: infer A) => Effect.Effect<infer R, infer _E>\n ? (...args: { [I in keyof A]: Unbrand<A[I]> }) => Promise<R>\n : T extends readonly unknown[]\n ? T\n : T extends object\n ? { readonly [K in keyof T]: Promisified<T[K]> }\n : T;\n\nexport type Executor<TPlugins extends readonly AnyPlugin[] = []> = Promisified<\n EffectExecutor<TPlugins>\n>;\n\nexport interface ExecutorConfig<TPlugins extends readonly AnyPlugin[] = []> {\n /**\n * Precedence-ordered scope stack (innermost first). Optional — defaults\n * to a single-element stack with id \"default-scope\". Pass an array of\n * `{ id, name }` partials to build a multi-scope executor.\n */\n readonly scopes?: readonly { readonly id?: string; readonly name?: string }[];\n readonly plugins?: TPlugins;\n /**\n * How to respond when a tool requests user input mid-invocation. Pass\n * `\"accept-all\"` for tests / non-interactive hosts, or a handler\n * `(ctx) => Promise<ElicitationResponse>` for interactive ones.\n * Required at construction so per-invoke calls don't have to thread\n * an options arg.\n */\n readonly onElicitation: OnElicitation;\n}\n\n// ---------------------------------------------------------------------------\n// Promisify proxy — walks nested objects, converts Effect-returning methods\n// into Promise-returning methods. Non-Effect return values pass through.\n// ---------------------------------------------------------------------------\n\nconst isPlainObject = (v: unknown): v is Record<string | symbol, unknown> =>\n v !== null &&\n typeof v === \"object\" &&\n !Array.isArray(v) &&\n !(v instanceof Date) &&\n !(v instanceof Promise);\n\nconst promisifyDeep = <T>(value: T): Promisified<T> => {\n if (typeof value === \"function\") {\n return ((...args: unknown[]) => {\n const result = (value as (...a: unknown[]) => unknown).apply(undefined, args);\n if (Effect.isEffect(result)) {\n return Effect.runPromise(result as Effect.Effect<unknown, unknown>);\n }\n return result;\n }) as Promisified<T>;\n }\n\n if (!isPlainObject(value)) return value as Promisified<T>;\n\n return new Proxy(value, {\n get(target, prop, receiver) {\n const v = Reflect.get(target, prop, receiver);\n if (typeof v === \"function\") {\n return (...args: unknown[]) => {\n const result = (v as (...a: unknown[]) => unknown).apply(target, args);\n if (Effect.isEffect(result)) {\n return Effect.runPromise(result as Effect.Effect<unknown, unknown>);\n }\n return result;\n };\n }\n if (isPlainObject(v)) return promisifyDeep(v);\n return v;\n },\n }) as Promisified<T>;\n};\n\n// ---------------------------------------------------------------------------\n// createExecutor — Promise wrapper over the Effect createExecutor.\n// Defaults to an in-memory adapter + blob store, so a consumer can\n// construct an executor with just `{ plugins: [...] }`.\n// ---------------------------------------------------------------------------\n\nexport const createExecutor = async <const TPlugins extends readonly AnyPlugin[] = []>(\n config: ExecutorConfig<TPlugins>,\n): Promise<Executor<TPlugins>> => {\n const plugins = (config?.plugins ?? []) as TPlugins;\n const schema = collectSchemas(plugins);\n\n const scopes =\n config.scopes && config.scopes.length > 0\n ? config.scopes.map(\n (s, i) =>\n new Scope({\n id: ScopeId.make(s.id ?? (i === 0 ? \"default-scope\" : `scope-${i}`)),\n name: s.name ?? (i === 0 ? \"default\" : `scope-${i}`),\n createdAt: new Date(),\n }),\n )\n : [\n new Scope({\n id: ScopeId.make(\"default-scope\"),\n name: \"default\",\n createdAt: new Date(),\n }),\n ];\n\n const effectConfig = {\n scopes,\n adapter: makeMemoryAdapter({ schema }),\n blobs: makeInMemoryBlobStore(),\n plugins,\n onElicitation: config.onElicitation,\n };\n\n // The SDK has no observability requirement; storage failures surface\n // as raw `StorageError` / `UniqueViolationError` in the typed channel.\n // `Effect.runPromise` turns them into Promise rejections — consumers\n // get the tagged error as the rejected value. See\n // notes/promise-sdk-typed-errors.md for the planned `runPromiseExit`\n // rewrite that exposes the full error union to consumers.\n const effectExecutor = await Effect.runPromise(createEffectExecutor(effectConfig));\n\n return promisifyDeep(effectExecutor) as Executor<TPlugins>;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAcA,SAAgB,cAAc;AAE9B,SAAS,yBAAyB;AA8ElC,IAAM,gBAAgB,CAAC,MACrB,MAAM,QACN,OAAO,MAAM,YACb,CAAC,MAAM,QAAQ,CAAC,KAChB,EAAE,aAAa,SACf,EAAE,aAAa;AAEjB,IAAM,gBAAgB,CAAI,UAA6B;AACrD,MAAI,OAAO,UAAU,YAAY;AAC/B,YAAQ,IAAI,SAAoB;AAC9B,YAAM,SAAU,MAAuC,MAAM,QAAW,IAAI;AAC5E,UAAI,OAAO,SAAS,MAAM,GAAG;AAC3B,eAAO,OAAO,WAAW,MAAyC;AAAA,MACpE;AACA,aAAO;AAAA,IACT;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,KAAK,EAAG,QAAO;AAElC,SAAO,IAAI,MAAM,OAAO;AAAA,IACtB,IAAI,QAAQ,MAAM,UAAU;AAC1B,YAAM,IAAI,QAAQ,IAAI,QAAQ,MAAM,QAAQ;AAC5C,UAAI,OAAO,MAAM,YAAY;AAC3B,eAAO,IAAI,SAAoB;AAC7B,gBAAM,SAAU,EAAmC,MAAM,QAAQ,IAAI;AACrE,cAAI,OAAO,SAAS,MAAM,GAAG;AAC3B,mBAAO,OAAO,WAAW,MAAyC;AAAA,UACpE;AACA,iBAAO;AAAA,QACT;AAAA,MACF;AACA,UAAI,cAAc,CAAC,EAAG,QAAO,cAAc,CAAC;AAC5C,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AACH;AAQO,IAAMA,kBAAiB,OAC5B,WACgC;AAChC,QAAM,UAAW,QAAQ,WAAW,CAAC;AACrC,QAAM,SAAS,eAAe,OAAO;AAErC,QAAM,SACJ,OAAO,UAAU,OAAO,OAAO,SAAS,IACpC,OAAO,OAAO;AAAA,IACZ,CAAC,GAAG,MACF,IAAI,MAAM;AAAA,MACR,IAAI,QAAQ,KAAK,EAAE,OAAO,MAAM,IAAI,kBAAkB,SAAS,CAAC,GAAG;AAAA,MACnE,MAAM,EAAE,SAAS,MAAM,IAAI,YAAY,SAAS,CAAC;AAAA,MACjD,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACL,IACA;AAAA,IACE,IAAI,MAAM;AAAA,MACR,IAAI,QAAQ,KAAK,eAAe;AAAA,MAChC,MAAM;AAAA,MACN,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH;AAEN,QAAM,eAAe;AAAA,IACnB;AAAA,IACA,SAAS,kBAAkB,EAAE,OAAO,CAAC;AAAA,IACrC,OAAO,sBAAsB;AAAA,IAC7B;AAAA,IACA,eAAe,OAAO;AAAA,EACxB;AAQA,QAAM,iBAAiB,MAAM,OAAO,WAAW,eAAqB,YAAY,CAAC;AAEjF,SAAO,cAAc,cAAc;AACrC;","names":["createExecutor"]}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { Effect, Schema } from "effect";
|
|
2
|
-
import {
|
|
1
|
+
import { Effect, Layer, Schema } from "effect";
|
|
2
|
+
import { HttpClient } from "effect/unstable/http";
|
|
3
|
+
import { createPkceCodeChallenge, type OAuthEndpointUrlPolicy } from "./oauth-helpers";
|
|
3
4
|
declare const OAuthDiscoveryError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").VoidIfEmpty<{ readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }>) => import("effect/Cause").YieldableError & {
|
|
4
5
|
readonly _tag: "OAuthDiscoveryError";
|
|
5
6
|
} & Readonly<A>;
|
|
@@ -11,6 +12,12 @@ declare const OAuthDiscoveryError_base: new <A extends Record<string, any> = {}>
|
|
|
11
12
|
export declare class OAuthDiscoveryError extends OAuthDiscoveryError_base<{
|
|
12
13
|
readonly message: string;
|
|
13
14
|
readonly status?: number;
|
|
15
|
+
/** RFC 6749 §5.2 / RFC 7591 §3.2.2 error code, when the AS returned
|
|
16
|
+
* one (`invalid_client_metadata`, `invalid_redirect_uri`, ...). Lets
|
|
17
|
+
* the HTTP edge surface a structured error to the UI rather than
|
|
18
|
+
* swallow the AS's response into a generic message string. */
|
|
19
|
+
readonly error?: string;
|
|
20
|
+
readonly errorDescription?: string;
|
|
14
21
|
readonly cause?: unknown;
|
|
15
22
|
}> {
|
|
16
23
|
}
|
|
@@ -70,8 +77,8 @@ export declare const OAuthClientInformationSchema: Schema.Struct<{
|
|
|
70
77
|
}>;
|
|
71
78
|
export type OAuthClientInformation = typeof OAuthClientInformationSchema.Type;
|
|
72
79
|
export interface DiscoveryRequestOptions {
|
|
73
|
-
/** Injected for tests. Defaults to the
|
|
74
|
-
readonly
|
|
80
|
+
/** Injected for tests. Defaults to the platform fetch-backed HttpClient. */
|
|
81
|
+
readonly httpClientLayer?: Layer.Layer<HttpClient.HttpClient>;
|
|
75
82
|
/** Abort the request after this many ms. Default 20000. */
|
|
76
83
|
readonly timeoutMs?: number;
|
|
77
84
|
/** Send `MCP-Protocol-Version: <value>` on every request. Harmless
|
|
@@ -82,6 +89,7 @@ export interface DiscoveryRequestOptions {
|
|
|
82
89
|
* authorization-server metadata, DCR, authorization, or token calls. */
|
|
83
90
|
readonly resourceHeaders?: Readonly<Record<string, string>>;
|
|
84
91
|
readonly resourceQueryParams?: Readonly<Record<string, string>>;
|
|
92
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
85
93
|
}
|
|
86
94
|
export declare const discoverProtectedResourceMetadata: (resourceUrl: string, options?: DiscoveryRequestOptions) => Effect.Effect<{
|
|
87
95
|
readonly metadataUrl: string;
|
|
@@ -97,6 +105,7 @@ export interface RegisterDynamicClientInput {
|
|
|
97
105
|
readonly initialAccessToken?: string | null;
|
|
98
106
|
}
|
|
99
107
|
export declare const registerDynamicClient: (input: RegisterDynamicClientInput, options?: DiscoveryRequestOptions) => Effect.Effect<OAuthClientInformation, OAuthDiscoveryError>;
|
|
108
|
+
export declare const canonicalResourceUrl: (value: string) => string;
|
|
100
109
|
export interface DynamicAuthorizationState {
|
|
101
110
|
readonly resourceMetadata: OAuthProtectedResourceMetadata | null;
|
|
102
111
|
readonly resourceMetadataUrl: string | null;
|
|
@@ -104,6 +113,12 @@ export interface DynamicAuthorizationState {
|
|
|
104
113
|
readonly authorizationServerMetadataUrl: string;
|
|
105
114
|
readonly authorizationServerMetadata: OAuthAuthorizationServerMetadata;
|
|
106
115
|
readonly clientInformation: OAuthClientInformation;
|
|
116
|
+
/** RFC 8707 canonical resource URL passed on /authorize and persisted
|
|
117
|
+
* for the matching /token + refresh calls. */
|
|
118
|
+
readonly resource: string;
|
|
119
|
+
/** Scopes ultimately requested at /authorize. Persisted so refresh
|
|
120
|
+
* can replay the same set. */
|
|
121
|
+
readonly scopes: readonly string[];
|
|
107
122
|
}
|
|
108
123
|
export interface DynamicAuthorizationStartResult {
|
|
109
124
|
readonly authorizationUrl: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-discovery.d.ts","sourceRoot":"","sources":["../src/oauth-discovery.ts"],"names":[],"mappings":"AAoBA,OAAO,
|
|
1
|
+
{"version":3,"file":"oauth-discovery.d.ts","sourceRoot":"","sources":["../src/oauth-discovery.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAkB,MAAM,EAAE,KAAK,EAA6B,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC1F,OAAO,EAAmB,UAAU,EAAqB,MAAM,sBAAsB,CAAC;AAEtF,OAAO,EAIL,uBAAuB,EAEvB,KAAK,sBAAsB,EAC5B,MAAM,iBAAiB,CAAC;;;;AAMzB;;;;wDAIwD;AACxD,qBAAa,mBAAoB,SAAQ,yBAAwC;IAC/E,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB;;;mEAG+D;IAC/D,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;CAAG;AASL,eAAO,MAAM,oCAAoC;;;;;;EAMY,CAAC;AAC9D,MAAM,MAAM,8BAA8B,GAAG,OAAO,oCAAoC,CAAC,IAAI,CAAC;AAE9F,eAAO,MAAM,sCAAsC;;;;;;;;;;;;;;EAcY,CAAC;AAChE,MAAM,MAAM,gCAAgC,GAAG,OAAO,sCAAsC,CAAC,IAAI,CAAC;AAElG,MAAM,MAAM,qBAAqB,GAAG;IAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,aAAa,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C,QAAQ,CAAC,WAAW,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACzC,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,0BAA0B,CAAC,EAChC,MAAM,GACN,qBAAqB,GACrB,oBAAoB,GACpB,iBAAiB,CAAC;IACtB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,gBAAgB,CAAC,EAAE,KAAK,GAAG,QAAQ,CAAC;IAC7C,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,kEAAkE;IAClE,QAAQ,CAAC,KAAK,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACpD,CAAC;AAEF,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;EAaY,CAAC;AACtD,MAAM,MAAM,sBAAsB,GAAG,OAAO,4BAA4B,CAAC,IAAI,CAAC;AAU9E,MAAM,WAAW,uBAAuB;IACtC,4EAA4E;IAC5E,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAC9D,2DAA2D;IAC3D,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B;uEACmE;IACnE,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC;;6EAEyE;IACzE,QAAQ,CAAC,eAAe,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,QAAQ,CAAC,mBAAmB,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAChE,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD;AAgHD,eAAO,MAAM,iCAAiC,GAC5C,aAAa,MAAM,EACnB,UAAS,uBAA4B,KACpC,MAAM,CAAC,MAAM,CACd;IAAE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,QAAQ,EAAE,8BAA8B,CAAA;CAAE,GAAG,IAAI,EAC1F,mBAAmB,CA2CjB,CAAC;AAuBL,eAAO,MAAM,mCAAmC,GAC9C,QAAQ,MAAM,EACd,UAAS,uBAA4B,KACpC,MAAM,CAAC,MAAM,CACd;IACE,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,gCAAgC,CAAC;CACrD,GAAG,IAAI,EACR,mBAAmB,CA+DjB,CAAC;AAYL,MAAM,WAAW,0BAA0B;IACzC,QAAQ,CAAC,oBAAoB,EAAE,MAAM,CAAC;IACtC,QAAQ,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IACzC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7C;AA4ED,eAAO,MAAM,qBAAqB,GAChC,OAAO,0BAA0B,EACjC,UAAS,uBAA4B,KACpC,MAAM,CAAC,MAAM,CAAC,sBAAsB,EAAE,mBAAmB,CAmFzD,CAAC;AAWJ,eAAO,MAAM,oBAAoB,GAAI,OAAO,MAAM,KAAG,MAMpD,CAAC;AAmDF,MAAM,WAAW,yBAAyB;IACxC,QAAQ,CAAC,gBAAgB,EAAE,8BAA8B,GAAG,IAAI,CAAC;IACjE,QAAQ,CAAC,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5C,QAAQ,CAAC,sBAAsB,EAAE,MAAM,CAAC;IACxC,QAAQ,CAAC,8BAA8B,EAAE,MAAM,CAAC;IAChD,QAAQ,CAAC,2BAA2B,EAAE,gCAAgC,CAAC;IACvE,QAAQ,CAAC,iBAAiB,EAAE,sBAAsB,CAAC;IACnD;mDAC+C;IAC/C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B;mCAC+B;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;CACpC;AAED,MAAM,WAAW,+BAA+B;IAC9C,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,yBAAyB,CAAC;CAC3C;AAED,MAAM,WAAW,8BAA8B;IAC7C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,yEAAyE;IACzE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB;kCAC8B;IAC9B,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC,CAAC;IACzD;0BACsB;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC;;4DAEwD;IACxD,QAAQ,CAAC,aAAa,CAAC,EAAE;QACvB,QAAQ,CAAC,sBAAsB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAChD,QAAQ,CAAC,2BAA2B,CAAC,EAAE,gCAAgC,GAAG,IAAI,CAAC;QAC/E,QAAQ,CAAC,8BAA8B,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACxD,QAAQ,CAAC,gBAAgB,CAAC,EAAE,8BAA8B,GAAG,IAAI,CAAC;QAClE,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC7C,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,GAAG,IAAI,CAAC;KAC5D,CAAC;CACH;AAED,eAAO,MAAM,yBAAyB,GACpC,OAAO,8BAA8B,EACrC,UAAS,uBAA4B,KACpC,MAAM,CAAC,MAAM,CAAC,+BAA+B,EAAE,mBAAmB,CAqKjE,CAAC;AAEL,OAAO,EAAE,uBAAuB,EAAE,CAAC"}
|
package/dist/oauth-helpers.d.ts
CHANGED
|
@@ -25,6 +25,11 @@ export type OAuth2TokenResponse = {
|
|
|
25
25
|
export declare const OAUTH2_REFRESH_SKEW_MS = 60000;
|
|
26
26
|
/** Default token-endpoint timeout. */
|
|
27
27
|
export declare const OAUTH2_DEFAULT_TIMEOUT_MS = 20000;
|
|
28
|
+
export interface OAuthEndpointUrlPolicy {
|
|
29
|
+
readonly allowHttp?: boolean;
|
|
30
|
+
}
|
|
31
|
+
export declare const isSupportedOAuthEndpointUrl: (value: string, policy?: OAuthEndpointUrlPolicy) => boolean;
|
|
32
|
+
export declare const assertSupportedOAuthEndpointUrl: (value: string, label?: string, policy?: OAuthEndpointUrlPolicy) => string;
|
|
28
33
|
export declare const createPkceCodeVerifier: () => string;
|
|
29
34
|
export declare const createPkceCodeChallenge: (verifier: string) => Promise<string>;
|
|
30
35
|
export type BuildAuthorizationUrlInput = {
|
|
@@ -37,8 +42,13 @@ export type BuildAuthorizationUrlInput = {
|
|
|
37
42
|
readonly codeChallenge: string;
|
|
38
43
|
/** Separator between scopes. RFC 6749 says space; some providers use comma. */
|
|
39
44
|
readonly scopeSeparator?: string;
|
|
45
|
+
/** RFC 8707 Resource Indicator. MCP Authorization 2025-06-18 §"Resource
|
|
46
|
+
* Parameter Implementation" requires clients to send this on every
|
|
47
|
+
* authorization request, regardless of AS support. */
|
|
48
|
+
readonly resource?: string;
|
|
40
49
|
/** Provider-specific extras (e.g. Google's `access_type=offline`). */
|
|
41
50
|
readonly extraParams?: Readonly<Record<string, string>>;
|
|
51
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
42
52
|
};
|
|
43
53
|
/** Build an RFC 6749 §4.1.1 authorization URL. Sync; pre-computed
|
|
44
54
|
* challenge lets this stay out of the Promise world. */
|
|
@@ -54,7 +64,12 @@ export type ExchangeAuthorizationCodeInput = {
|
|
|
54
64
|
readonly code: string;
|
|
55
65
|
readonly clientAuth?: ClientAuthMethod;
|
|
56
66
|
readonly idTokenSigningAlgValuesSupported?: readonly string[];
|
|
67
|
+
/** RFC 8707 Resource Indicator. MCP Auth spec MUST-requires this on
|
|
68
|
+
* the token request when the client knows the resource it intends
|
|
69
|
+
* to call. */
|
|
70
|
+
readonly resource?: string;
|
|
57
71
|
readonly timeoutMs?: number;
|
|
72
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
58
73
|
};
|
|
59
74
|
export declare const exchangeAuthorizationCode: (input: ExchangeAuthorizationCodeInput) => Effect.Effect<OAuth2TokenResponse, OAuth2Error>;
|
|
60
75
|
export type ExchangeClientCredentialsInput = {
|
|
@@ -65,6 +80,7 @@ export type ExchangeClientCredentialsInput = {
|
|
|
65
80
|
readonly scopeSeparator?: string;
|
|
66
81
|
readonly clientAuth?: ClientAuthMethod;
|
|
67
82
|
readonly timeoutMs?: number;
|
|
83
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
68
84
|
};
|
|
69
85
|
export declare const exchangeClientCredentials: (input: ExchangeClientCredentialsInput) => Effect.Effect<OAuth2TokenResponse, OAuth2Error>;
|
|
70
86
|
export type RefreshAccessTokenInput = {
|
|
@@ -77,7 +93,12 @@ export type RefreshAccessTokenInput = {
|
|
|
77
93
|
readonly scopeSeparator?: string;
|
|
78
94
|
readonly clientAuth?: ClientAuthMethod;
|
|
79
95
|
readonly idTokenSigningAlgValuesSupported?: readonly string[];
|
|
96
|
+
/** RFC 8707 Resource Indicator — MCP spec MUST-requires this on
|
|
97
|
+
* refresh requests so the new access token's audience is bound to
|
|
98
|
+
* the same resource. */
|
|
99
|
+
readonly resource?: string;
|
|
80
100
|
readonly timeoutMs?: number;
|
|
101
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
81
102
|
};
|
|
82
103
|
export declare const refreshAccessToken: (input: RefreshAccessTokenInput) => Effect.Effect<OAuth2TokenResponse, OAuth2Error>;
|
|
83
104
|
export declare const shouldRefreshToken: (input: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-helpers.d.ts","sourceRoot":"","sources":["../src/oauth-helpers.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"oauth-helpers.d.ts","sourceRoot":"","sources":["../src/oauth-helpers.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAQ,MAAM,EAAa,MAAM,QAAQ,CAAC;;;;AAOjD,qBAAa,WAAY,SAAQ,iBAAgC;IAC/D,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB;;;;;OAKG;IACH,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;CAAG;AAML,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAMF,iFAAiF;AACjF,eAAO,MAAM,sBAAsB,QAAS,CAAC;AAE7C,sCAAsC;AACtC,eAAO,MAAM,yBAAyB,QAAS,CAAC;AAEhD,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC;CAC9B;AAgBD,eAAO,MAAM,2BAA2B,GACtC,OAAO,MAAM,EACb,SAAQ,sBAA2B,KAClC,OAQF,CAAC;AAEF,eAAO,MAAM,+BAA+B,GAC1C,OAAO,MAAM,EACb,cAA4B,EAC5B,SAAQ,sBAA2B,KAClC,MAIF,CAAC;AAMF,eAAO,MAAM,sBAAsB,QAAO,MAA4C,CAAC;AAEvF,eAAO,MAAM,uBAAuB,GAAI,UAAU,MAAM,KAAG,OAAO,CAAC,MAAM,CAC7B,CAAC;AAM7C,MAAM,MAAM,0BAA0B,GAAG;IACvC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,8EAA8E;IAC9E,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,+EAA+E;IAC/E,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC;;2DAEuD;IACvD,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,sEAAsE;IACtE,QAAQ,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACxD,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD,CAAC;AAEF;yDACyD;AACzD,eAAO,MAAM,qBAAqB,GAAI,OAAO,0BAA0B,KAAG,MA2BzE,CAAC;AA6GF,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG,OAAO,CAAC;AA0GhD,MAAM,MAAM,8BAA8B,GAAG;IAC3C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,UAAU,CAAC,EAAE,gBAAgB,CAAC;IACvC,QAAQ,CAAC,gCAAgC,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC9D;;mBAEe;IACf,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD,CAAC;AAEF,eAAO,MAAM,yBAAyB,GACpC,OAAO,8BAA8B,KACpC,MAAM,CAAC,MAAM,CAAC,mBAAmB,EAAE,WAAW,CAiCC,CAAC;AAMnD,MAAM,MAAM,8BAA8B,GAAG;IAC3C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,UAAU,CAAC,EAAE,gBAAgB,CAAC;IACvC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD,CAAC;AAEF,eAAO,MAAM,yBAAyB,GACpC,OAAO,8BAA8B,KACpC,MAAM,CAAC,MAAM,CAAC,mBAAmB,EAAE,WAAW,CAqBC,CAAC;AAMnD,MAAM,MAAM,uBAAuB,GAAG;IACpC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,UAAU,CAAC,EAAE,gBAAgB,CAAC;IACvC,QAAQ,CAAC,gCAAgC,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC9D;;6BAEyB;IACzB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAC7B,OAAO,uBAAuB,KAC7B,MAAM,CAAC,MAAM,CAAC,mBAAmB,EAAE,WAAW,CAoCC,CAAC;AAMnD,eAAO,MAAM,kBAAkB,GAAI,OAAO;IACxC,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B,KAAG,OAKH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-popup-types.d.ts","sourceRoot":"","sources":["../src/oauth-popup-types.ts"],"names":[],"mappings":"AAQA,+DAA+D;AAC/D,eAAO,MAAM,wBAAwB,EAAG,uBAAgC,CAAC;AAEzE,MAAM,MAAM,gBAAgB,CAAC,KAAK,IAC9B,CAAC;IACC,QAAQ,CAAC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IAC/C,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAC;IAClB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B,GAAG,KAAK,CAAC,GACV;IACE,QAAQ,CAAC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IAC/C,QAAQ,CAAC,EAAE,EAAE,KAAK,CAAC;IACnB,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB,CAAC;AAEN,eAAO,MAAM,kBAAkB,GAAI,KAAK,
|
|
1
|
+
{"version":3,"file":"oauth-popup-types.d.ts","sourceRoot":"","sources":["../src/oauth-popup-types.ts"],"names":[],"mappings":"AAQA,+DAA+D;AAC/D,eAAO,MAAM,wBAAwB,EAAG,uBAAgC,CAAC;AAEzE,MAAM,MAAM,gBAAgB,CAAC,KAAK,IAC9B,CAAC;IACC,QAAQ,CAAC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IAC/C,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAC;IAClB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B,GAAG,KAAK,CAAC,GACV;IACE,QAAQ,CAAC,IAAI,EAAE,OAAO,wBAAwB,CAAC;IAC/C,QAAQ,CAAC,EAAE,EAAE,KAAK,CAAC;IACnB,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB,CAAC;AAEN,eAAO,MAAM,kBAAkB,GAAI,KAAK,EAAE,OAAO,OAAO,KAAG,KAAK,IAAI,gBAAgB,CAAC,KAAK,CAGzB,CAAC"}
|
package/dist/oauth-service.d.ts
CHANGED
|
@@ -1,21 +1,29 @@
|
|
|
1
|
-
import { Effect } from "effect";
|
|
2
|
-
import
|
|
1
|
+
import { Effect, Layer } from "effect";
|
|
2
|
+
import { HttpClient } from "effect/unstable/http";
|
|
3
|
+
import type { StorageFailure, TypedAdapter } from "@executor-js/storage-core";
|
|
3
4
|
import { CreateConnectionInput, type ConnectionProvider, type ConnectionRef } from "./connections";
|
|
4
5
|
import type { ConnectionProviderNotRegisteredError } from "./errors";
|
|
5
6
|
import type { CoreSchema } from "./core-schema";
|
|
6
7
|
import { SetSecretInput, type SecretRef } from "./secrets";
|
|
7
8
|
import { type OAuthService } from "./oauth";
|
|
9
|
+
import { type OAuthEndpointUrlPolicy } from "./oauth-helpers";
|
|
10
|
+
import type { ScopedDBAdapter } from "./scoped-adapter";
|
|
8
11
|
export interface OAuthServiceDeps {
|
|
9
12
|
/** Typed core-schema adapter. Already scope-wrapped upstream so reads
|
|
10
13
|
* fall through the scope stack; writes stamp the scope the caller
|
|
11
14
|
* named (`tokenScope` on start input). */
|
|
12
15
|
readonly adapter: TypedAdapter<CoreSchema>;
|
|
13
|
-
/**
|
|
14
|
-
* `.transaction` directly. */
|
|
15
|
-
readonly rawAdapter:
|
|
16
|
+
/** Scoped adapter for opening transactions — the typed one doesn't
|
|
17
|
+
* expose `.transaction` directly. */
|
|
18
|
+
readonly rawAdapter: ScopedDBAdapter;
|
|
16
19
|
/** Resolves client-id / client-secret refs at start + refresh time.
|
|
17
20
|
* A `null` return means "secret row is gone" and aborts the flow. */
|
|
18
21
|
readonly secretsGet: (id: string) => Effect.Effect<string | null, StorageFailure>;
|
|
22
|
+
readonly secretsGetResolved?: (id: string) => Effect.Effect<{
|
|
23
|
+
readonly value: string;
|
|
24
|
+
readonly scopeId: string | null;
|
|
25
|
+
} | null, StorageFailure>;
|
|
26
|
+
readonly secretsGetAtScope?: (id: string, scope: string) => Effect.Effect<string | null, StorageFailure>;
|
|
19
27
|
readonly secretsSet: (input: SetSecretInput) => Effect.Effect<SecretRef, StorageFailure>;
|
|
20
28
|
/** Mints the Connection row + backing secret rows. Called from
|
|
21
29
|
* `complete` (and from `start` for `client-credentials`). */
|
|
@@ -25,6 +33,9 @@ export interface OAuthServiceDeps {
|
|
|
25
33
|
readonly newSessionId?: () => string;
|
|
26
34
|
/** `Date.now()` substitute — tests override to drive TTL behavior. */
|
|
27
35
|
readonly now?: () => number;
|
|
36
|
+
/** Outbound HTTP client used for OAuth metadata/DCR probes. */
|
|
37
|
+
readonly httpClientLayer?: Layer.Layer<HttpClient.HttpClient>;
|
|
38
|
+
readonly endpointUrlPolicy?: OAuthEndpointUrlPolicy;
|
|
28
39
|
}
|
|
29
40
|
export declare const makeOAuth2Service: (deps: OAuthServiceDeps) => {
|
|
30
41
|
readonly service: OAuthService;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-service.d.ts","sourceRoot":"","sources":["../src/oauth-service.ts"],"names":[],"mappings":"AAqCA,OAAO,
|
|
1
|
+
{"version":3,"file":"oauth-service.d.ts","sourceRoot":"","sources":["../src/oauth-service.ts"],"names":[],"mappings":"AAqCA,OAAO,EAAY,MAAM,EAAE,KAAK,EAAyB,MAAM,QAAQ,CAAC;AACxE,OAAO,EAAmB,UAAU,EAAqB,MAAM,sBAAsB,CAAC;AAEtF,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAE9E,OAAO,EAEL,qBAAqB,EAErB,KAAK,kBAAkB,EAGvB,KAAK,aAAa,EACnB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,oCAAoC,EAAE,MAAM,UAAU,CAAC;AACrE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEhD,OAAO,EAAE,cAAc,EAAE,KAAK,SAAS,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAgBL,KAAK,YAAY,EAGlB,MAAM,SAAS,CAAC;AAMjB,OAAO,EAOL,KAAK,sBAAsB,EAE5B,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAgFxD,MAAM,WAAW,gBAAgB;IAC/B;;+CAE2C;IAC3C,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC;IAC3C;0CACsC;IACtC,QAAQ,CAAC,UAAU,EAAE,eAAe,CAAC;IACrC;0EACsE;IACtE,QAAQ,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,EAAE,cAAc,CAAC,CAAC;IAClF,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAC5B,EAAE,EAAE,MAAM,KACP,MAAM,CAAC,MAAM,CAChB;QAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,EAClE,cAAc,CACf,CAAC;IACF,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAC3B,EAAE,EAAE,MAAM,EACV,KAAK,EAAE,MAAM,KACV,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,EAAE,cAAc,CAAC,CAAC;IAClD,QAAQ,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,cAAc,KAAK,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;IACzF;kEAC8D;IAC9D,QAAQ,CAAC,iBAAiB,EAAE,CAC1B,KAAK,EAAE,qBAAqB,KACzB,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,oCAAoC,GAAG,cAAc,CAAC,CAAC;IACzF;yBACqB;IACrB,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,MAAM,CAAC;IACrC,sEAAsE;IACtE,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IAC5B,+DAA+D;IAC/D,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAC9D,QAAQ,CAAC,iBAAiB,CAAC,EAAE,sBAAsB,CAAC;CACrD;AAqCD,eAAO,MAAM,iBAAiB,GAC5B,MAAM,gBAAgB,KACrB;IAAE,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IAAC,QAAQ,CAAC,kBAAkB,EAAE,kBAAkB,CAAA;CAs8BnF,CAAC"}
|
package/dist/oauth.d.ts
CHANGED
|
@@ -115,25 +115,34 @@ export declare const OAuthProviderState: Schema.Union<readonly [Schema.Struct<{
|
|
|
115
115
|
* issued one) is a separate secret row. */
|
|
116
116
|
readonly clientId: Schema.String;
|
|
117
117
|
readonly clientSecretSecretId: Schema.NullOr<Schema.String>;
|
|
118
|
+
readonly clientSecretSecretScopeId: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
118
119
|
readonly clientAuth: Schema.Literals<readonly ["body", "basic"]>;
|
|
119
120
|
readonly scopes: Schema.withDecodingDefaultType<Schema.$Array<Schema.String>>;
|
|
120
121
|
readonly scopeSeparator: Schema.optional<Schema.String>;
|
|
121
122
|
readonly scope: Schema.NullOr<Schema.String>;
|
|
123
|
+
/** RFC 8707 canonical resource URL. Replayed on refresh so the new
|
|
124
|
+
* access token's audience stays bound to the same resource. */
|
|
125
|
+
readonly resource: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
122
126
|
}>, Schema.Struct<{
|
|
123
127
|
readonly kind: Schema.Literal<"authorization-code">;
|
|
124
128
|
readonly tokenEndpoint: Schema.String;
|
|
125
129
|
readonly issuerUrl: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
126
130
|
readonly clientIdSecretId: Schema.String;
|
|
131
|
+
readonly clientIdSecretScopeId: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
127
132
|
readonly clientSecretSecretId: Schema.NullOr<Schema.String>;
|
|
133
|
+
readonly clientSecretSecretScopeId: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
128
134
|
readonly clientAuth: Schema.Literals<readonly ["body", "basic"]>;
|
|
129
135
|
readonly scopes: Schema.withDecodingDefaultType<Schema.$Array<Schema.String>>;
|
|
130
136
|
readonly scopeSeparator: Schema.optional<Schema.String>;
|
|
131
137
|
readonly scope: Schema.NullOr<Schema.String>;
|
|
138
|
+
readonly resource: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
132
139
|
}>, Schema.Struct<{
|
|
133
140
|
readonly kind: Schema.Literal<"client-credentials">;
|
|
134
141
|
readonly tokenEndpoint: Schema.String;
|
|
135
142
|
readonly clientIdSecretId: Schema.String;
|
|
143
|
+
readonly clientIdSecretScopeId: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
136
144
|
readonly clientSecretSecretId: Schema.String;
|
|
145
|
+
readonly clientSecretSecretScopeId: Schema.optional<Schema.NullOr<Schema.String>>;
|
|
137
146
|
readonly scopes: Schema.$Array<Schema.String>;
|
|
138
147
|
readonly scopeSeparator: Schema.optional<Schema.String>;
|
|
139
148
|
readonly clientAuth: Schema.Literals<readonly ["body", "basic"]>;
|
|
@@ -142,9 +151,7 @@ export declare const OAuthProviderState: Schema.Union<readonly [Schema.Struct<{
|
|
|
142
151
|
export type OAuthProviderState = typeof OAuthProviderState.Type;
|
|
143
152
|
/** The canonical refresh handler key. Every OAuth2-minted connection
|
|
144
153
|
* registers under this single value; the handler switches on
|
|
145
|
-
* `providerState.kind`.
|
|
146
|
-
* `openapi:oauth2`, `google-discovery:google`) are aliased to this
|
|
147
|
-
* during migration. */
|
|
154
|
+
* `providerState.kind`. */
|
|
148
155
|
export declare const OAUTH2_PROVIDER_KEY: "oauth2";
|
|
149
156
|
export interface OAuthProbeInput {
|
|
150
157
|
readonly endpoint: string;
|
|
@@ -216,6 +223,9 @@ export interface OAuthStartResult {
|
|
|
216
223
|
export interface OAuthCompleteInput {
|
|
217
224
|
/** RFC 6749 `state` parameter — maps to a session row id. */
|
|
218
225
|
readonly state: string;
|
|
226
|
+
/** Optional scope check for route-scoped completions. Browser callback
|
|
227
|
+
* completions omit this because the callback URL has no scope path. */
|
|
228
|
+
readonly tokenScope?: string;
|
|
219
229
|
readonly code?: string;
|
|
220
230
|
/** RFC 6749 `error` parameter — set when the AS redirected back with
|
|
221
231
|
* a failure. The service surfaces this as a tagged error. */
|
|
@@ -230,17 +240,16 @@ declare const OAuthProbeError_base: Schema.Class<OAuthProbeError, Schema.TaggedS
|
|
|
230
240
|
readonly message: Schema.String;
|
|
231
241
|
}>, import("effect/Cause").YieldableError>;
|
|
232
242
|
export declare class OAuthProbeError extends OAuthProbeError_base {
|
|
233
|
-
static annotations: {
|
|
234
|
-
httpApiStatus: number;
|
|
235
|
-
};
|
|
236
243
|
}
|
|
237
244
|
declare const OAuthStartError_base: Schema.Class<OAuthStartError, Schema.TaggedStruct<"OAuthStartError", {
|
|
238
245
|
readonly message: Schema.String;
|
|
246
|
+
/** RFC 6749 §5.2 / RFC 7591 §3.2.2 error code propagated up from the
|
|
247
|
+
* authorization server (e.g. `invalid_client_metadata`). UI surfaces
|
|
248
|
+
* it as the structured "AS rejected the registration" reason. */
|
|
249
|
+
readonly error: Schema.optional<Schema.String>;
|
|
250
|
+
readonly errorDescription: Schema.optional<Schema.String>;
|
|
239
251
|
}>, import("effect/Cause").YieldableError>;
|
|
240
252
|
export declare class OAuthStartError extends OAuthStartError_base {
|
|
241
|
-
static annotations: {
|
|
242
|
-
httpApiStatus: number;
|
|
243
|
-
};
|
|
244
253
|
}
|
|
245
254
|
declare const OAuthCompleteError_base: Schema.Class<OAuthCompleteError, Schema.TaggedStruct<"OAuthCompleteError", {
|
|
246
255
|
readonly message: Schema.String;
|
|
@@ -250,17 +259,11 @@ declare const OAuthCompleteError_base: Schema.Class<OAuthCompleteError, Schema.T
|
|
|
250
259
|
readonly code: Schema.optional<Schema.String>;
|
|
251
260
|
}>, import("effect/Cause").YieldableError>;
|
|
252
261
|
export declare class OAuthCompleteError extends OAuthCompleteError_base {
|
|
253
|
-
static annotations: {
|
|
254
|
-
httpApiStatus: number;
|
|
255
|
-
};
|
|
256
262
|
}
|
|
257
263
|
declare const OAuthSessionNotFoundError_base: Schema.Class<OAuthSessionNotFoundError, Schema.TaggedStruct<"OAuthSessionNotFoundError", {
|
|
258
264
|
readonly sessionId: Schema.String;
|
|
259
265
|
}>, import("effect/Cause").YieldableError>;
|
|
260
266
|
export declare class OAuthSessionNotFoundError extends OAuthSessionNotFoundError_base {
|
|
261
|
-
static annotations: {
|
|
262
|
-
httpApiStatus: number;
|
|
263
|
-
};
|
|
264
267
|
}
|
|
265
268
|
export interface OAuthService {
|
|
266
269
|
readonly probe: (input: OAuthProbeInput) => Effect.Effect<OAuthProbeResult, OAuthProbeError>;
|
|
@@ -268,7 +271,7 @@ export interface OAuthService {
|
|
|
268
271
|
readonly complete: (input: OAuthCompleteInput) => Effect.Effect<OAuthCompleteResult, OAuthCompleteError | OAuthSessionNotFoundError | StorageFailure>;
|
|
269
272
|
/** Drop an in-flight session without completing — used when the
|
|
270
273
|
* user cancels the popup or the source is deleted mid-onboarding. */
|
|
271
|
-
readonly cancel: (sessionId: string, tokenScope
|
|
274
|
+
readonly cancel: (sessionId: string, tokenScope: string) => Effect.Effect<void, StorageFailure>;
|
|
272
275
|
}
|
|
273
276
|
export declare const OAUTH2_SESSION_TTL_MS: number;
|
|
274
277
|
export { ConnectionId };
|
package/dist/oauth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAExC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAEhE,OAAO,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AAWrC;;;yDAGyD;AACzD,eAAO,MAAM,uBAAuB;;IAElC;mDAC+C;;EAE/C,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,OAAO,uBAAuB,CAAC,IAAI,CAAC;AAE1E;;;2EAG2E;AAC3E,eAAO,MAAM,8BAA8B;;;;IAIzC;;wEAEoE;;IAEpE;;4DAEwD;;IAExD;8CAC0C;;;IAG1C;sCACkC;;IAElC;mEAC+D;;
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAExC,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAEhE,OAAO,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AAWrC;;;yDAGyD;AACzD,eAAO,MAAM,uBAAuB;;IAElC;mDAC+C;;EAE/C,CAAC;AACH,MAAM,MAAM,uBAAuB,GAAG,OAAO,uBAAuB,CAAC,IAAI,CAAC;AAE1E;;;2EAG2E;AAC3E,eAAO,MAAM,8BAA8B;;;;IAIzC;;wEAEoE;;IAEpE;;4DAEwD;;IAExD;8CAC0C;;;IAG1C;sCACkC;;IAElC;mEAC+D;;IAE/D;oEACgE;;EAEhE,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,OAAO,8BAA8B,CAAC,IAAI,CAAC;AAExF;;;sCAGsC;AACtC,eAAO,MAAM,8BAA8B;;;;;;;;EAQzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,OAAO,8BAA8B,CAAC,IAAI,CAAC;AAExF;;cAEc;AACd,eAAO,MAAM,aAAa;;IAxDxB;mDAC+C;;;;;;IAa/C;;wEAEoE;;IAEpE;;4DAEwD;;IAExD;8CAC0C;;;IAG1C;sCACkC;;IAElC;mEAC+D;;IAE/D;oEACgE;;;;;;;;;;IA2BhE,CAAC;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,aAAa,CAAC,IAAI,CAAC;AAQtD;;+BAE+B;AAC/B,eAAO,MAAM,kBAAkB;;;;;;;IAQ3B;;gDAE4C;;;;;;;;IAQ5C;oEACgE;;;;;;;;;;;;;;;;;;;;;;;;;;IA6BlE,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,OAAO,kBAAkB,CAAC,IAAI,CAAC;AAEhE;;4BAE4B;AAC5B,eAAO,MAAM,mBAAmB,EAAG,QAAiB,CAAC;AAMrD,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/C;AAED,MAAM,WAAW,gBAAgB;IAC/B,gEAAgE;IAChE,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC1D,QAAQ,CAAC,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5C;wEACoE;IACpE,QAAQ,CAAC,2BAA2B,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACrE,QAAQ,CAAC,8BAA8B,EAAE,MAAM,GAAG,IAAI,CAAC;IACvD,QAAQ,CAAC,sBAAsB,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/C;;;;;8BAK0B;IAC1B,QAAQ,CAAC,2BAA2B,EAAE,OAAO,CAAC;IAC9C;;;;qBAIiB;IACjB,QAAQ,CAAC,yBAAyB,EAAE,OAAO,CAAC;CAC7C;AAMD,MAAM,WAAW,eAAe;IAC9B;;+CAE2C;IAC3C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9C;;;6CAGyC;IACzC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B;uDACmD;IACnD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B;;kDAE8C;IAC9C,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC;IACjC;oEACgE;IAChE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,4EAA4E;IAC5E,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B;;0BAEsB;IACtB,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC;;gEAE4D;IAC5D,QAAQ,CAAC,mBAAmB,EAAE;QAAE,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CACxE;AAED,MAAM,WAAW,kBAAkB;IACjC,6DAA6D;IAC7D,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB;4EACwE;IACxE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB;kEAC8D;IAC9D,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;;;;AAWD,qBAAa,eAAgB,SAAQ,oBAMpC;CAAG;;;IAMA;;sEAEkE;;;;AANtE,qBAAa,eAAgB,SAAQ,oBAWpC;CAAG;;;IAMA;;iDAE6C;;;AANjD,qBAAa,kBAAmB,SAAQ,uBAUvC;CAAG;;;;AAEJ,qBAAa,yBAA0B,SAAQ,8BAM9C;CAAG;AAOJ,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;IAC7F,QAAQ,CAAC,KAAK,EAAE,CACd,KAAK,EAAE,eAAe,KACnB,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,eAAe,GAAG,cAAc,CAAC,CAAC;IACvE,QAAQ,CAAC,QAAQ,EAAE,CACjB,KAAK,EAAE,kBAAkB,KACtB,MAAM,CAAC,MAAM,CAChB,mBAAmB,EACnB,kBAAkB,GAAG,yBAAyB,GAAG,cAAc,CAChE,CAAC;IACF;0EACsE;IACtE,QAAQ,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,KAAK,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;CACjG;AAOD,eAAO,MAAM,qBAAqB,QAAiB,CAAC;AAIpD,OAAO,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oxlint-plugin-executor.test.d.ts","sourceRoot":"","sources":["../src/oxlint-plugin-executor.test.ts"],"names":[],"mappings":""}
|