@frontmcp/plugin-approval 0.0.1 → 0.7.1

package/index.js

@@ -0,0 +1,1279 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+
+// plugins/plugin-approval/src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ApprovalCheckPlugin: () => ApprovalCheckPlugin,
+  ApprovalError: () => ApprovalError,
+  ApprovalExpiredError: () => ApprovalExpiredError,
+  ApprovalOperationError: () => ApprovalOperationError,
+  ApprovalPlugin: () => ApprovalPlugin,
+  ApprovalPluginClass: () => ApprovalPlugin,
+  ApprovalRequiredError: () => ApprovalRequiredError,
+  ApprovalScope: () => ApprovalScope,
+  ApprovalScopeNotAllowedError: () => ApprovalScopeNotAllowedError,
+  ApprovalService: () => ApprovalService,
+  ApprovalServiceToken: () => ApprovalServiceToken,
+  ApprovalState: () => ApprovalState,
+  ApprovalStorageStore: () => ApprovalStorageStore,
+  ApprovalStoreToken: () => ApprovalStoreToken,
+  ChallengeService: () => ChallengeService,
+  ChallengeServiceToken: () => ChallengeServiceToken,
+  ChallengeValidationError: () => ChallengeValidationError,
+  adminGrantor: () => adminGrantor,
+  adminRevoker: () => adminRevoker,
+  agentGrantor: () => agentGrantor,
+  apiGrantor: () => apiGrantor,
+  createApprovalMemoryStore: () => createApprovalMemoryStore,
+  createApprovalService: () => createApprovalService,
+  createMemoryChallengeService: () => createMemoryChallengeService,
+  customGrantor: () => customGrantor,
+  expiryRevoker: () => expiryRevoker,
+  installApprovalContextExtension: () => installApprovalContextExtension,
+  isApiGrantor: () => isApiGrantor,
+  isAutoGrantor: () => isAutoGrantor,
+  isDelegatedGrantor: () => isDelegatedGrantor,
+  isGrantorSource: () => isGrantorSource,
+  isHumanGrantor: () => isHumanGrantor,
+  normalizeGrantor: () => normalizeGrantor,
+  normalizeRevoker: () => normalizeRevoker,
+  oauthGrantor: () => oauthGrantor,
+  policyGrantor: () => policyGrantor,
+  policyRevoker: () => policyRevoker,
+  sessionEndRevoker: () => sessionEndRevoker,
+  systemGrantor: () => systemGrantor,
+  testGrantor: () => testGrantor,
+  userGrantor: () => userGrantor,
+  userRevoker: () => userRevoker
+});
+module.exports = __toCommonJS(index_exports);
+
+// plugins/plugin-approval/src/approval.plugin.ts
+var import_sdk5 = require("@frontmcp/sdk");
+
+// plugins/plugin-approval/src/stores/approval-storage.store.ts
+var import_sdk = require("@frontmcp/sdk");
+var import_utils = require("@frontmcp/utils");
+
+// plugins/plugin-approval/src/approval/types.ts
+var ApprovalScope = /* @__PURE__ */ ((ApprovalScope2) => {
+  ApprovalScope2["SESSION"] = "session";
+  ApprovalScope2["USER"] = "user";
+  ApprovalScope2["TIME_LIMITED"] = "time_limited";
+  ApprovalScope2["TOOL_SPECIFIC"] = "tool_specific";
+  ApprovalScope2["CONTEXT_SPECIFIC"] = "context_specific";
+  return ApprovalScope2;
+})(ApprovalScope || {});
+var ApprovalState = /* @__PURE__ */ ((ApprovalState2) => {
+  ApprovalState2["PENDING"] = "pending";
+  ApprovalState2["APPROVED"] = "approved";
+  ApprovalState2["DENIED"] = "denied";
+  ApprovalState2["EXPIRED"] = "expired";
+  return ApprovalState2;
+})(ApprovalState || {});
+
+// plugins/plugin-approval/src/approval/schemas.ts
+var import_zod = require("zod");
+var approvalScopeSchema = import_zod.z.nativeEnum(ApprovalScope);
+var approvalStateSchema = import_zod.z.nativeEnum(ApprovalState);
+var approvalMethodSchema = import_zod.z.enum(["interactive", "implicit", "delegation", "batch", "api"]);
+var approvalSourceTypeSchema = import_zod.z.string().min(1);
+var revocationMethodSchema = import_zod.z.enum(["interactive", "implicit", "policy", "expiry"]);
+var approvalCategorySchema = import_zod.z.enum(["read", "write", "delete", "execute", "admin"]);
+var riskLevelSchema = import_zod.z.enum(["low", "medium", "high", "critical"]);
+var approvalContextSchema = import_zod.z.object({
+  type: import_zod.z.string().min(1),
+  identifier: import_zod.z.string().min(1),
+  metadata: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).optional()
+});
+var delegationContextSchema = import_zod.z.object({
+  delegatorId: import_zod.z.string().min(1),
+  delegateId: import_zod.z.string().min(1),
+  purpose: import_zod.z.string().optional(),
+  constraints: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).optional()
+});
+var approvalGrantorSchema = import_zod.z.object({
+  source: approvalSourceTypeSchema,
+  identifier: import_zod.z.string().optional(),
+  displayName: import_zod.z.string().optional(),
+  method: approvalMethodSchema.optional(),
+  origin: import_zod.z.string().optional(),
+  delegationContext: delegationContextSchema.optional()
+});
+var approvalRevokerSchema = import_zod.z.object({
+  source: import_zod.z.string().min(1),
+  identifier: import_zod.z.string().optional(),
+  displayName: import_zod.z.string().optional(),
+  method: revocationMethodSchema.optional()
+});
+var approvalRecordSchema = import_zod.z.object({
+  toolId: import_zod.z.string().min(1),
+  state: approvalStateSchema,
+  scope: approvalScopeSchema,
+  grantedAt: import_zod.z.number(),
+  expiresAt: import_zod.z.number().optional(),
+  ttlMs: import_zod.z.number().optional(),
+  sessionId: import_zod.z.string().optional(),
+  userId: import_zod.z.string().optional(),
+  context: approvalContextSchema.optional(),
+  grantedBy: approvalGrantorSchema,
+  approvalChain: import_zod.z.array(approvalGrantorSchema).optional(),
+  reason: import_zod.z.string().optional(),
+  metadata: import_zod.z.record(import_zod.z.string(), import_zod.z.unknown()).optional(),
+  revokedAt: import_zod.z.number().optional(),
+  revokedBy: approvalRevokerSchema.optional(),
+  revocationReason: import_zod.z.string().optional()
+});
+var toolApprovalRequirementSchema = import_zod.z.object({
+  required: import_zod.z.boolean().optional(),
+  defaultScope: approvalScopeSchema.optional(),
+  allowedScopes: import_zod.z.array(approvalScopeSchema).optional(),
+  maxTtlMs: import_zod.z.number().positive().optional(),
+  alwaysPrompt: import_zod.z.boolean().optional(),
+  skipApproval: import_zod.z.boolean().optional(),
+  approvalMessage: import_zod.z.string().optional(),
+  category: approvalCategorySchema.optional(),
+  riskLevel: riskLevelSchema.optional(),
+  preApprovedContexts: import_zod.z.array(approvalContextSchema).optional()
+});
+
+// plugins/plugin-approval/src/approval/factories.ts
+function userGrantor(userId, displayName, options) {
+  return {
+    source: "user",
+    identifier: userId,
+    displayName,
+    method: options?.method ?? "interactive",
+    origin: options?.origin
+  };
+}
+function policyGrantor(policyId, policyName) {
+  return {
+    source: "policy",
+    identifier: policyId,
+    displayName: policyName,
+    method: "implicit"
+  };
+}
+function adminGrantor(adminId, displayName, options) {
+  return {
+    source: "admin",
+    identifier: adminId,
+    displayName,
+    method: options?.method ?? "interactive",
+    origin: options?.origin
+  };
+}
+function systemGrantor(systemId = "system") {
+  return {
+    source: "system",
+    identifier: systemId,
+    method: "implicit"
+  };
+}
+function agentGrantor(agentId, delegationContext, displayName) {
+  return {
+    source: "agent",
+    identifier: agentId,
+    displayName,
+    method: "delegation",
+    delegationContext
+  };
+}
+function apiGrantor(apiKeyPrefix, serviceName) {
+  return {
+    source: "api",
+    identifier: apiKeyPrefix,
+    displayName: serviceName,
+    method: "api",
+    origin: "api"
+  };
+}
+function oauthGrantor(tokenId, provider) {
+  return {
+    source: "oauth",
+    identifier: tokenId,
+    displayName: provider,
+    method: "api",
+    origin: "oauth"
+  };
+}
+function testGrantor() {
+  return {
+    source: "test",
+    identifier: "test",
+    method: "implicit"
+  };
+}
+function customGrantor(source, identifier, options) {
+  return {
+    source,
+    identifier,
+    displayName: options?.displayName,
+    method: options?.method,
+    origin: options?.origin,
+    delegationContext: options?.delegationContext
+  };
+}
+function userRevoker(userId, displayName) {
+  return {
+    source: "user",
+    identifier: userId,
+    displayName,
+    method: "interactive"
+  };
+}
+function adminRevoker(adminId, displayName) {
+  return {
+    source: "admin",
+    identifier: adminId,
+    displayName,
+    method: "interactive"
+  };
+}
+function expiryRevoker() {
+  return {
+    source: "expiry",
+    method: "expiry"
+  };
+}
+function sessionEndRevoker(sessionId) {
+  return {
+    source: "session_end",
+    identifier: sessionId,
+    method: "implicit"
+  };
+}
+function policyRevoker(policyId, policyName) {
+  return {
+    source: "policy",
+    identifier: policyId,
+    displayName: policyName,
+    method: "policy"
+  };
+}
+function normalizeGrantor(input) {
+  if (!input) {
+    return { source: "user" };
+  }
+  if (typeof input === "string") {
+    return { source: input };
+  }
+  return input;
+}
+function normalizeRevoker(input) {
+  if (!input) {
+    return { source: "user" };
+  }
+  if (typeof input === "string") {
+    return { source: input };
+  }
+  return input;
+}
+
+// plugins/plugin-approval/src/approval/guards.ts
+function isGrantorSource(grantor, source) {
+  return grantor.source === source;
+}
+function isHumanGrantor(grantor) {
+  return grantor.source === "user" || grantor.source === "admin";
+}
+function isAutoGrantor(grantor) {
+  return grantor.source === "policy" || grantor.source === "system" || grantor.source === "test";
+}
+function isDelegatedGrantor(grantor) {
+  return grantor.source === "agent" && !!grantor.delegationContext;
+}
+function isApiGrantor(grantor) {
+  return grantor.source === "api" || grantor.source === "oauth";
+}
+
+// plugins/plugin-approval/src/approval/errors.ts
+var ApprovalError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "ApprovalError";
+  }
+};
+var ApprovalRequiredError = class extends ApprovalError {
+  constructor(details) {
+    super(details.message);
+    this.details = details;
+    this.name = "ApprovalRequiredError";
+  }
+  /**
+   * Convert to a JSON-RPC compatible error structure.
+   */
+  toJsonRpcError() {
+    return {
+      code: -32600,
+      // Invalid Request
+      message: this.details.message,
+      data: {
+        type: "approval_required",
+        toolId: this.details.toolId,
+        state: this.details.state,
+        options: this.details.approvalOptions
+      }
+    };
+  }
+};
+var ApprovalOperationError = class extends ApprovalError {
+  constructor(operation, reason) {
+    super(`Approval ${operation} failed: ${reason}`);
+    this.operation = operation;
+    this.reason = reason;
+    this.name = "ApprovalOperationError";
+  }
+  /**
+   * Convert to a JSON-RPC compatible error structure.
+   */
+  toJsonRpcError() {
+    return {
+      code: -32603,
+      // Internal Error
+      message: "Approval operation failed",
+      data: {
+        type: "approval_operation_error",
+        operation: this.operation
+      }
+    };
+  }
+};
+var ApprovalScopeNotAllowedError = class extends ApprovalError {
+  constructor(requestedScope, allowedScopes) {
+    super(
+      `Approval scope '${requestedScope}' is not allowed for this tool. Allowed scopes: ${allowedScopes.join(", ")}`
+    );
+    this.requestedScope = requestedScope;
+    this.allowedScopes = allowedScopes;
+    this.name = "ApprovalScopeNotAllowedError";
+  }
+  /**
+   * Convert to a JSON-RPC compatible error structure.
+   */
+  toJsonRpcError() {
+    return {
+      code: -32602,
+      // Invalid Params
+      message: this.message,
+      data: {
+        type: "approval_scope_not_allowed",
+        requestedScope: this.requestedScope,
+        allowedScopes: this.allowedScopes
+      }
+    };
+  }
+};
+var ApprovalExpiredError = class extends ApprovalError {
+  constructor(toolId, expiredAt) {
+    super(`Approval for tool '${toolId}' expired at ${new Date(expiredAt).toISOString()}`);
+    this.toolId = toolId;
+    this.expiredAt = expiredAt;
+    this.name = "ApprovalExpiredError";
+  }
+  /**
+   * Convert to a JSON-RPC compatible error structure.
+   */
+  toJsonRpcError() {
+    return {
+      code: -32600,
+      // Invalid Request
+      message: this.message,
+      data: {
+        type: "approval_expired",
+        toolId: this.toolId,
+        expiredAt: this.expiredAt
+      }
+    };
+  }
+};
+var ChallengeValidationError = class extends ApprovalError {
+  constructor(reason = "invalid", message) {
+    super(message ?? `PKCE challenge validation failed: ${reason}`);
+    this.reason = reason;
+    this.name = "ChallengeValidationError";
+  }
+  /**
+   * Convert to a JSON-RPC compatible error structure.
+   */
+  toJsonRpcError() {
+    return {
+      code: -32600,
+      // Invalid Request
+      message: this.message,
+      data: {
+        type: "challenge_validation_error",
+        reason: this.reason
+      }
+    };
+  }
+};
+
+// plugins/plugin-approval/src/stores/approval-storage.store.ts
+function escapePattern(str) {
+  return str.replace(/[*?[\]\\]/g, "\\$&");
+}
+var ApprovalStorageStore = class {
+  storage;
+  options;
+  cleanupInterval;
+  initialized = false;
+  ownedStorage = false;
+  constructor(options = {}) {
+    this.options = {
+      storage: options.storage ?? { type: "auto" },
+      storageInstance: options.storageInstance,
+      namespace: options.namespace ?? "approval",
+      cleanupIntervalSeconds: options.cleanupIntervalSeconds ?? 60
+    };
+  }
+  /**
+   * Initialize the storage connection.
+   */
+  async initialize() {
+    if (this.initialized) {
+      return;
+    }
+    if (this.options.storageInstance) {
+      this.storage = this.options.storageInstance.namespace(this.options.namespace);
+      this.ownedStorage = false;
+    } else {
+      const rootStorage = await (0, import_utils.createStorage)(this.options.storage);
+      this.storage = rootStorage.namespace(this.options.namespace);
+      this.ownedStorage = true;
+    }
+    if (this.options.cleanupIntervalSeconds > 0) {
+      this.cleanupInterval = setInterval(() => {
+        void this.clearExpiredApprovals();
+      }, this.options.cleanupIntervalSeconds * 1e3);
+      this.cleanupInterval.unref?.();
+    }
+    this.initialized = true;
+  }
+  ensureInitialized() {
+    if (!this.initialized) {
+      throw new Error("ApprovalStorageStore not initialized. Call initialize() first.");
+    }
+  }
+  buildKey(toolId, sessionId, userId, context) {
+    const parts = [toolId];
+    if (sessionId) parts.push(`session:${sessionId}`);
+    if (userId) parts.push(`user:${userId}`);
+    if (context) parts.push(`ctx:${context.type}:${context.identifier}`);
+    return parts.join(":");
+  }
+  parseRecord(value) {
+    if (!value) return void 0;
+    try {
+      const parsed = JSON.parse(value);
+      const result = approvalRecordSchema.safeParse(parsed);
+      if (!result.success) {
+        return void 0;
+      }
+      return result.data;
+    } catch {
+      return void 0;
+    }
+  }
+  isExpired(approval) {
+    return approval.expiresAt !== void 0 && Date.now() > approval.expiresAt;
+  }
+  async getApproval(toolId, sessionId, userId) {
+    this.ensureInitialized();
+    const sessionKey = this.buildKey(toolId, sessionId);
+    const sessionValue = await this.storage.get(sessionKey);
+    const sessionApproval = this.parseRecord(sessionValue);
+    if (sessionApproval && !this.isExpired(sessionApproval)) {
+      return sessionApproval;
+    }
+    if (userId) {
+      const userKey = this.buildKey(toolId, void 0, userId);
+      const userValue = await this.storage.get(userKey);
+      const userApproval = this.parseRecord(userValue);
+      if (userApproval && !this.isExpired(userApproval)) {
+        return userApproval;
+      }
+    }
+    return void 0;
+  }
+  async queryApprovals(query) {
+    this.ensureInitialized();
+    const results = [];
+    const pattern = query.toolId ? `${query.toolId}:*` : "*";
+    const keys = await this.storage.keys(pattern);
+    const values = await this.storage.mget(keys);
+    for (const value of values) {
+      const approval = this.parseRecord(value);
+      if (!approval) continue;
+      if (!query.includeExpired && this.isExpired(approval)) {
+        continue;
+      }
+      if (query.toolId && approval.toolId !== query.toolId) continue;
+      if (query.toolIds && !query.toolIds.includes(approval.toolId)) continue;
+      if (query.scope && approval.scope !== query.scope) continue;
+      if (query.scopes && !query.scopes.includes(approval.scope)) continue;
+      if (query.state && approval.state !== query.state) continue;
+      if (query.states && !query.states.includes(approval.state)) continue;
+      if (query.sessionId && approval.sessionId !== query.sessionId) continue;
+      if (query.userId && approval.userId !== query.userId) continue;
+      if (query.context) {
+        if (!approval.context || approval.context.type !== query.context.type || approval.context.identifier !== query.context.identifier) {
+          continue;
+        }
+      }
+      results.push(approval);
+    }
+    return results;
+  }
+  async grantApproval(options) {
+    this.ensureInitialized();
+    const now = Date.now();
+    const expiresAt = options.ttlMs ? now + options.ttlMs : void 0;
+    const grantedBy = normalizeGrantor(options.grantedBy);
+    const record = {
+      toolId: options.toolId,
+      state: "approved" /* APPROVED */,
+      scope: options.scope,
+      grantedAt: now,
+      expiresAt,
+      ttlMs: options.ttlMs,
+      sessionId: options.sessionId,
+      userId: options.userId,
+      context: options.context,
+      grantedBy,
+      reason: options.reason,
+      metadata: options.metadata
+    };
+    const key = this.buildKey(options.toolId, options.sessionId, options.userId, options.context);
+    const ttlSeconds = options.ttlMs ? Math.ceil(options.ttlMs / 1e3) : void 0;
+    await this.storage.set(key, JSON.stringify(record), { ttlSeconds });
+    return record;
+  }
+  async revokeApproval(options) {
+    this.ensureInitialized();
+    const key = this.buildKey(options.toolId, options.sessionId, options.userId, options.context);
+    const exists = await this.storage.exists(key);
+    if (exists) {
+      await this.storage.delete(key);
+      return true;
+    }
+    return false;
+  }
+  async isApproved(toolId, sessionId, userId, context) {
+    this.ensureInitialized();
+    if (context) {
+      const contextKey = this.buildKey(toolId, sessionId, userId, context);
+      const contextValue = await this.storage.get(contextKey);
+      const contextApproval = this.parseRecord(contextValue);
+      if (contextApproval && contextApproval.state === "approved" /* APPROVED */ && !this.isExpired(contextApproval)) {
+        return true;
+      }
+    }
+    const sessionKey = this.buildKey(toolId, sessionId);
+    const sessionValue = await this.storage.get(sessionKey);
+    const sessionApproval = this.parseRecord(sessionValue);
+    if (sessionApproval && sessionApproval.state === "approved" /* APPROVED */ && !this.isExpired(sessionApproval)) {
+      return true;
+    }
+    if (userId) {
+      const userKey = this.buildKey(toolId, void 0, userId);
+      const userValue = await this.storage.get(userKey);
+      const userApproval = this.parseRecord(userValue);
+      if (userApproval && userApproval.state === "approved" /* APPROVED */ && !this.isExpired(userApproval)) {
+        return true;
+      }
+    }
+    return false;
+  }
+  async clearSessionApprovals(sessionId) {
+    this.ensureInitialized();
+    const escapedSessionId = escapePattern(sessionId);
+    const pattern = `*:session:${escapedSessionId}*`;
+    const keys = await this.storage.keys(pattern);
+    if (keys.length === 0) {
+      return 0;
+    }
+    return await this.storage.mdelete(keys);
+  }
+  async clearExpiredApprovals() {
+    this.ensureInitialized();
+    const now = Date.now();
+    const keys = await this.storage.keys("*");
+    const values = await this.storage.mget(keys);
+    const keysToDelete = [];
+    for (let i = 0; i < keys.length; i++) {
+      const approval = this.parseRecord(values[i]);
+      if (approval && approval.expiresAt && approval.expiresAt <= now) {
+        keysToDelete.push(keys[i]);
+      }
+    }
+    if (keysToDelete.length > 0) {
+      return await this.storage.mdelete(keysToDelete);
+    }
+    return 0;
+  }
+  async getStats() {
+    this.ensureInitialized();
+    const byScope = {
+      ["session" /* SESSION */]: 0,
+      ["user" /* USER */]: 0,
+      ["time_limited" /* TIME_LIMITED */]: 0,
+      ["tool_specific" /* TOOL_SPECIFIC */]: 0,
+      ["context_specific" /* CONTEXT_SPECIFIC */]: 0
+    };
+    const byState = {
+      ["pending" /* PENDING */]: 0,
+      ["approved" /* APPROVED */]: 0,
+      ["denied" /* DENIED */]: 0,
+      ["expired" /* EXPIRED */]: 0
+    };
+    const keys = await this.storage.keys("*");
+    const values = await this.storage.mget(keys);
+    let total = 0;
+    for (const value of values) {
+      const approval = this.parseRecord(value);
+      if (approval) {
+        total++;
+        byScope[approval.scope]++;
+        byState[approval.state]++;
+      }
+    }
+    return {
+      totalApprovals: total,
+      byScope,
+      byState
+    };
+  }
+  async close() {
+    if (this.cleanupInterval) {
+      clearInterval(this.cleanupInterval);
+      this.cleanupInterval = void 0;
+    }
+    if (this.ownedStorage && this.storage) {
+      await this.storage.root.disconnect();
+    }
+    this.initialized = false;
+  }
+};
+ApprovalStorageStore = __decorateClass([
+  (0, import_sdk.Provider)({
+    name: "provider:approval:store:storage",
+    description: "Storage-backed approval store (supports Memory, Redis, Vercel KV, Upstash)",
+    scope: import_sdk.ProviderScope.GLOBAL
+  })
+], ApprovalStorageStore);
+function createApprovalMemoryStore(options = {}) {
+  const memoryStorage = (0, import_utils.createMemoryStorage)();
+  return new ApprovalStorageStore({
+    ...options,
+    storageInstance: memoryStorage
+  });
+}
+
+// plugins/plugin-approval/src/services/approval.service.ts
+var import_sdk2 = require("@frontmcp/sdk");
+var ApprovalService = class {
+  constructor(store, sessionId, userId) {
+    this.store = store;
+    this.sessionId = sessionId;
+    this.userId = userId;
+  }
+  // ─────────────────────────────────────────────────────────────────────────────
+  // Query Methods
+  // ─────────────────────────────────────────────────────────────────────────────
+  /**
+   * Check if a tool is approved for current session/user.
+   */
+  async isApproved(toolId, context) {
+    return this.store.isApproved(toolId, this.sessionId, this.userId, context);
+  }
+  /**
+   * Get approval record for a tool.
+   */
+  async getApproval(toolId) {
+    return this.store.getApproval(toolId, this.sessionId, this.userId);
+  }
+  /**
+   * Get all approvals for current session.
+   */
+  async getSessionApprovals() {
+    return this.store.queryApprovals({
+      sessionId: this.sessionId,
+      states: ["approved" /* APPROVED */],
+      includeExpired: false
+    });
+  }
+  /**
+   * Get all approvals for current user (across sessions).
+   */
+  async getUserApprovals() {
+    if (!this.userId) return [];
+    return this.store.queryApprovals({
+      userId: this.userId,
+      scope: "user" /* USER */,
+      states: ["approved" /* APPROVED */],
+      includeExpired: false
+    });
+  }
+  /**
+   * Query approvals with custom filters.
+   */
+  async queryApprovals(query) {
+    return this.store.queryApprovals({
+      ...query,
+      sessionId: query.sessionId ?? this.sessionId,
+      userId: query.userId ?? this.userId
+    });
+  }
+  // ─────────────────────────────────────────────────────────────────────────────
+  // Grant Methods
+  // ─────────────────────────────────────────────────────────────────────────────
+  /**
+   * Grant session-scoped approval for a tool.
+   */
+  async grantSessionApproval(toolId, options = {}) {
+    return this.store.grantApproval({
+      toolId,
+      scope: "session" /* SESSION */,
+      sessionId: this.sessionId,
+      grantedBy: options.grantedBy ?? "policy",
+      reason: options.reason,
+      metadata: options.metadata
+    });
+  }
+  /**
+   * Grant user-scoped approval for a tool.
+   */
+  async grantUserApproval(toolId, options = {}) {
+    if (!this.userId) {
+      throw new Error("Cannot grant user approval without userId");
+    }
+    return this.store.grantApproval({
+      toolId,
+      scope: "user" /* USER */,
+      userId: this.userId,
+      grantedBy: options.grantedBy ?? "policy",
+      reason: options.reason,
+      metadata: options.metadata
+    });
+  }
+  /**
+   * Grant time-limited approval for a tool.
+   */
+  async grantTimeLimitedApproval(toolId, ttlMs, options = {}) {
+    return this.store.grantApproval({
+      toolId,
+      scope: "time_limited" /* TIME_LIMITED */,
+      ttlMs,
+      sessionId: this.sessionId,
+      userId: this.userId,
+      grantedBy: options.grantedBy ?? "policy",
+      reason: options.reason,
+      metadata: options.metadata
+    });
+  }
+  /**
+   * Grant context-specific approval for a tool.
+   */
+  async grantContextApproval(toolId, context, options = {}) {
+    return this.store.grantApproval({
+      toolId,
+      scope: "context_specific" /* CONTEXT_SPECIFIC */,
+      context,
+      sessionId: this.sessionId,
+      userId: this.userId,
+      grantedBy: options.grantedBy ?? "policy",
+      reason: options.reason,
+      metadata: options.metadata
+    });
+  }
+  // ─────────────────────────────────────────────────────────────────────────────
+  // Revoke Methods
+  // ─────────────────────────────────────────────────────────────────────────────
+  /**
+   * Revoke approval for a tool.
+   */
+  async revokeApproval(toolId, options = {}) {
+    return this.store.revokeApproval({
+      toolId,
+      sessionId: this.sessionId,
+      userId: this.userId,
+      revokedBy: options.revokedBy ?? "policy",
+      reason: options.reason
+    });
+  }
+  /**
+   * Clear all session approvals.
+   */
+  async clearSessionApprovals() {
+    return this.store.clearSessionApprovals(this.sessionId);
+  }
+};
+ApprovalService = __decorateClass([
+  (0, import_sdk2.Provider)({
+    name: "provider:approval:service",
+    description: "Service for managing tool approvals",
+    scope: import_sdk2.ProviderScope.CONTEXT
+  })
+], ApprovalService);
+function createApprovalService(store, sessionId, userId) {
+  return new ApprovalService(store, sessionId, userId);
+}
+
+// plugins/plugin-approval/src/services/challenge.service.ts
+var import_sdk3 = require("@frontmcp/sdk");
+var import_utils2 = require("@frontmcp/utils");
+var ChallengeService = class {
+  storage;
+  options;
+  initialized = false;
+  ownedStorage = false;
+  constructor(options = {}) {
+    this.options = {
+      storage: options.storage ?? { type: "auto" },
+      storageInstance: options.storageInstance,
+      namespace: options.namespace ?? "approval:challenge",
+      defaultTtlSeconds: options.defaultTtlSeconds ?? 300
+    };
+  }
+  /**
+   * Initialize the service.
+   */
+  async initialize() {
+    if (this.initialized) return;
+    if (this.options.storageInstance) {
+      this.storage = this.options.storageInstance.namespace(this.options.namespace);
+      this.ownedStorage = false;
+    } else {
+      const rootStorage = await (0, import_utils2.createStorage)(this.options.storage);
+      this.storage = rootStorage.namespace(this.options.namespace);
+      this.ownedStorage = true;
+    }
+    this.initialized = true;
+  }
+  ensureInitialized() {
+    if (!this.initialized) {
+      throw new Error("ChallengeService not initialized. Call initialize() first.");
+    }
+  }
+  /**
+   * Create a new PKCE challenge for a tool approval request.
+   *
+   * @returns Object containing code_verifier (keep secret) and code_challenge (send to webhook)
+   */
+  async createChallenge(options) {
+    this.ensureInitialized();
+    const { codeVerifier, codeChallenge } = (0, import_utils2.generatePkcePair)();
+    const now = Date.now();
+    const ttlSeconds = options.ttlSeconds ?? this.options.defaultTtlSeconds;
+    const expiresAt = now + ttlSeconds * 1e3;
+    const record = {
+      toolId: options.toolId,
+      sessionId: options.sessionId,
+      userId: options.userId,
+      requestedScope: options.requestedScope,
+      requestInfo: options.requestInfo,
+      createdAt: now,
+      expiresAt,
+      webhookSent: false
+    };
+    await this.storage.set(codeChallenge, JSON.stringify(record), { ttlSeconds });
+    return { codeVerifier, codeChallenge, expiresAt };
+  }
+  /**
+   * Verify a code verifier and retrieve the challenge record.
+   *
+   * @throws ChallengeValidationError if verification fails
+   */
+  async verifyAndConsume(codeVerifier) {
+    this.ensureInitialized();
+    const { codeChallenge } = generatePkcePairFromVerifier(codeVerifier);
+    const recordJson = await this.storage.get(codeChallenge);
+    if (!recordJson) {
+      throw new ChallengeValidationError("not_found", "Invalid or expired challenge");
+    }
+    const record = JSON.parse(recordJson);
+    if (Date.now() > record.expiresAt) {
+      await this.storage.delete(codeChallenge);
+      throw new ChallengeValidationError("expired", "Challenge expired");
+    }
+    await this.storage.delete(codeChallenge);
+    return record;
+  }
+  /**
+   * Mark a challenge as having been sent to webhook.
+   */
+  async markWebhookSent(codeChallenge) {
+    this.ensureInitialized();
+    const recordJson = await this.storage.get(codeChallenge);
+    if (!recordJson) return false;
+    const record = JSON.parse(recordJson);
+    record.webhookSent = true;
+    const remainingMs = record.expiresAt - Date.now();
+    if (remainingMs <= 0) {
+      await this.storage.delete(codeChallenge);
+      return false;
+    }
+    const ttlSeconds = Math.ceil(remainingMs / 1e3);
+    await this.storage.set(codeChallenge, JSON.stringify(record), { ttlSeconds });
+    return true;
+  }
+  /**
+   * Get a challenge record without consuming it.
+   */
+  async getChallenge(codeChallenge) {
+    this.ensureInitialized();
+    const recordJson = await this.storage.get(codeChallenge);
+    if (!recordJson) return null;
+    const record = JSON.parse(recordJson);
+    if (Date.now() > record.expiresAt) {
+      await this.storage.delete(codeChallenge);
+      return null;
+    }
+    return record;
+  }
+  /**
+   * Delete a challenge.
+   */
+  async deleteChallenge(codeChallenge) {
+    this.ensureInitialized();
+    const exists = await this.storage.exists(codeChallenge);
+    if (exists) {
+      await this.storage.delete(codeChallenge);
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Close the service.
+   */
+  async close() {
+    if (this.ownedStorage && this.storage) {
+      await this.storage.root.disconnect();
+    }
+    this.initialized = false;
+  }
+};
+ChallengeService = __decorateClass([
+  (0, import_sdk3.Provider)({
+    name: "provider:approval:challenge-service",
+    description: "PKCE challenge service for webhook approval flows",
+    scope: import_sdk3.ProviderScope.GLOBAL
+  })
+], ChallengeService);
+function generatePkcePairFromVerifier(codeVerifier) {
+  return {
+    codeVerifier,
+    codeChallenge: (0, import_utils2.generateCodeChallenge)(codeVerifier)
+  };
+}
+function createMemoryChallengeService(options = {}) {
+  const memoryStorage = (0, import_utils2.createMemoryStorage)();
+  return new ChallengeService({
+    ...options,
+    storageInstance: memoryStorage
+  });
+}
+
+// plugins/plugin-approval/src/approval.symbols.ts
+var ApprovalStoreToken = /* @__PURE__ */ Symbol.for(
+  "plugin:approval:store"
+);
+var ApprovalServiceToken = /* @__PURE__ */ Symbol.for(
+  "plugin:approval:service"
+);
+var ChallengeServiceToken = /* @__PURE__ */ Symbol.for(
+  "plugin:approval:challenge-service"
+);
+
+// plugins/plugin-approval/src/hooks/approval-check.hook.ts
+var import_sdk4 = require("@frontmcp/sdk");
+var ApprovalCheckPlugin = class extends import_sdk4.DynamicPlugin {
+  async checkApproval(flowCtx) {
+    const { tool, toolContext } = flowCtx.state;
+    if (!tool || !toolContext) return;
+    const metadata = tool.metadata;
+    const approvalConfig = this.resolveApprovalConfig(
+      metadata["approval"]
+    );
+    if (!approvalConfig.required) {
+      return;
+    }
+    if (approvalConfig.skipApproval) {
+      return;
+    }
+    const ctx = toolContext.tryGetContext?.();
+    const sessionId = ctx?.sessionId ?? "unknown";
+    const userId = this.getStringExtra(ctx?.authInfo?.extra, "userId") ?? this.getStringExtra(ctx?.authInfo?.extra, "sub") ?? ctx?.authInfo?.clientId;
+    const currentContext = this.getCurrentContext(flowCtx);
+    if (this.isPreApprovedContext(approvalConfig, currentContext)) {
+      return;
+    }
+    const approvalStore = this.get(ApprovalStoreToken);
+    const approval = await approvalStore.getApproval(tool.fullName, sessionId, userId);
+    if (approvalConfig.alwaysPrompt) {
+      await this.handleApprovalRequired(flowCtx, approvalConfig, approval);
+      return;
+    }
+    if (approval?.state === "approved" /* APPROVED */) {
+      if (!this.isExpired(approval)) {
+        return;
+      }
+    }
+    if (approval?.state === "denied" /* DENIED */) {
+      throw new ApprovalRequiredError({
+        toolId: tool.fullName,
+        state: "denied",
+        message: `Tool "${tool.fullName}" execution denied.`
+      });
+    }
+    await this.handleApprovalRequired(flowCtx, approvalConfig, approval);
+  }
+  resolveApprovalConfig(config) {
+    if (config === true) {
+      return { required: true, defaultScope: "session" /* SESSION */ };
+    }
+    if (config === false || config === void 0) {
+      return { required: false };
+    }
+    return {
+      ...config,
+      required: config.required ?? true,
+      defaultScope: config.defaultScope ?? "session" /* SESSION */
+    };
+  }
+  isExpired(approval) {
+    if (!approval.expiresAt) return false;
+    return Date.now() > approval.expiresAt;
+  }
+  getCurrentContext(flowCtx) {
+    const { toolContext } = flowCtx.state;
+    const ctx = toolContext?.tryGetContext?.();
+    const inputContext = toolContext?.input?.["context"];
+    const contextFromInput = this.isApprovalContext(inputContext) ? inputContext : void 0;
+    const sessionContext = ctx?.authInfo?.extra?.["approvalContext"];
+    const contextFromSession = this.isApprovalContext(sessionContext) ? sessionContext : void 0;
+    return contextFromInput ?? contextFromSession;
+  }
+  isApprovalContext(value) {
+    return typeof value === "object" && value !== null && "type" in value && "identifier" in value && typeof value.type === "string" && typeof value.identifier === "string";
+  }
+  getStringExtra(extra, key) {
+    if (!extra) return void 0;
+    const value = extra[key];
+    return typeof value === "string" ? value : void 0;
+  }
+  isPreApprovedContext(config, currentContext) {
+    if (!currentContext || !config.preApprovedContexts?.length) {
+      return false;
+    }
+    return config.preApprovedContexts.some(
+      (preApproved) => preApproved.type === currentContext.type && preApproved.identifier === currentContext.identifier
+    );
+  }
+  async handleApprovalRequired(flowCtx, config, existingApproval) {
+    const { tool } = flowCtx.state;
+    const message = config.approvalMessage ?? `Tool "${tool?.fullName}" requires approval to execute. Allow?`;
+    const isExpiredApproval = existingApproval ? this.isExpired(existingApproval) : false;
+    throw new ApprovalRequiredError({
+      toolId: tool?.fullName ?? "unknown",
+      state: isExpiredApproval ? "expired" : "pending",
+      message,
+      approvalOptions: {
+        allowedScopes: config.allowedScopes,
+        defaultScope: config.defaultScope,
+        maxTtlMs: config.maxTtlMs,
+        category: config.category,
+        riskLevel: config.riskLevel
+      }
+    });
+  }
+};
+__decorateClass([
+  import_sdk4.ToolHook.Will("execute", { priority: 100 })
+], ApprovalCheckPlugin.prototype, "checkApproval", 1);
+ApprovalCheckPlugin = __decorateClass([
+  (0, import_sdk4.Plugin)({
+    name: "approval:check",
+    description: "Checks tool approval state before execution"
+  })
+], ApprovalCheckPlugin);
+
+// plugins/plugin-approval/src/approval.plugin.ts
+var ApprovalPlugin = class extends import_sdk5.DynamicPlugin {
+  options;
+  constructor(options = {}) {
+    super();
+    this.options = {
+      ...ApprovalPlugin.defaultOptions,
+      ...options
+    };
+  }
+  /**
+   * Get plugin metadata including nested plugins.
+   */
+  static getPluginMetadata(_options) {
+    return { plugins: [ApprovalCheckPlugin] };
+  }
+};
+__publicField(ApprovalPlugin, "defaultOptions", {
+  namespace: "approval",
+  mode: "recheck",
+  enableAudit: true,
+  maxDelegationDepth: 3,
+  cleanupIntervalSeconds: 60
+});
+/**
+ * Dynamic providers based on plugin options.
+ */
+__publicField(ApprovalPlugin, "dynamicProviders", (options) => {
+  const providers = [];
+  const config = {
+    ...ApprovalPlugin.defaultOptions,
+    ...options
+  };
+  providers.push({
+    name: "approval:store",
+    provide: ApprovalStoreToken,
+    inject: () => [],
+    useFactory: async () => {
+      const store = new ApprovalStorageStore({
+        storage: config.storage,
+        storageInstance: config.storageInstance,
+        namespace: config.namespace,
+        cleanupIntervalSeconds: config.cleanupIntervalSeconds
+      });
+      await store.initialize();
+      return store;
+    }
+  });
+  if (config.mode === "webhook") {
+    providers.push({
+      name: "approval:challenge-service",
+      provide: ChallengeServiceToken,
+      inject: () => [],
+      useFactory: async () => {
+        const service = new ChallengeService({
+          storage: config.storage,
+          storageInstance: config.storageInstance,
+          namespace: `${config.namespace}:challenge`,
+          defaultTtlSeconds: config.webhook?.challengeTtl ?? 300
+        });
+        await service.initialize();
+        return service;
+      }
+    });
+  }
+  providers.push({
+    name: "approval:service",
+    provide: ApprovalServiceToken,
+    scope: import_sdk5.ProviderScope.CONTEXT,
+    inject: () => [ApprovalStoreToken, import_sdk5.FRONTMCP_CONTEXT],
+    useFactory: (store, ctx) => {
+      const userId = ctx.authInfo?.extra?.["userId"] ?? ctx.authInfo?.extra?.["sub"] ?? ctx.authInfo?.clientId;
+      return createApprovalService(store, ctx.sessionId, userId);
+    }
+  });
+  return providers;
+});
+ApprovalPlugin = __decorateClass([
+  (0, import_sdk5.Plugin)({
+    name: "approval",
+    description: "Tool authorization workflow with PKCE webhook security",
+    contextExtensions: [
+      {
+        property: "approval",
+        token: ApprovalServiceToken,
+        errorMessage: "ApprovalPlugin is not installed. Add ApprovalPlugin.init() to your plugins array."
+      }
+    ]
+  })
+], ApprovalPlugin);
+
+// plugins/plugin-approval/src/approval.context-extension.ts
+var installed = false;
+function installApprovalContextExtension() {
+  if (installed) return;
+  const { ExecutionContextBase } = require("@frontmcp/sdk");
+  Object.defineProperty(ExecutionContextBase.prototype, "approval", {
+    get: function() {
+      return this.get(ApprovalServiceToken);
+    },
+    configurable: true,
+    enumerable: false
+  });
+  installed = true;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ApprovalCheckPlugin,
+  ApprovalError,
+  ApprovalExpiredError,
+  ApprovalOperationError,
+  ApprovalPlugin,
+  ApprovalPluginClass,
+  ApprovalRequiredError,
+  ApprovalScope,
+  ApprovalScopeNotAllowedError,
+  ApprovalService,
+  ApprovalServiceToken,
+  ApprovalState,
+  ApprovalStorageStore,
+  ApprovalStoreToken,
+  ChallengeService,
+  ChallengeServiceToken,
+  ChallengeValidationError,
+  adminGrantor,
+  adminRevoker,
+  agentGrantor,
+  apiGrantor,
+  createApprovalMemoryStore,
+  createApprovalService,
+  createMemoryChallengeService,
+  customGrantor,
+  expiryRevoker,
+  installApprovalContextExtension,
+  isApiGrantor,
+  isAutoGrantor,
+  isDelegatedGrantor,
+  isGrantorSource,
+  isHumanGrantor,
+  normalizeGrantor,
+  normalizeRevoker,
+  oauthGrantor,
+  policyGrantor,
+  policyRevoker,
+  sessionEndRevoker,
+  systemGrantor,
+  testGrantor,
+  userGrantor,
+  userRevoker
+});