npm - @frontmcp/auth - Versions diffs - 0.0.1 → 0.8.1 - Mend

@frontmcp/auth 0.0.1 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (81) hide show

package/README.md +11 -0
package/authorization/authorization.types.d.ts +236 -0
package/authorization/authorization.types.d.ts.map +1 -0
package/authorization/index.d.ts +9 -0
package/authorization/index.d.ts.map +1 -0
package/cimd/cimd-redis.cache.d.ts +111 -0
package/cimd/cimd-redis.cache.d.ts.map +1 -0
package/cimd/cimd.cache.d.ts +200 -0
package/cimd/cimd.cache.d.ts.map +1 -0
package/cimd/cimd.errors.d.ts +124 -0
package/cimd/cimd.errors.d.ts.map +1 -0
package/cimd/cimd.logger.d.ts +39 -0
package/cimd/cimd.logger.d.ts.map +1 -0
package/cimd/cimd.service.d.ts +88 -0
package/cimd/cimd.service.d.ts.map +1 -0
package/cimd/cimd.types.d.ts +178 -0
package/cimd/cimd.types.d.ts.map +1 -0
package/cimd/cimd.validator.d.ts +49 -0
package/cimd/cimd.validator.d.ts.map +1 -0
package/cimd/index.d.ts +17 -0
package/cimd/index.d.ts.map +1 -0
package/esm/index.mjs +4001 -0
package/esm/package.json +59 -0
package/index.d.ts +44 -0
package/index.d.ts.map +1 -0
package/index.js +4131 -0
package/jwks/dev-key-persistence.d.ts +70 -0
package/jwks/dev-key-persistence.d.ts.map +1 -0
package/jwks/index.d.ts +20 -0
package/jwks/index.d.ts.map +1 -0
package/jwks/jwks.service.d.ts +69 -0
package/jwks/jwks.service.d.ts.map +1 -0
package/jwks/jwks.types.d.ts +33 -0
package/jwks/jwks.types.d.ts.map +1 -0
package/jwks/jwks.utils.d.ts +5 -0
package/jwks/jwks.utils.d.ts.map +1 -0
package/package.json +2 -2
package/session/authorization-vault.d.ts +667 -0
package/session/authorization-vault.d.ts.map +1 -0
package/session/authorization.store.d.ts +311 -0
package/session/authorization.store.d.ts.map +1 -0
package/session/index.d.ts +19 -0
package/session/index.d.ts.map +1 -0
package/session/storage/in-memory-authorization-vault.d.ts +53 -0
package/session/storage/in-memory-authorization-vault.d.ts.map +1 -0
package/session/storage/index.d.ts +17 -0
package/session/storage/index.d.ts.map +1 -0
package/session/storage/storage-authorization-vault.d.ts +107 -0
package/session/storage/storage-authorization-vault.d.ts.map +1 -0
package/session/storage/storage-token-store.d.ts +92 -0
package/session/storage/storage-token-store.d.ts.map +1 -0
package/session/token.store.d.ts +39 -0
package/session/token.store.d.ts.map +1 -0
package/session/token.vault.d.ts +33 -0
package/session/token.vault.d.ts.map +1 -0
package/session/utils/index.d.ts +5 -0
package/session/utils/index.d.ts.map +1 -0
package/session/utils/tiny-ttl-cache.d.ts +20 -0
package/session/utils/tiny-ttl-cache.d.ts.map +1 -0
package/session/vault-encryption.d.ts +190 -0
package/session/vault-encryption.d.ts.map +1 -0
package/ui/base-layout.d.ts +170 -0
package/ui/base-layout.d.ts.map +1 -0
package/ui/index.d.ts +10 -0
package/ui/index.d.ts.map +1 -0
package/ui/templates.d.ts +134 -0
package/ui/templates.d.ts.map +1 -0
package/utils/audience.validator.d.ts +130 -0
package/utils/audience.validator.d.ts.map +1 -0
package/utils/index.d.ts +8 -0
package/utils/index.d.ts.map +1 -0
package/utils/www-authenticate.utils.d.ts +98 -0
package/utils/www-authenticate.utils.d.ts.map +1 -0
package/vault/auth-providers.types.d.ts +262 -0
package/vault/auth-providers.types.d.ts.map +1 -0
package/vault/credential-cache.d.ts +98 -0
package/vault/credential-cache.d.ts.map +1 -0
package/vault/credential-helpers.d.ts +14 -0
package/vault/credential-helpers.d.ts.map +1 -0
package/vault/index.d.ts +10 -0
package/vault/index.d.ts.map +1 -0

package/esm/package.json ADDED Viewed

@@ -0,0 +1,59 @@
+{
+  "name": "@frontmcp/auth",
+  "version": "0.8.1",
+  "description": "FrontMCP Auth - Authentication, session management, and credential vault",
+  "author": "AgentFront <info@agentfront.dev>",
+  "homepage": "https://docs.agentfront.dev",
+  "license": "Apache-2.0",
+  "keywords": [
+    "mcp",
+    "auth",
+    "authentication",
+    "session",
+    "oauth",
+    "jwt",
+    "jwks",
+    "vault",
+    "credentials",
+    "agentfront",
+    "frontmcp"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/agentfront/frontmcp.git"
+  },
+  "bugs": {
+    "url": "https://github.com/agentfront/frontmcp/issues"
+  },
+  "type": "module",
+  "main": "../index.js",
+  "module": "./index.mjs",
+  "types": "../index.d.ts",
+  "sideEffects": false,
+  "exports": {
+    "./package.json": "../package.json",
+    ".": {
+      "require": {
+        "types": "../index.d.ts",
+        "default": "../index.js"
+      },
+      "import": {
+        "types": "../index.d.ts",
+        "default": "./index.mjs"
+      }
+    }
+  },
+  "engines": {
+    "node": ">=22.0.0"
+  },
+  "peerDependencies": {
+    "zod": "^4.0.0"
+  },
+  "dependencies": {
+    "@frontmcp/utils": "0.8.1",
+    "jose": "^6.0.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.9.3"
+  }
+}

package/index.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * @frontmcp/auth
+ *
+ * FrontMCP Auth - Authentication, session management, and credential vault.
+ *
+ * This library provides standalone authentication components that can be used
+ * independently or as part of the @frontmcp/sdk.
+ *
+ * @example
+ * ```typescript
+ * import { JwksService, buildLoginPage, InMemoryAuthorizationVault } from '@frontmcp/auth';
+ *
+ * // JWKS management
+ * const jwks = new JwksService({ orchestratorAlg: 'RS256' });
+ * const publicJwks = await jwks.getPublicJwks();
+ *
+ * // Auth UI templates
+ * const html = buildLoginPage({
+ *   clientName: 'My App',
+ *   scope: 'openid profile',
+ *   pendingAuthId: 'abc123',
+ *   callbackPath: '/oauth/callback',
+ * });
+ *
+ * // Credential vault
+ * const vault = new InMemoryAuthorizationVault();
+ * const entry = await vault.create({
+ *   userSub: 'user123',
+ *   clientId: 'client456',
+ * });
+ * ```
+ */
+export { JwksService, trimSlash, normalizeIssuer, decodeJwtPayloadSafe, isDevKeyPersistenceEnabled, resolveKeyPath, loadDevKey, saveDevKey, deleteDevKey, } from './jwks';
+export type { JwksServiceOptions, ProviderVerifyRef, VerifyResult, DevKeyPersistenceOptions, DevKeyData } from './jwks';
+export { CDN, DEFAULT_THEME, baseLayout, createLayout, authLayout, centeredCardLayout, wideLayout, extraWideLayout, escapeHtml, buildConsentPage, buildIncrementalAuthPage, buildFederatedLoginPage, buildToolConsentPage, buildLoginPage, buildErrorPage, renderToHtml, } from './ui';
+export type { ThemeColors, ThemeFonts, ThemeConfig, BaseLayoutOptions, AppAuthCard, ProviderCard, ToolCard, } from './ui';
+export { InMemoryAuthorizationStore, RedisAuthorizationStore, verifyPkce, generatePkceChallenge, pkceChallengeSchema, authorizationCodeRecordSchema, credentialTypeSchema, oauthCredentialSchema, apiKeyCredentialSchema, basicAuthCredentialSchema, bearerCredentialSchema, privateKeyCredentialSchema, mtlsCredentialSchema, customCredentialSchema, sshKeyCredentialSchema, serviceAccountCredentialSchema, pkceOAuthCredentialSchema, credentialSchema, appCredentialSchema, vaultConsentRecordSchema, vaultFederatedRecordSchema, pendingIncrementalAuthSchema, authorizationVaultEntrySchema, InMemoryAuthorizationVault, StorageAuthorizationVault, EncryptedTypedStorage, EncryptedStorageError, encryptedDataSchema, encryptedVaultEntrySchema, VaultEncryption, TokenVault, StorageTokenStore, TypedStorage, hkdfSha256, encryptValue, decryptValue, encryptAesGcm, decryptAesGcm, TinyTtlCache, } from './session';
+export type { AuthorizationStore, PkceChallenge, AuthorizationCodeRecord, PendingAuthorizationRecord, RefreshTokenRecord, ConsentStateRecord, FederatedLoginStateRecord, CredentialType, OAuthCredential, ApiKeyCredential, BasicAuthCredential, BearerCredential, PrivateKeyCredential, MtlsCredential, CustomCredential, SshKeyCredential, ServiceAccountCredential, PkceOAuthCredential, Credential, AppCredential, VaultConsentRecord, VaultFederatedRecord, PendingIncrementalAuth, AuthorizationVaultEntry, AuthorizationVault, InMemoryAuthorizationVaultOptions, EncryptedData, VaultKeyDerivationClaims, VaultEncryptionConfig, EncryptedVaultEntry, VaultSensitiveData, EncBlob, VaultKey, SecretRecord, TokenStore, TypedStorageOptions, TypedSetOptions, TypedSetEntry, EncryptedTypedStorageOptions, EncryptedSetOptions, EncryptedSetEntry, EncryptionKey, StoredEncryptedBlob, ClientKeyBinding, StorageTokenStoreOptions, StorageAuthorizationVaultOptions, EncryptedBlob, } from './session';
+export { type AuthMode, type AuthUser, type AuthorizedTool, type AuthorizedPrompt, type LLMSafeAuthContext, type AppAuthorizationRecord, type ProgressiveAuthState, type AuthorizationCreateCtx, AppAuthState, authModeSchema, authUserSchema, authorizedToolSchema, authorizedPromptSchema, llmSafeAuthContextSchema, appAuthStateSchema, appAuthorizationRecordSchema, progressiveAuthStateSchema, } from './authorization';
+export { buildWwwAuthenticate, buildPrmUrl, buildUnauthorizedHeader, buildInvalidTokenHeader, buildInsufficientScopeHeader, buildInvalidRequestHeader, parseWwwAuthenticate, validateAudience, createAudienceValidator, deriveExpectedAudience, AudienceValidator, } from './utils';
+export type { BearerErrorCode, WwwAuthenticateOptions, AudienceValidationResult, AudienceValidatorOptions, } from './utils';
+export { type CredentialScope, type LoadingStrategy, type GetCredentialOptions, type ResolvedCredential, type CredentialFactoryContext, type CredentialFactory, type CredentialRefreshFn, type CredentialHeadersFn, type CredentialProviderConfig, type AuthProviderMapping, type CredentialCacheEntry, type VaultStorageKey, type AuthProvidersVaultOptions, type CredentialEventType, type CredentialEvent, type CacheStats, credentialScopeSchema, loadingStrategySchema, getCredentialOptionsSchema, credentialProviderConfigSchema, authProviderMappingSchema, authProvidersVaultOptionsSchema, extractCredentialExpiry, CredentialCache, } from './vault';
+export { type CimdLogger, noopLogger, clientMetadataDocumentSchema, cimdCacheConfigSchema, cimdSecurityConfigSchema, cimdNetworkConfigSchema, cimdConfigSchema, type ClientMetadataDocument, type ClientMetadataDocumentInput, type CimdCacheConfig, type CimdSecurityConfig, type CimdNetworkConfig, type CimdConfig, type CimdConfigInput, type CimdResolutionResult, CimdError, InvalidClientIdUrlError, CimdFetchError, CimdValidationError, CimdClientIdMismatchError, CimdSecurityError, RedirectUriMismatchError, CimdResponseTooLargeError, CimdDisabledError, isCimdClientId, validateClientIdUrl, checkSsrfProtection, hasOnlyLocalhostRedirectUris, CimdCache, extractCacheHeaders, parseCacheHeaders, type CimdCacheEntry, type CacheableHeaders, CimdService, } from './cimd';
+//# sourceMappingURL=index.d.ts.map

package/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAKH,OAAO,EACL,WAAW,EACX,SAAS,EACT,eAAe,EACf,oBAAoB,EACpB,0BAA0B,EAC1B,cAAc,EACd,UAAU,EACV,UAAU,EACV,YAAY,GACb,MAAM,QAAQ,CAAC;AAChB,YAAY,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,YAAY,EAAE,wBAAwB,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAKxH,OAAO,EAEL,GAAG,EACH,aAAa,EACb,UAAU,EACV,YAAY,EACZ,UAAU,EACV,kBAAkB,EAClB,UAAU,EACV,eAAe,EACf,UAAU,EAEV,gBAAgB,EAChB,wBAAwB,EACxB,uBAAuB,EACvB,oBAAoB,EACpB,cAAc,EACd,cAAc,EACd,YAAY,GACb,MAAM,MAAM,CAAC;AACd,YAAY,EACV,WAAW,EACX,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,YAAY,EACZ,QAAQ,GACT,MAAM,MAAM,CAAC;AAKd,OAAO,EAEL,0BAA0B,EAC1B,uBAAuB,EACvB,UAAU,EACV,qBAAqB,EACrB,mBAAmB,EACnB,6BAA6B,EAE7B,oBAAoB,EACpB,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACpB,sBAAsB,EACtB,sBAAsB,EACtB,8BAA8B,EAC9B,yBAAyB,EACzB,gBAAgB,EAEhB,mBAAmB,EACnB,wBAAwB,EACxB,0BAA0B,EAC1B,4BAA4B,EAC5B,6BAA6B,EAE7B,0BAA0B,EAE1B,yBAAyB,EAEzB,qBAAqB,EACrB,qBAAqB,EAErB,mBAAmB,EACnB,yBAAyB,EACzB,eAAe,EAEf,UAAU,EAEV,iBAAiB,EAEjB,YAAY,EAEZ,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,aAAa,EAEb,YAAY,GACb,MAAM,WAAW,CAAC;AACnB,YAAY,EAEV,kBAAkB,EAClB,aAAa,EACb,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,EAClB,yBAAyB,EAEzB,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,wBAAwB,EACxB,mBAAmB,EACnB,UAAU,EACV,aAAa,EACb,kBAAkB,EAClB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,kBAAkB,EAClB,iCAAiC,EACjC,aAAa,EACb,wBAAwB,EACxB,qBAAqB,EACrB,mBAAmB,EACnB,kBAAkB,EAClB,OAAO,EACP,QAAQ,EACR,YAAY,EACZ,UAAU,EAEV,mBAAmB,EACnB,eAAe,EACf,aAAa,EACb,4BAA4B,EAC5B,mBAAmB,EACnB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,gCAAgC,EAEhC,aAAa,GACd,MAAM,WAAW,CAAC;AAKnB,OAAO,EAEL,KAAK,QAAQ,EACb,KAAK,QAAQ,EACb,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,EACzB,KAAK,sBAAsB,EAE3B,YAAY,EAEZ,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,sBAAsB,EACtB,wBAAwB,EACxB,kBAAkB,EAClB,4BAA4B,EAC5B,0BAA0B,GAC3B,MAAM,iBAAiB,CAAC;AAKzB,OAAO,EAEL,oBAAoB,EACpB,WAAW,EACX,uBAAuB,EACvB,uBAAuB,EACvB,4BAA4B,EAC5B,yBAAyB,EACzB,oBAAoB,EAEpB,gBAAgB,EAChB,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,GAClB,MAAM,SAAS,CAAC;AACjB,YAAY,EACV,eAAe,EACf,sBAAsB,EACtB,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,SAAS,CAAC;AAKjB,OAAO,EAEL,KAAK,eAAe,EACpB,KAAK,eAAe,EACpB,KAAK,oBAAoB,EACzB,KAAK,kBAAkB,EACvB,KAAK,wBAAwB,EAC7B,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EACxB,KAAK,mBAAmB,EACxB,KAAK,wBAAwB,EAC7B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,eAAe,EACpB,KAAK,yBAAyB,EAC9B,KAAK,mBAAmB,EACxB,KAAK,eAAe,EACpB,KAAK,UAAU,EAEf,qBAAqB,EACrB,qBAAqB,EACrB,0BAA0B,EAC1B,8BAA8B,EAC9B,yBAAyB,EACzB,+BAA+B,EAE/B,uBAAuB,EAEvB,eAAe,GAChB,MAAM,SAAS,CAAC;AAKjB,OAAO,EAEL,KAAK,UAAU,EACf,UAAU,EAEV,4BAA4B,EAC5B,qBAAqB,EACrB,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,KAAK,sBAAsB,EAC3B,KAAK,2BAA2B,EAChC,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,oBAAoB,EAEzB,SAAS,EACT,uBAAuB,EACvB,cAAc,EACd,mBAAmB,EACnB,yBAAyB,EACzB,iBAAiB,EACjB,wBAAwB,EACxB,yBAAyB,EACzB,iBAAiB,EAEjB,cAAc,EACd,mBAAmB,EACnB,mBAAmB,EACnB,4BAA4B,EAE5B,SAAS,EACT,mBAAmB,EACnB,iBAAiB,EACjB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EAErB,WAAW,GACZ,MAAM,QAAQ,CAAC"}