@frontmcp/auth 0.12.2 → 1.0.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cimd/cimd.cache.d.ts +0 -5
- package/cimd/cimd.cache.d.ts.map +1 -1
- package/cimd/index.d.ts +1 -2
- package/cimd/index.d.ts.map +1 -1
- package/consent/index.d.ts +2 -1
- package/consent/index.d.ts.map +1 -1
- package/detection/auth-provider-detection.d.ts +4 -2
- package/detection/auth-provider-detection.d.ts.map +1 -1
- package/esm/index.mjs +673 -768
- package/esm/package.json +4 -4
- package/index.d.ts +3 -3
- package/index.d.ts.map +1 -1
- package/index.js +745 -858
- package/jwks/index.d.ts +1 -12
- package/jwks/index.d.ts.map +1 -1
- package/jwks/jwks.service.d.ts +1 -6
- package/jwks/jwks.service.d.ts.map +1 -1
- package/jwks/jwks.types.d.ts +0 -7
- package/jwks/jwks.types.d.ts.map +1 -1
- package/machine-id/machine-id.d.ts.map +1 -1
- package/options/app-auth.schema.d.ts +29 -37
- package/options/app-auth.schema.d.ts.map +1 -1
- package/options/index.d.ts +6 -6
- package/options/index.d.ts.map +1 -1
- package/options/interfaces.d.ts +72 -32
- package/options/interfaces.d.ts.map +1 -1
- package/options/orchestrated.schema.d.ts +54 -56
- package/options/orchestrated.schema.d.ts.map +1 -1
- package/options/schema.d.ts +30 -38
- package/options/schema.d.ts.map +1 -1
- package/options/shared.schemas.d.ts +61 -9
- package/options/shared.schemas.d.ts.map +1 -1
- package/options/transparent.schema.d.ts +15 -15
- package/options/typecheck.d.ts.map +1 -1
- package/options/utils.d.ts +16 -7
- package/options/utils.d.ts.map +1 -1
- package/package.json +4 -4
- package/session/session-crypto.d.ts.map +1 -1
- package/session/session.transport.d.ts +3 -4
- package/session/session.transport.d.ts.map +1 -1
- package/session/utils/session-crypto.utils.d.ts.map +1 -1
- package/jwks/dev-key-persistence.d.ts +0 -70
- package/jwks/dev-key-persistence.d.ts.map +0 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
-
export declare const
|
|
2
|
+
export declare const localAuthSchema: z.ZodObject<{
|
|
3
3
|
local: z.ZodOptional<z.ZodObject<{
|
|
4
4
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
5
5
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
@@ -7,11 +7,8 @@ export declare const orchestratedLocalSchema: z.ZodObject<{
|
|
|
7
7
|
}, z.core.$strip>>;
|
|
8
8
|
issuer: z.ZodOptional<z.ZodString>;
|
|
9
9
|
}, z.core.$strip>>;
|
|
10
|
-
tokenStorage: z.ZodDefault<z.
|
|
11
|
-
|
|
12
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
13
|
-
type: z.ZodLiteral<"redis">;
|
|
14
|
-
config: z.ZodObject<{
|
|
10
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
11
|
+
redis: z.ZodObject<{
|
|
15
12
|
host: z.ZodString;
|
|
16
13
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
17
14
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -20,7 +17,7 @@ export declare const orchestratedLocalSchema: z.ZodObject<{
|
|
|
20
17
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
21
18
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
22
19
|
}, z.core.$strip>;
|
|
23
|
-
}, z.core.$strip>]
|
|
20
|
+
}, z.core.$strip>]>>;
|
|
24
21
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
25
22
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
26
23
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -97,10 +94,9 @@ export declare const orchestratedLocalSchema: z.ZodObject<{
|
|
|
97
94
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
98
95
|
}, z.core.$strip>>;
|
|
99
96
|
}, z.core.$strip>>;
|
|
100
|
-
mode: z.ZodLiteral<"
|
|
101
|
-
type: z.ZodLiteral<"local">;
|
|
97
|
+
mode: z.ZodLiteral<"local">;
|
|
102
98
|
}, z.core.$strip>;
|
|
103
|
-
export declare const
|
|
99
|
+
export declare const remoteAuthSchema: z.ZodObject<{
|
|
104
100
|
local: z.ZodOptional<z.ZodObject<{
|
|
105
101
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
106
102
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
@@ -108,11 +104,8 @@ export declare const orchestratedRemoteSchema: z.ZodObject<{
|
|
|
108
104
|
}, z.core.$strip>>;
|
|
109
105
|
issuer: z.ZodOptional<z.ZodString>;
|
|
110
106
|
}, z.core.$strip>>;
|
|
111
|
-
tokenStorage: z.ZodDefault<z.
|
|
112
|
-
|
|
113
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
114
|
-
type: z.ZodLiteral<"redis">;
|
|
115
|
-
config: z.ZodObject<{
|
|
107
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
108
|
+
redis: z.ZodObject<{
|
|
116
109
|
host: z.ZodString;
|
|
117
110
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
118
111
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -121,7 +114,7 @@ export declare const orchestratedRemoteSchema: z.ZodObject<{
|
|
|
121
114
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
122
115
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
123
116
|
}, z.core.$strip>;
|
|
124
|
-
}, z.core.$strip>]
|
|
117
|
+
}, z.core.$strip>]>>;
|
|
125
118
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
126
119
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
127
120
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -198,27 +191,33 @@ export declare const orchestratedRemoteSchema: z.ZodObject<{
|
|
|
198
191
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
199
192
|
}, z.core.$strip>>;
|
|
200
193
|
}, z.core.$strip>>;
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
194
|
+
provider: z.ZodString;
|
|
195
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
196
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
197
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
198
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
205
199
|
name: z.ZodOptional<z.ZodString>;
|
|
206
200
|
id: z.ZodOptional<z.ZodString>;
|
|
207
201
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
208
202
|
keys: z.ZodArray<z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>>;
|
|
209
203
|
}, z.core.$strip>>;
|
|
210
204
|
jwksUri: z.ZodOptional<z.ZodString>;
|
|
211
|
-
clientId: z.ZodOptional<z.ZodString>;
|
|
212
|
-
clientSecret: z.ZodOptional<z.ZodString>;
|
|
213
|
-
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
214
205
|
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
215
206
|
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
216
207
|
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
217
208
|
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
218
209
|
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
219
|
-
}, z.core.$strip
|
|
210
|
+
}, z.core.$strip>>;
|
|
211
|
+
mode: z.ZodLiteral<"remote">;
|
|
220
212
|
}, z.core.$strip>;
|
|
221
|
-
export
|
|
213
|
+
export type LocalAuthOptions = z.infer<typeof localAuthSchema>;
|
|
214
|
+
export type LocalAuthOptionsInput = z.input<typeof localAuthSchema>;
|
|
215
|
+
export type RemoteAuthOptions = z.infer<typeof remoteAuthSchema>;
|
|
216
|
+
export type RemoteAuthOptionsInput = z.input<typeof remoteAuthSchema>;
|
|
217
|
+
export type LocalOrRemoteAuthOptions = LocalAuthOptions | RemoteAuthOptions;
|
|
218
|
+
export type LocalOrRemoteAuthOptionsInput = LocalAuthOptionsInput | RemoteAuthOptionsInput;
|
|
219
|
+
/** @deprecated Use localAuthSchema */
|
|
220
|
+
export declare const orchestratedLocalSchema: z.ZodObject<{
|
|
222
221
|
local: z.ZodOptional<z.ZodObject<{
|
|
223
222
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
224
223
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
@@ -226,11 +225,8 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
226
225
|
}, z.core.$strip>>;
|
|
227
226
|
issuer: z.ZodOptional<z.ZodString>;
|
|
228
227
|
}, z.core.$strip>>;
|
|
229
|
-
tokenStorage: z.ZodDefault<z.
|
|
230
|
-
|
|
231
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
232
|
-
type: z.ZodLiteral<"redis">;
|
|
233
|
-
config: z.ZodObject<{
|
|
228
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
229
|
+
redis: z.ZodObject<{
|
|
234
230
|
host: z.ZodString;
|
|
235
231
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
236
232
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -239,7 +235,7 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
239
235
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
240
236
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
241
237
|
}, z.core.$strip>;
|
|
242
|
-
}, z.core.$strip>]
|
|
238
|
+
}, z.core.$strip>]>>;
|
|
243
239
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
244
240
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
245
241
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -316,9 +312,10 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
316
312
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
317
313
|
}, z.core.$strip>>;
|
|
318
314
|
}, z.core.$strip>>;
|
|
319
|
-
mode: z.ZodLiteral<"
|
|
320
|
-
|
|
321
|
-
|
|
315
|
+
mode: z.ZodLiteral<"local">;
|
|
316
|
+
}, z.core.$strip>;
|
|
317
|
+
/** @deprecated Use remoteAuthSchema */
|
|
318
|
+
export declare const orchestratedRemoteSchema: z.ZodObject<{
|
|
322
319
|
local: z.ZodOptional<z.ZodObject<{
|
|
323
320
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
324
321
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
@@ -326,11 +323,8 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
326
323
|
}, z.core.$strip>>;
|
|
327
324
|
issuer: z.ZodOptional<z.ZodString>;
|
|
328
325
|
}, z.core.$strip>>;
|
|
329
|
-
tokenStorage: z.ZodDefault<z.
|
|
330
|
-
|
|
331
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
332
|
-
type: z.ZodLiteral<"redis">;
|
|
333
|
-
config: z.ZodObject<{
|
|
326
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
327
|
+
redis: z.ZodObject<{
|
|
334
328
|
host: z.ZodString;
|
|
335
329
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
336
330
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -339,7 +333,7 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
339
333
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
340
334
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
341
335
|
}, z.core.$strip>;
|
|
342
|
-
}, z.core.$strip>]
|
|
336
|
+
}, z.core.$strip>]>>;
|
|
343
337
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
344
338
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
345
339
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -416,31 +410,35 @@ export declare const orchestratedAuthOptionsSchema: z.ZodDiscriminatedUnion<[z.Z
|
|
|
416
410
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
417
411
|
}, z.core.$strip>>;
|
|
418
412
|
}, z.core.$strip>>;
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
413
|
+
provider: z.ZodString;
|
|
414
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
415
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
416
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
417
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
423
418
|
name: z.ZodOptional<z.ZodString>;
|
|
424
419
|
id: z.ZodOptional<z.ZodString>;
|
|
425
420
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
426
421
|
keys: z.ZodArray<z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>>;
|
|
427
422
|
}, z.core.$strip>>;
|
|
428
423
|
jwksUri: z.ZodOptional<z.ZodString>;
|
|
429
|
-
clientId: z.ZodOptional<z.ZodString>;
|
|
430
|
-
clientSecret: z.ZodOptional<z.ZodString>;
|
|
431
|
-
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
432
424
|
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
433
425
|
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
434
426
|
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
435
427
|
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
436
428
|
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
437
|
-
}, z.core.$strip
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
export type
|
|
442
|
-
|
|
443
|
-
export type
|
|
444
|
-
|
|
445
|
-
export type
|
|
429
|
+
}, z.core.$strip>>;
|
|
430
|
+
mode: z.ZodLiteral<"remote">;
|
|
431
|
+
}, z.core.$strip>;
|
|
432
|
+
/** @deprecated Use LocalAuthOptions */
|
|
433
|
+
export type OrchestratedLocalOptions = LocalAuthOptions;
|
|
434
|
+
/** @deprecated Use LocalAuthOptionsInput */
|
|
435
|
+
export type OrchestratedLocalOptionsInput = LocalAuthOptionsInput;
|
|
436
|
+
/** @deprecated Use RemoteAuthOptions */
|
|
437
|
+
export type OrchestratedRemoteOptions = RemoteAuthOptions;
|
|
438
|
+
/** @deprecated Use RemoteAuthOptionsInput */
|
|
439
|
+
export type OrchestratedRemoteOptionsInput = RemoteAuthOptionsInput;
|
|
440
|
+
/** @deprecated Use LocalOrRemoteAuthOptions */
|
|
441
|
+
export type OrchestratedAuthOptions = LocalOrRemoteAuthOptions;
|
|
442
|
+
/** @deprecated Use LocalOrRemoteAuthOptionsInput */
|
|
443
|
+
export type OrchestratedAuthOptionsInput = LocalOrRemoteAuthOptionsInput;
|
|
446
444
|
//# sourceMappingURL=orchestrated.schema.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"orchestrated.schema.d.ts","sourceRoot":"","sources":["../../src/options/orchestrated.schema.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAoCxB,eAAO,MAAM,
|
|
1
|
+
{"version":3,"file":"orchestrated.schema.d.ts","sourceRoot":"","sources":["../../src/options/orchestrated.schema.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAoCxB,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAG1B,CAAC;AAMH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAI3B,CAAC;AAMH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAC/D,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAEpE,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AACjE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAGtE,MAAM,MAAM,wBAAwB,GAAG,gBAAgB,GAAG,iBAAiB,CAAC;AAC5E,MAAM,MAAM,6BAA6B,GAAG,qBAAqB,GAAG,sBAAsB,CAAC;AAO3F,sCAAsC;AACtC,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAkB,CAAC;AACvD,uCAAuC;AACvC,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAAmB,CAAC;AAEzD,uCAAuC;AACvC,MAAM,MAAM,wBAAwB,GAAG,gBAAgB,CAAC;AACxD,4CAA4C;AAC5C,MAAM,MAAM,6BAA6B,GAAG,qBAAqB,CAAC;AAElE,wCAAwC;AACxC,MAAM,MAAM,yBAAyB,GAAG,iBAAiB,CAAC;AAC1D,6CAA6C;AAC7C,MAAM,MAAM,8BAA8B,GAAG,sBAAsB,CAAC;AAEpE,+CAA+C;AAC/C,MAAM,MAAM,uBAAuB,GAAG,wBAAwB,CAAC;AAC/D,oDAAoD;AACpD,MAAM,MAAM,4BAA4B,GAAG,6BAA6B,CAAC"}
|
package/options/schema.d.ts
CHANGED
|
@@ -14,33 +14,33 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
14
14
|
}, z.core.$strip>>;
|
|
15
15
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
16
16
|
}, z.core.$strip>, z.ZodObject<{
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
17
|
+
expectedAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>;
|
|
18
|
+
requiredScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
19
|
+
allowAnonymous: z.ZodDefault<z.ZodBoolean>;
|
|
20
|
+
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
21
|
+
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
22
|
+
tools: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
23
|
+
prompts: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
24
|
+
rateLimit: z.ZodDefault<z.ZodNumber>;
|
|
25
|
+
}, z.core.$strip>>;
|
|
26
|
+
provider: z.ZodString;
|
|
27
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
28
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
29
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
30
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
20
31
|
name: z.ZodOptional<z.ZodString>;
|
|
21
32
|
id: z.ZodOptional<z.ZodString>;
|
|
22
33
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
23
34
|
keys: z.ZodArray<z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>>;
|
|
24
35
|
}, z.core.$strip>>;
|
|
25
36
|
jwksUri: z.ZodOptional<z.ZodString>;
|
|
26
|
-
clientId: z.ZodOptional<z.ZodString>;
|
|
27
|
-
clientSecret: z.ZodOptional<z.ZodString>;
|
|
28
|
-
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
29
37
|
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
30
38
|
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
31
39
|
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
32
40
|
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
33
41
|
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
34
|
-
}, z.core.$strip>;
|
|
35
|
-
expectedAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>;
|
|
36
|
-
requiredScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
37
|
-
allowAnonymous: z.ZodDefault<z.ZodBoolean>;
|
|
38
|
-
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
39
|
-
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
40
|
-
tools: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
41
|
-
prompts: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
42
|
-
rateLimit: z.ZodDefault<z.ZodNumber>;
|
|
43
42
|
}, z.core.$strip>>;
|
|
43
|
+
mode: z.ZodLiteral<"transparent">;
|
|
44
44
|
}, z.core.$strip>, z.ZodObject<{
|
|
45
45
|
local: z.ZodOptional<z.ZodObject<{
|
|
46
46
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
@@ -49,11 +49,8 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
49
49
|
}, z.core.$strip>>;
|
|
50
50
|
issuer: z.ZodOptional<z.ZodString>;
|
|
51
51
|
}, z.core.$strip>>;
|
|
52
|
-
tokenStorage: z.ZodDefault<z.
|
|
53
|
-
|
|
54
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
55
|
-
type: z.ZodLiteral<"redis">;
|
|
56
|
-
config: z.ZodObject<{
|
|
52
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
53
|
+
redis: z.ZodObject<{
|
|
57
54
|
host: z.ZodString;
|
|
58
55
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
59
56
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -62,7 +59,7 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
62
59
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
63
60
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
64
61
|
}, z.core.$strip>;
|
|
65
|
-
}, z.core.$strip>]
|
|
62
|
+
}, z.core.$strip>]>>;
|
|
66
63
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
67
64
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
68
65
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -139,8 +136,7 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
139
136
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
140
137
|
}, z.core.$strip>>;
|
|
141
138
|
}, z.core.$strip>>;
|
|
142
|
-
mode: z.ZodLiteral<"
|
|
143
|
-
type: z.ZodLiteral<"local">;
|
|
139
|
+
mode: z.ZodLiteral<"local">;
|
|
144
140
|
}, z.core.$strip>, z.ZodObject<{
|
|
145
141
|
local: z.ZodOptional<z.ZodObject<{
|
|
146
142
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
@@ -149,11 +145,8 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
149
145
|
}, z.core.$strip>>;
|
|
150
146
|
issuer: z.ZodOptional<z.ZodString>;
|
|
151
147
|
}, z.core.$strip>>;
|
|
152
|
-
tokenStorage: z.ZodDefault<z.
|
|
153
|
-
|
|
154
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
155
|
-
type: z.ZodLiteral<"redis">;
|
|
156
|
-
config: z.ZodObject<{
|
|
148
|
+
tokenStorage: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
149
|
+
redis: z.ZodObject<{
|
|
157
150
|
host: z.ZodString;
|
|
158
151
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
159
152
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -162,7 +155,7 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
162
155
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
163
156
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
164
157
|
}, z.core.$strip>;
|
|
165
|
-
}, z.core.$strip>]
|
|
158
|
+
}, z.core.$strip>]>>;
|
|
166
159
|
allowDefaultPublic: z.ZodDefault<z.ZodBoolean>;
|
|
167
160
|
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
168
161
|
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
@@ -239,27 +232,26 @@ export declare const authOptionsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
|
239
232
|
maxRedirects: z.ZodDefault<z.ZodNumber>;
|
|
240
233
|
}, z.core.$strip>>;
|
|
241
234
|
}, z.core.$strip>>;
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
235
|
+
provider: z.ZodString;
|
|
236
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
237
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
238
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
239
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
246
240
|
name: z.ZodOptional<z.ZodString>;
|
|
247
241
|
id: z.ZodOptional<z.ZodString>;
|
|
248
242
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
249
243
|
keys: z.ZodArray<z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>>;
|
|
250
244
|
}, z.core.$strip>>;
|
|
251
245
|
jwksUri: z.ZodOptional<z.ZodString>;
|
|
252
|
-
clientId: z.ZodOptional<z.ZodString>;
|
|
253
|
-
clientSecret: z.ZodOptional<z.ZodString>;
|
|
254
|
-
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
255
246
|
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
256
247
|
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
257
248
|
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
258
249
|
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
259
250
|
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
260
|
-
}, z.core.$strip
|
|
251
|
+
}, z.core.$strip>>;
|
|
252
|
+
mode: z.ZodLiteral<"remote">;
|
|
261
253
|
}, z.core.$strip>]>;
|
|
262
254
|
export type AuthOptions = z.infer<typeof authOptionsSchema>;
|
|
263
255
|
export type AuthOptionsInput = z.input<typeof authOptionsSchema>;
|
|
264
|
-
export type AuthMode = 'public' | 'transparent' | '
|
|
256
|
+
export type AuthMode = 'public' | 'transparent' | 'local' | 'remote';
|
|
265
257
|
//# sourceMappingURL=schema.d.ts.map
|
package/options/schema.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/options/schema.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AASxB,eAAO,MAAM,iBAAiB
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/options/schema.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AASxB,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mBAK5B,CAAC;AAMH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAC5D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AACjE,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,aAAa,GAAG,OAAO,GAAG,QAAQ,CAAC"}
|
|
@@ -11,7 +11,7 @@ export declare const publicAccessConfigSchema: z.ZodObject<{
|
|
|
11
11
|
export type PublicAccessConfig = z.infer<typeof publicAccessConfigSchema>;
|
|
12
12
|
export type PublicAccessConfigInput = z.input<typeof publicAccessConfigSchema>;
|
|
13
13
|
/**
|
|
14
|
-
* Local signing configuration (for
|
|
14
|
+
* Local signing configuration (for local auth mode)
|
|
15
15
|
*/
|
|
16
16
|
export declare const localSigningConfigSchema: z.ZodObject<{
|
|
17
17
|
signKey: z.ZodOptional<z.ZodUnion<[z.ZodType<import("../common/jwt.types").JWK, unknown, z.core.$ZodTypeInternals<import("../common/jwt.types").JWK, unknown>>, z.ZodCustom<Uint8Array<ArrayBuffer>, Uint8Array<ArrayBuffer>>]>>;
|
|
@@ -23,7 +23,27 @@ export declare const localSigningConfigSchema: z.ZodObject<{
|
|
|
23
23
|
export type LocalSigningConfig = z.infer<typeof localSigningConfigSchema>;
|
|
24
24
|
export type LocalSigningConfigInput = z.input<typeof localSigningConfigSchema>;
|
|
25
25
|
/**
|
|
26
|
-
*
|
|
26
|
+
* Advanced provider configuration options.
|
|
27
|
+
* These are less commonly used and are grouped into an optional sub-object.
|
|
28
|
+
*/
|
|
29
|
+
export declare const providerConfigSchema: z.ZodObject<{
|
|
30
|
+
name: z.ZodOptional<z.ZodString>;
|
|
31
|
+
id: z.ZodOptional<z.ZodString>;
|
|
32
|
+
jwks: z.ZodOptional<z.ZodObject<{
|
|
33
|
+
keys: z.ZodArray<z.ZodType<import("../common/jwt.types").JWK, unknown, z.core.$ZodTypeInternals<import("../common/jwt.types").JWK, unknown>>>;
|
|
34
|
+
}, z.core.$strip>>;
|
|
35
|
+
jwksUri: z.ZodOptional<z.ZodString>;
|
|
36
|
+
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
37
|
+
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
38
|
+
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
39
|
+
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
40
|
+
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
41
|
+
}, z.core.$strip>;
|
|
42
|
+
export type ProviderConfig = z.infer<typeof providerConfigSchema>;
|
|
43
|
+
export type ProviderConfigInput = z.input<typeof providerConfigSchema>;
|
|
44
|
+
/**
|
|
45
|
+
* Remote OAuth provider configuration (internal, full flat shape)
|
|
46
|
+
* Used internally after flattening for compatibility.
|
|
27
47
|
*/
|
|
28
48
|
export declare const remoteProviderConfigSchema: z.ZodObject<{
|
|
29
49
|
provider: z.ZodString;
|
|
@@ -45,13 +65,45 @@ export declare const remoteProviderConfigSchema: z.ZodObject<{
|
|
|
45
65
|
export type RemoteProviderConfig = z.infer<typeof remoteProviderConfigSchema>;
|
|
46
66
|
export type RemoteProviderConfigInput = z.input<typeof remoteProviderConfigSchema>;
|
|
47
67
|
/**
|
|
48
|
-
*
|
|
68
|
+
* Flattened remote provider fields for top-level use in auth schemas.
|
|
69
|
+
* Basic fields (provider, clientId, clientSecret, scopes) are at top level.
|
|
70
|
+
* Advanced fields are in the optional providerConfig sub-object.
|
|
71
|
+
*/
|
|
72
|
+
export declare const flatRemoteProviderFields: {
|
|
73
|
+
/**
|
|
74
|
+
* OAuth provider base URL (required)
|
|
75
|
+
* @example 'https://auth.example.com'
|
|
76
|
+
*/
|
|
77
|
+
provider: z.ZodString;
|
|
78
|
+
/** Client ID for this MCP server */
|
|
79
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
80
|
+
/** Client secret (for confidential clients) */
|
|
81
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
82
|
+
/** Scopes to request from the upstream provider */
|
|
83
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
84
|
+
/** Advanced provider configuration */
|
|
85
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
86
|
+
name: z.ZodOptional<z.ZodString>;
|
|
87
|
+
id: z.ZodOptional<z.ZodString>;
|
|
88
|
+
jwks: z.ZodOptional<z.ZodObject<{
|
|
89
|
+
keys: z.ZodArray<z.ZodType<import("../common/jwt.types").JWK, unknown, z.core.$ZodTypeInternals<import("../common/jwt.types").JWK, unknown>>>;
|
|
90
|
+
}, z.core.$strip>>;
|
|
91
|
+
jwksUri: z.ZodOptional<z.ZodString>;
|
|
92
|
+
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
93
|
+
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
94
|
+
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
95
|
+
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
96
|
+
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
97
|
+
}, z.core.$strip>>;
|
|
98
|
+
};
|
|
99
|
+
/**
|
|
100
|
+
* Token storage configuration for local/remote modes.
|
|
101
|
+
*
|
|
102
|
+
* Simple string 'memory' for in-memory storage,
|
|
103
|
+
* or an object with redis config for Redis storage.
|
|
49
104
|
*/
|
|
50
|
-
export declare const tokenStorageConfigSchema: z.
|
|
51
|
-
|
|
52
|
-
}, z.core.$strip>, z.ZodObject<{
|
|
53
|
-
type: z.ZodLiteral<"redis">;
|
|
54
|
-
config: z.ZodObject<{
|
|
105
|
+
export declare const tokenStorageConfigSchema: z.ZodUnion<readonly [z.ZodLiteral<"memory">, z.ZodObject<{
|
|
106
|
+
redis: z.ZodObject<{
|
|
55
107
|
host: z.ZodString;
|
|
56
108
|
port: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
57
109
|
password: z.ZodOptional<z.ZodString>;
|
|
@@ -60,7 +112,7 @@ export declare const tokenStorageConfigSchema: z.ZodDiscriminatedUnion<[z.ZodObj
|
|
|
60
112
|
keyPrefix: z.ZodDefault<z.ZodOptional<z.ZodString>>;
|
|
61
113
|
defaultTtlMs: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
62
114
|
}, z.core.$strip>;
|
|
63
|
-
}, z.core.$strip>]
|
|
115
|
+
}, z.core.$strip>]>;
|
|
64
116
|
export type TokenStorageConfig = z.infer<typeof tokenStorageConfigSchema>;
|
|
65
117
|
export type TokenStorageConfigInput = z.input<typeof tokenStorageConfigSchema>;
|
|
66
118
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shared.schemas.d.ts","sourceRoot":"","sources":["../../src/options/shared.schemas.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAqB,MAAM,oCAAoC,CAAC;AAMpF;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;;iBAkBnC,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;;;;iBAkBnC,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E
|
|
1
|
+
{"version":3,"file":"shared.schemas.d.ts","sourceRoot":"","sources":["../../src/options/shared.schemas.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,WAAW,EAAqB,MAAM,oCAAoC,CAAC;AAMpF;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;;iBAkBnC,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;;;;iBAkBnC,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E;;;GAGG;AACH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;iBAoC/B,CAAC;AAEH,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAClE,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAMvE;;;GAGG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;iBAqErC,CAAC;AAEH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAC9E,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAOnF;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;IACnC;;;OAGG;;IAGH,oCAAoC;;IAGpC,+CAA+C;;IAG/C,mDAAmD;;IAGnD,sCAAsC;;;;;;;;;;;;;;CAEvC,CAAC;AAMF;;;;;GAKG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;mBAAyE,CAAC;AAE/G,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;iBAYnC,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM/E;;GAEG;AACH,eAAO,MAAM,wBAAwB;;;EAAwC,CAAC;AAE9E,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAM1E;;;GAGG;AACH,eAAO,MAAM,mBAAmB;;;;;;;;;;iBAqD9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAChE,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAMrE;;GAEG;AACH,eAAO,MAAM,yBAAyB;;;;;iBAQpC,CAAC;AAEH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAC5E,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAMjF;;;GAGG;AACH,eAAO,MAAM,2BAA2B;;;;;;;;iBA4BtC,CAAC;AAEH,MAAM,MAAM,qBAAqB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC;AAChF,MAAM,MAAM,0BAA0B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,2BAA2B,CAAC,CAAC;AAMrF,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,UAAU,EACf,KAAK,eAAe,GACrB,MAAM,SAAS,CAAC;AAGjB,YAAY,EAAE,WAAW,EAAE,CAAC"}
|
|
@@ -1,32 +1,32 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
2
|
export declare const transparentAuthOptionsSchema: z.ZodObject<{
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
3
|
+
expectedAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>;
|
|
4
|
+
requiredScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
5
|
+
allowAnonymous: z.ZodDefault<z.ZodBoolean>;
|
|
6
|
+
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
7
|
+
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
8
|
+
tools: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
9
|
+
prompts: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
10
|
+
rateLimit: z.ZodDefault<z.ZodNumber>;
|
|
11
|
+
}, z.core.$strip>>;
|
|
12
|
+
provider: z.ZodString;
|
|
13
|
+
clientId: z.ZodOptional<z.ZodString>;
|
|
14
|
+
clientSecret: z.ZodOptional<z.ZodString>;
|
|
15
|
+
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
16
|
+
providerConfig: z.ZodOptional<z.ZodObject<{
|
|
6
17
|
name: z.ZodOptional<z.ZodString>;
|
|
7
18
|
id: z.ZodOptional<z.ZodString>;
|
|
8
19
|
jwks: z.ZodOptional<z.ZodObject<{
|
|
9
20
|
keys: z.ZodArray<z.ZodType<import("..").JWK, unknown, z.core.$ZodTypeInternals<import("..").JWK, unknown>>>;
|
|
10
21
|
}, z.core.$strip>>;
|
|
11
22
|
jwksUri: z.ZodOptional<z.ZodString>;
|
|
12
|
-
clientId: z.ZodOptional<z.ZodString>;
|
|
13
|
-
clientSecret: z.ZodOptional<z.ZodString>;
|
|
14
|
-
scopes: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
15
23
|
dcrEnabled: z.ZodDefault<z.ZodBoolean>;
|
|
16
24
|
authEndpoint: z.ZodOptional<z.ZodString>;
|
|
17
25
|
tokenEndpoint: z.ZodOptional<z.ZodString>;
|
|
18
26
|
registrationEndpoint: z.ZodOptional<z.ZodString>;
|
|
19
27
|
userInfoEndpoint: z.ZodOptional<z.ZodString>;
|
|
20
|
-
}, z.core.$strip>;
|
|
21
|
-
expectedAudience: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>>;
|
|
22
|
-
requiredScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
23
|
-
allowAnonymous: z.ZodDefault<z.ZodBoolean>;
|
|
24
|
-
anonymousScopes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
25
|
-
publicAccess: z.ZodOptional<z.ZodObject<{
|
|
26
|
-
tools: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
27
|
-
prompts: z.ZodDefault<z.ZodUnion<readonly [z.ZodLiteral<"all">, z.ZodArray<z.ZodString>]>>;
|
|
28
|
-
rateLimit: z.ZodDefault<z.ZodNumber>;
|
|
29
28
|
}, z.core.$strip>>;
|
|
29
|
+
mode: z.ZodLiteral<"transparent">;
|
|
30
30
|
}, z.core.$strip>;
|
|
31
31
|
export type TransparentAuthOptions = z.infer<typeof transparentAuthOptionsSchema>;
|
|
32
32
|
export type TransparentAuthOptionsInput = z.input<typeof transparentAuthOptionsSchema>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"typecheck.d.ts","sourceRoot":"","sources":["../../src/options/typecheck.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"typecheck.d.ts","sourceRoot":"","sources":["../../src/options/typecheck.ts"],"names":[],"mappings":"AAgEA,OAAO,EAAE,CAAC"}
|
package/options/utils.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { AuthOptions, AuthOptionsInput } from './schema';
|
|
2
2
|
import { PublicAuthOptions } from './public.schema';
|
|
3
3
|
import { TransparentAuthOptions } from './transparent.schema';
|
|
4
|
-
import {
|
|
4
|
+
import { LocalAuthOptions, RemoteAuthOptions, LocalOrRemoteAuthOptions } from './orchestrated.schema';
|
|
5
5
|
/**
|
|
6
6
|
* Parse and validate auth options with defaults
|
|
7
7
|
*/
|
|
@@ -15,17 +15,26 @@ export declare function isPublicMode(options: AuthOptions | AuthOptionsInput): o
|
|
|
15
15
|
*/
|
|
16
16
|
export declare function isTransparentMode(options: AuthOptions | AuthOptionsInput): options is TransparentAuthOptions;
|
|
17
17
|
/**
|
|
18
|
-
* Check if options are orchestrated
|
|
18
|
+
* Check if options are local mode (formerly orchestrated local)
|
|
19
19
|
*/
|
|
20
|
-
export declare function
|
|
20
|
+
export declare function isLocalMode(options: AuthOptions | AuthOptionsInput): options is LocalAuthOptions;
|
|
21
21
|
/**
|
|
22
|
-
* Check if
|
|
22
|
+
* Check if options are remote mode (formerly orchestrated remote)
|
|
23
23
|
*/
|
|
24
|
-
export declare function
|
|
24
|
+
export declare function isRemoteMode(options: AuthOptions | AuthOptionsInput): options is RemoteAuthOptions;
|
|
25
25
|
/**
|
|
26
|
-
* Check if
|
|
26
|
+
* Check if options are orchestrated mode (local or remote).
|
|
27
|
+
* This replaces the old isOrchestratedMode check.
|
|
27
28
|
*/
|
|
28
|
-
export declare function
|
|
29
|
+
export declare function isOrchestratedMode(options: AuthOptions | AuthOptionsInput): options is LocalOrRemoteAuthOptions;
|
|
30
|
+
/**
|
|
31
|
+
* Check if local-or-remote options are local type
|
|
32
|
+
*/
|
|
33
|
+
export declare function isOrchestratedLocal(options: LocalOrRemoteAuthOptions): options is LocalAuthOptions;
|
|
34
|
+
/**
|
|
35
|
+
* Check if local-or-remote options are remote type
|
|
36
|
+
*/
|
|
37
|
+
export declare function isOrchestratedRemote(options: LocalOrRemoteAuthOptions): options is RemoteAuthOptions;
|
|
29
38
|
/**
|
|
30
39
|
* Check if options allow public/anonymous access
|
|
31
40
|
*/
|
package/options/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/options/utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAqB,WAAW,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/options/utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAqB,WAAW,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AAMtG;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,gBAAgB,GAAG,WAAW,CAErE;AAMD;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,OAAO,IAAI,iBAAiB,CAElG;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,OAAO,IAAI,sBAAsB,CAE5G;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,OAAO,IAAI,gBAAgB,CAEhG;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,OAAO,IAAI,iBAAiB,CAElG;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,WAAW,GAAG,gBAAgB,GAAG,OAAO,IAAI,wBAAwB,CAE/G;AAMD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,wBAAwB,GAAG,OAAO,IAAI,gBAAgB,CAElG;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,wBAAwB,GAAG,OAAO,IAAI,iBAAiB,CAEpG;AAMD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAKhE"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@frontmcp/auth",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "1.0.0-beta.1",
|
|
4
4
|
"description": "FrontMCP Auth - Authentication, session management, and credential vault",
|
|
5
5
|
"author": "AgentFront <info@agentfront.dev>",
|
|
6
6
|
"homepage": "https://docs.agentfront.dev",
|
|
@@ -50,7 +50,7 @@
|
|
|
50
50
|
"zod": "^4.0.0",
|
|
51
51
|
"ioredis": "^5.0.0",
|
|
52
52
|
"@vercel/kv": "^3.0.0",
|
|
53
|
-
"@frontmcp/storage-sqlite": "0.
|
|
53
|
+
"@frontmcp/storage-sqlite": "1.0.0-beta.1"
|
|
54
54
|
},
|
|
55
55
|
"peerDependenciesMeta": {
|
|
56
56
|
"ioredis": {
|
|
@@ -64,8 +64,8 @@
|
|
|
64
64
|
}
|
|
65
65
|
},
|
|
66
66
|
"dependencies": {
|
|
67
|
-
"@frontmcp/utils": "0.
|
|
68
|
-
"@frontmcp/di": "0.
|
|
67
|
+
"@frontmcp/utils": "1.0.0-beta.1",
|
|
68
|
+
"@frontmcp/di": "1.0.0-beta.1",
|
|
69
69
|
"jose": "^6.0.0"
|
|
70
70
|
},
|
|
71
71
|
"devDependencies": {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session-crypto.d.ts","sourceRoot":"","sources":["../../src/session/session-crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAGL,YAAY,
|
|
1
|
+
{"version":3,"file":"session-crypto.d.ts","sourceRoot":"","sources":["../../src/session/session-crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAGL,YAAY,EAIZ,KAAK,UAAU,EAEhB,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAG/D;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;AAEtD;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AA4BD;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,EAAE,oBAAoB,GAAG,MAAM,CAEzF;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,oBAAoB,GAAG,aAAa,GAAG,IAAI,CAErG;AAED;;;;;;GAMG;AACH,OAAO,EAAE,YAAY,IAAI,eAAe,EAAE,CAAC;AAE3C;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,oBAAoB,GAAG,aAAa,GAAG,IAAI,CAEtG"}
|