@frontmcp/sdk 0.2.5 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +81 -99
- package/package.json +24 -2
- package/src/adapter/adapter.instance.d.ts +11 -0
- package/src/adapter/adapter.instance.js +65 -0
- package/src/adapter/adapter.instance.js.map +1 -0
- package/src/adapter/adapter.regsitry.d.ts +13 -0
- package/src/adapter/adapter.regsitry.js +54 -0
- package/src/adapter/adapter.regsitry.js.map +1 -0
- package/src/adapter/adapter.utils.d.ts +10 -0
- package/src/adapter/adapter.utils.js +83 -0
- package/src/adapter/adapter.utils.js.map +1 -0
- package/src/app/app.registry.d.ts +12 -0
- package/src/app/app.registry.js +64 -0
- package/src/app/app.registry.js.map +1 -0
- package/src/app/app.utils.d.ts +15 -0
- package/src/app/app.utils.js +58 -0
- package/src/app/app.utils.js.map +1 -0
- package/src/app/instances/app.local.instance.d.ts +25 -0
- package/src/app/instances/app.local.instance.js +70 -0
- package/src/app/instances/app.local.instance.js.map +1 -0
- package/src/app/instances/app.remote.instance.d.ts +13 -0
- package/src/app/instances/app.remote.instance.js +36 -0
- package/src/app/instances/app.remote.instance.js.map +1 -0
- package/src/app/instances/index.d.ts +2 -0
- package/src/app/instances/index.js +6 -0
- package/src/app/instances/index.js.map +1 -0
- package/src/auth/auth.registry.d.ts +13 -0
- package/src/auth/auth.registry.js +81 -0
- package/src/auth/auth.registry.js.map +1 -0
- package/src/auth/auth.utils.d.ts +10 -0
- package/src/auth/auth.utils.js +85 -0
- package/src/auth/auth.utils.js.map +1 -0
- package/src/auth/flows/oauth.authorize.flow.d.ts +231 -0
- package/src/auth/flows/oauth.authorize.flow.js +154 -0
- package/src/auth/flows/oauth.authorize.flow.js.map +1 -0
- package/src/auth/flows/oauth.register.flow.d.ts +202 -0
- package/src/auth/flows/oauth.register.flow.js +201 -0
- package/src/auth/flows/oauth.register.flow.js.map +1 -0
- package/src/auth/flows/oauth.token.flow.d.ts +242 -0
- package/src/auth/flows/oauth.token.flow.js +181 -0
- package/src/auth/flows/oauth.token.flow.js.map +1 -0
- package/src/auth/flows/session.verify.flow.d.ts +404 -0
- package/src/auth/flows/session.verify.flow.js +205 -0
- package/src/auth/flows/session.verify.flow.js.map +1 -0
- package/src/auth/flows/well-known.jwks.flow.d.ts +261 -0
- package/src/auth/flows/well-known.jwks.flow.js +82 -0
- package/src/auth/flows/well-known.jwks.flow.js.map +1 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.d.ts +282 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js +123 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +1 -0
- package/src/auth/flows/well-known.prm.flow.d.ts +159 -0
- package/src/auth/flows/well-known.prm.flow.js +107 -0
- package/src/auth/flows/well-known.prm.flow.js.map +1 -0
- package/src/auth/instances/instance.local-primary-auth.d.ts +19 -0
- package/src/auth/instances/instance.local-primary-auth.js +76 -0
- package/src/auth/instances/instance.local-primary-auth.js.map +1 -0
- package/src/auth/instances/instance.remote-primary-auth.d.ts +14 -0
- package/src/auth/instances/instance.remote-primary-auth.js +47 -0
- package/src/auth/instances/instance.remote-primary-auth.js.map +1 -0
- package/src/auth/jwks/index.d.ts +2 -0
- package/src/auth/jwks/index.js +6 -0
- package/src/auth/jwks/index.js.map +1 -0
- package/src/auth/jwks/jwks.service.d.ts +41 -0
- package/src/auth/jwks/jwks.service.js +235 -0
- package/src/auth/jwks/jwks.service.js.map +1 -0
- package/src/auth/jwks/jwks.types.d.ts +25 -0
- package/src/auth/jwks/jwks.types.js +3 -0
- package/src/auth/jwks/jwks.types.js.map +1 -0
- package/src/auth/jwks/jwks.utils.d.ts +4 -0
- package/src/auth/jwks/jwks.utils.js +32 -0
- package/src/auth/jwks/jwks.utils.js.map +1 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.d.ts +31 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.js +33 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.d.ts +46 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js +48 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.d.ts +26 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.js +28 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.par.flow.d.ts +27 -0
- package/src/auth/oauth/flows/oauth.par.flow.js +29 -0
- package/src/auth/oauth/flows/oauth.par.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.d.ts +25 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.js +27 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.token.flow.d.ts +57 -0
- package/src/auth/oauth/flows/oauth.token.flow.js +59 -0
- package/src/auth/oauth/flows/oauth.token.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.d.ts +22 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.js +24 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +1 -0
- package/src/auth/oauth/flows/oidc.logout.flow.d.ts +18 -0
- package/src/auth/oauth/flows/oidc.logout.flow.js +20 -0
- package/src/auth/oauth/flows/oidc.logout.flow.js.map +1 -0
- package/src/auth/path.utils.d.ts +20 -0
- package/src/auth/path.utils.js +71 -0
- package/src/auth/path.utils.js.map +1 -0
- package/src/auth/session/index.d.ts +4 -0
- package/src/auth/session/index.js +10 -0
- package/src/auth/session/index.js.map +1 -0
- package/src/auth/session/record/session.base.d.ts +103 -0
- package/src/auth/session/record/session.base.js +123 -0
- package/src/auth/session/record/session.base.js.map +1 -0
- package/src/auth/session/record/session.stateful.d.ts +20 -0
- package/src/auth/session/record/session.stateful.js +55 -0
- package/src/auth/session/record/session.stateful.js.map +1 -0
- package/src/auth/session/record/session.stateless.d.ts +17 -0
- package/src/auth/session/record/session.stateless.js +30 -0
- package/src/auth/session/record/session.stateless.js.map +1 -0
- package/src/auth/session/record/session.transparent.d.ts +17 -0
- package/src/auth/session/record/session.transparent.js +22 -0
- package/src/auth/session/record/session.transparent.js.map +1 -0
- package/src/auth/session/session.crypto.d.ts +7 -0
- package/src/auth/session/session.crypto.js +47 -0
- package/src/auth/session/session.crypto.js.map +1 -0
- package/src/auth/session/session.schema.d.ts +5 -0
- package/src/auth/session/session.schema.js +13 -0
- package/src/auth/session/session.schema.js.map +1 -0
- package/src/auth/session/session.service.d.ts +17 -0
- package/src/auth/session/session.service.js +111 -0
- package/src/auth/session/session.service.js.map +1 -0
- package/src/auth/session/session.transport.d.ts +4 -0
- package/src/auth/session/session.transport.js +20 -0
- package/src/auth/session/session.transport.js.map +1 -0
- package/src/auth/session/session.types.d.ts +65 -0
- package/src/auth/session/session.types.js +4 -0
- package/src/auth/session/session.types.js.map +1 -0
- package/src/auth/session/token.refresh.d.ts +60 -0
- package/src/auth/session/token.refresh.js +63 -0
- package/src/auth/session/token.refresh.js.map +1 -0
- package/src/auth/session/token.store.d.ts +35 -0
- package/src/auth/session/token.store.js +53 -0
- package/src/auth/session/token.store.js.map +1 -0
- package/src/auth/session/token.vault.d.ts +26 -0
- package/src/auth/session/token.vault.js +54 -0
- package/src/auth/session/token.vault.js.map +1 -0
- package/src/auth/session/utils/auth-token.utils.d.ts +11 -0
- package/src/auth/session/utils/auth-token.utils.js +57 -0
- package/src/auth/session/utils/auth-token.utils.js.map +1 -0
- package/src/auth/session/utils/session-id.utils.d.ts +17 -0
- package/src/auth/session/utils/session-id.utils.js +129 -0
- package/src/auth/session/utils/session-id.utils.js.map +1 -0
- package/src/auth/session/utils/tiny-ttl-cache.d.ts +7 -0
- package/src/auth/session/utils/tiny-ttl-cache.js +26 -0
- package/src/auth/session/utils/tiny-ttl-cache.js.map +1 -0
- package/src/common/common.schema.d.ts +29 -0
- package/src/common/common.schema.js +35 -0
- package/src/common/common.schema.js.map +1 -0
- package/src/common/constants.d.ts +2 -0
- package/src/common/constants.js +8 -0
- package/src/common/constants.js.map +1 -0
- package/src/common/decorators/adapter.decorator.js.map +1 -0
- package/src/common/decorators/app.decorator.js.map +1 -0
- package/src/common/decorators/auth-provider.decorator.js.map +1 -0
- package/src/common/decorators/flow.decorator.js.map +1 -0
- package/src/common/decorators/front-mcp.decorator.js +40 -0
- package/src/common/decorators/front-mcp.decorator.js.map +1 -0
- package/src/common/decorators/hook.decorator.js.map +1 -0
- package/src/common/decorators/index.js.map +1 -0
- package/src/common/decorators/logger.decorator.js.map +1 -0
- package/src/common/decorators/plugin.decorator.js.map +1 -0
- package/src/common/decorators/prompt.decorator.js.map +1 -0
- package/src/common/decorators/provider.decorator.js.map +1 -0
- package/src/common/decorators/resource.decorator.js.map +1 -0
- package/src/common/decorators/tool.decorator.d.ts +42 -0
- package/src/common/decorators/tool.decorator.js +46 -0
- package/src/common/decorators/tool.decorator.js.map +1 -0
- package/src/common/decorators-old/async-with.decorator.d.ts +10 -0
- package/src/common/decorators-old/async-with.decorator.js +24 -0
- package/src/common/decorators-old/async-with.decorator.js.map +1 -0
- package/src/common/decorators-old/auth-hook.decorator.js.map +1 -0
- package/src/common/decorators-old/session-hook.decorator.js.map +1 -0
- package/src/common/dynamic/dynamic.adapter.js.map +1 -0
- package/src/common/dynamic/dynamic.plugin.js.map +1 -0
- package/src/common/dynamic/dynamic.utils.d.ts +3 -0
- package/src/common/dynamic/dynamic.utils.js.map +1 -0
- package/src/common/dynamic/index.js.map +1 -0
- package/src/common/entries/adapter.entry.js.map +1 -0
- package/src/common/entries/app.entry.d.ts +13 -0
- package/src/common/entries/app.entry.js.map +1 -0
- package/src/common/entries/auth-provider.entry.js.map +1 -0
- package/src/common/entries/base.entry.js.map +1 -0
- package/src/common/entries/flow.entry.js.map +1 -0
- package/src/common/entries/hook.entry.js.map +1 -0
- package/src/common/entries/index.js.map +1 -0
- package/src/common/entries/logger.entry.js.map +1 -0
- package/src/common/entries/plugin.entry.js.map +1 -0
- package/src/common/entries/prompt.entry.js.map +1 -0
- package/src/common/entries/provider.entry.js.map +1 -0
- package/src/common/entries/resource.entry.js.map +1 -0
- package/src/common/entries/scope.entry.js.map +1 -0
- package/src/common/entries/tool.entry.js.map +1 -0
- package/src/common/index.d.ts +17 -0
- package/src/common/index.js +21 -0
- package/src/common/index.js.map +1 -0
- package/src/common/interfaces/adapter.interface.js.map +1 -0
- package/src/common/interfaces/app.interface.js.map +1 -0
- package/src/common/interfaces/auth-hook.interface.js.map +1 -0
- package/src/common/interfaces/auth-provider.interface.js.map +1 -0
- package/src/common/interfaces/base.interface.js.map +1 -0
- package/src/common/interfaces/flow.interface.d.ts +41 -0
- package/src/common/interfaces/flow.interface.js.map +1 -0
- package/src/common/interfaces/front-mcp.interface.js.map +1 -0
- package/src/common/interfaces/hook.interface.js.map +1 -0
- package/src/common/interfaces/index.js.map +1 -0
- package/src/common/interfaces/internal/flow.utils.d.ts +23 -0
- package/src/common/interfaces/internal/flow.utils.js.map +1 -0
- package/src/common/interfaces/internal/index.js.map +1 -0
- package/src/common/interfaces/internal/primary-auth-provider.interface.d.ts +24 -0
- package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +1 -0
- package/src/common/interfaces/internal/registry.interface.d.ts +95 -0
- package/src/common/interfaces/internal/registry.interface.js.map +1 -0
- package/src/common/interfaces/logger.interface.js.map +1 -0
- package/src/common/interfaces/plugin.interface.js.map +1 -0
- package/src/common/interfaces/prompt.interface.js.map +1 -0
- package/src/common/interfaces/provider.interface.js.map +1 -0
- package/src/common/interfaces/resource.interface.js.map +1 -0
- package/src/common/interfaces/scope.interface.js.map +1 -0
- package/src/common/interfaces/server.interface.js.map +1 -0
- package/src/common/interfaces/session-hook.interface.js.map +1 -0
- package/src/common/interfaces/tool-hook.interface.js.map +1 -0
- package/src/common/interfaces/tool.interface.js.map +1 -0
- package/src/common/metadata/adapter.metadata.js.map +1 -0
- package/src/common/metadata/app.metadata.d.ts +872 -0
- package/src/common/metadata/app.metadata.js.map +1 -0
- package/src/common/metadata/auth-provider.metadata.js.map +1 -0
- package/src/common/metadata/flow.metadata.d.ts +77 -0
- package/src/common/metadata/flow.metadata.js.map +1 -0
- package/src/common/metadata/front-mcp.metadata.d.ts +1144 -0
- package/src/common/metadata/front-mcp.metadata.js.map +1 -0
- package/src/common/metadata/hook.metadata.js.map +1 -0
- package/src/common/metadata/index.js.map +1 -0
- package/src/common/metadata/logger.metadata.js.map +1 -0
- package/src/common/metadata/plugin.metadata.js.map +1 -0
- package/src/common/metadata/prompt.metadata.js.map +1 -0
- package/src/common/metadata/provider.metadata.js.map +1 -0
- package/src/common/metadata/resource.metadata.js.map +1 -0
- package/src/common/metadata/tool.metadata.d.ts +178 -0
- package/src/common/metadata/tool.metadata.js.map +1 -0
- package/src/common/providers/session.provider.js.map +1 -0
- package/src/common/records/adapter.record.js.map +1 -0
- package/src/common/records/app.record.js.map +1 -0
- package/src/common/records/auth-provider.record.js.map +1 -0
- package/src/common/records/flow.record.js.map +1 -0
- package/src/common/records/hook.record.js.map +1 -0
- package/src/common/records/index.js.map +1 -0
- package/src/common/records/logger.record.d.ts +11 -0
- package/src/common/records/logger.record.js.map +1 -0
- package/src/common/records/plugin.record.js.map +1 -0
- package/src/common/records/prompt.record.js.map +1 -0
- package/src/common/records/provider.record.js.map +1 -0
- package/src/common/records/resource.record.js.map +1 -0
- package/src/common/records/scope.record.js.map +1 -0
- package/src/common/records/tool.record.js.map +1 -0
- package/src/common/schemas/annotated-class.schema.js.map +1 -0
- package/src/common/schemas/http-input.schema.js.map +1 -0
- package/src/common/schemas/http-output.schema.d.ts +2011 -0
- package/src/common/schemas/http-output.schema.js.map +1 -0
- package/src/common/schemas/index.js.map +1 -0
- package/src/common/tokens/adapter.tokens.js.map +1 -0
- package/src/common/tokens/app.tokens.js.map +1 -0
- package/src/common/tokens/auth-provider.tokens.js.map +1 -0
- package/src/common/tokens/base.tokens.js.map +1 -0
- package/src/common/tokens/flow-hook.tokens.js.map +1 -0
- package/src/common/tokens/flow.tokens.js.map +1 -0
- package/src/common/tokens/front-mcp.tokens.js.map +1 -0
- package/src/common/tokens/index.js.map +1 -0
- package/src/common/tokens/logger.tokens.js.map +1 -0
- package/src/common/tokens/plugin.tokens.js.map +1 -0
- package/src/common/tokens/prompt.tokens.js.map +1 -0
- package/src/common/tokens/provider.tokens.js.map +1 -0
- package/src/common/tokens/resource.tokens.js.map +1 -0
- package/src/common/tokens/server.tokens.js.map +1 -0
- package/src/common/tokens/tool.tokens.js.map +1 -0
- package/src/common/types/auth/index.js.map +1 -0
- package/src/common/types/auth/jwt.types.js.map +1 -0
- package/src/common/types/auth/session.types.d.ts +263 -0
- package/src/common/types/auth/session.types.js.map +1 -0
- package/src/common/types/common.types.js.map +1 -0
- package/src/common/types/index.js.map +1 -0
- package/src/common/types/options/auth.options.d.ts +513 -0
- package/src/common/types/options/auth.options.js.map +1 -0
- package/src/common/types/options/http.options.js.map +1 -0
- package/src/common/types/options/index.js.map +1 -0
- package/src/common/types/options/logging.options.d.ts +39 -0
- package/src/common/types/options/logging.options.js.map +1 -0
- package/src/common/types/options/server-info.options.d.ts +48 -0
- package/src/common/types/options/server-info.options.js.map +1 -0
- package/src/common/types/options/session.options.d.ts +67 -0
- package/src/common/types/options/session.options.js.map +1 -0
- package/src/common/utils/decide-request-intent.utils.d.ts +79 -0
- package/src/common/utils/decide-request-intent.utils.js.map +1 -0
- package/src/common/utils/index.js.map +1 -0
- package/src/common/utils/path.utils.d.ts +20 -0
- package/src/common/utils/path.utils.js.map +1 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.d.ts +3 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.js +11 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +1 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.d.ts +5 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +15 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +1 -0
- package/src/flows/flow.instance.d.ts +16 -0
- package/src/flows/flow.instance.js +332 -0
- package/src/flows/flow.instance.js.map +1 -0
- package/src/flows/flow.registry.d.ts +14 -0
- package/src/flows/flow.registry.js +79 -0
- package/src/flows/flow.registry.js.map +1 -0
- package/src/flows/flow.stages.d.ts +12 -0
- package/src/flows/flow.stages.js +110 -0
- package/src/flows/flow.stages.js.map +1 -0
- package/src/flows/flow.utils.d.ts +8 -0
- package/src/flows/flow.utils.js +36 -0
- package/src/flows/flow.utils.js.map +1 -0
- package/src/front-mcp/front-mcp.d.ts +12 -0
- package/src/front-mcp/front-mcp.js +44 -0
- package/src/front-mcp/front-mcp.js.map +1 -0
- package/src/front-mcp/front-mcp.providers.d.ts +198 -0
- package/src/front-mcp/front-mcp.providers.js +30 -0
- package/src/front-mcp/front-mcp.providers.js.map +1 -0
- package/src/front-mcp/front-mcp.tokens.d.ts +2 -0
- package/src/front-mcp/front-mcp.tokens.js +5 -0
- package/src/front-mcp/front-mcp.tokens.js.map +1 -0
- package/src/front-mcp/index.d.ts +1 -0
- package/src/front-mcp/index.js +5 -0
- package/src/front-mcp/index.js.map +1 -0
- package/src/hooks/hook.instance.d.ts +7 -0
- package/src/hooks/hook.instance.js +23 -0
- package/src/hooks/hook.instance.js.map +1 -0
- package/src/hooks/hook.registry.d.ts +34 -0
- package/src/hooks/hook.registry.js +138 -0
- package/src/hooks/hook.registry.js.map +1 -0
- package/src/hooks/hooks.utils.d.ts +3 -0
- package/src/hooks/hooks.utils.js +27 -0
- package/src/hooks/hooks.utils.js.map +1 -0
- package/src/index.d.ts +21 -18
- package/src/index.js +9 -18
- package/src/index.js.map +1 -1
- package/src/logger/instances/instance.console-logger.d.ts +10 -0
- package/src/logger/instances/instance.console-logger.js +75 -0
- package/src/logger/instances/instance.console-logger.js.map +1 -0
- package/src/logger/instances/instance.logger.d.ts +24 -0
- package/src/logger/instances/instance.logger.js +77 -0
- package/src/logger/instances/instance.logger.js.map +1 -0
- package/src/logger/logger.registry.d.ts +13 -0
- package/src/logger/logger.registry.js +91 -0
- package/src/logger/logger.registry.js.map +1 -0
- package/src/logger/logger.tokens.d.ts +1 -0
- package/src/logger/logger.tokens.js +3 -0
- package/src/logger/logger.tokens.js.map +1 -0
- package/src/logger/logger.types.d.ts +10 -0
- package/src/logger/logger.types.js +8 -0
- package/src/logger/logger.types.js.map +1 -0
- package/src/logger/logger.utils.d.ts +15 -0
- package/src/logger/logger.utils.js +42 -0
- package/src/logger/logger.utils.js.map +1 -0
- package/src/plugin/plugin.registry.d.ts +24 -0
- package/src/plugin/plugin.registry.js +137 -0
- package/src/plugin/plugin.registry.js.map +1 -0
- package/src/plugin/plugin.utils.d.ts +10 -0
- package/src/plugin/plugin.utils.js +88 -0
- package/src/plugin/plugin.utils.js.map +1 -0
- package/src/prompt/prompt.registry.d.ts +16 -0
- package/src/prompt/prompt.registry.js +34 -0
- package/src/prompt/prompt.registry.js.map +1 -0
- package/src/provider/provider.registry.d.ts +75 -0
- package/src/provider/provider.registry.js +679 -0
- package/src/provider/provider.registry.js.map +1 -0
- package/src/provider/provider.types.d.ts +9 -0
- package/src/provider/provider.types.js +3 -0
- package/src/provider/provider.types.js.map +1 -0
- package/src/provider/provider.utils.d.ts +13 -0
- package/src/provider/provider.utils.js +103 -0
- package/src/provider/provider.utils.js.map +1 -0
- package/src/regsitry/index.d.ts +1 -0
- package/src/regsitry/index.js +5 -0
- package/src/regsitry/index.js.map +1 -0
- package/src/regsitry/registry.base.d.ts +25 -0
- package/src/regsitry/registry.base.js +32 -0
- package/src/regsitry/registry.base.js.map +1 -0
- package/src/resource/resource.registry.d.ts +15 -0
- package/src/resource/resource.registry.js +31 -0
- package/src/resource/resource.registry.js.map +1 -0
- package/src/scope/flows/http.request.flow.d.ts +384 -0
- package/src/scope/flows/http.request.flow.js +210 -0
- package/src/scope/flows/http.request.flow.js.map +1 -0
- package/src/scope/index.d.ts +1 -0
- package/src/scope/index.js +6 -0
- package/src/scope/index.js.map +1 -0
- package/src/scope/scope.instance.d.ts +35 -0
- package/src/scope/scope.instance.js +120 -0
- package/src/scope/scope.instance.js.map +1 -0
- package/src/scope/scope.registry.d.ts +10 -0
- package/src/scope/scope.registry.js +93 -0
- package/src/scope/scope.registry.js.map +1 -0
- package/src/scope/scope.utils.d.ts +13 -0
- package/src/scope/scope.utils.js +59 -0
- package/src/scope/scope.utils.js.map +1 -0
- package/src/server/adapters/base.host.adapter.d.ts +7 -0
- package/src/server/adapters/base.host.adapter.js +8 -0
- package/src/server/adapters/base.host.adapter.js.map +1 -0
- package/src/server/adapters/express.host.adapter.d.ts +12 -0
- package/src/server/adapters/express.host.adapter.js +50 -0
- package/src/server/adapters/express.host.adapter.js.map +1 -0
- package/src/server/server.instance.d.ts +12 -0
- package/src/server/server.instance.js +47 -0
- package/src/server/server.instance.js.map +1 -0
- package/src/server/server.types.d.ts +24 -0
- package/src/server/server.types.js +3 -0
- package/src/server/server.types.js.map +1 -0
- package/src/server/server.validation.d.ts +2 -0
- package/src/server/server.validation.js +192 -0
- package/src/server/server.validation.js.map +1 -0
- package/src/store/adapters/store.base.adapter.d.ts +21 -0
- package/src/store/adapters/store.base.adapter.js +16 -0
- package/src/store/adapters/store.base.adapter.js.map +1 -0
- package/src/store/adapters/store.memory.adapter.d.ts +26 -0
- package/src/store/adapters/store.memory.adapter.js +87 -0
- package/src/store/adapters/store.memory.adapter.js.map +1 -0
- package/src/store/adapters/store.redis.adapter.d.ts +33 -0
- package/src/store/adapters/store.redis.adapter.js +104 -0
- package/src/store/adapters/store.redis.adapter.js.map +1 -0
- package/src/store/index.d.ts +8 -0
- package/src/store/index.js +12 -0
- package/src/store/index.js.map +1 -0
- package/src/store/store.helpers.d.ts +9 -0
- package/src/store/store.helpers.js +67 -0
- package/src/store/store.helpers.js.map +1 -0
- package/src/store/store.registry.d.ts +13 -0
- package/src/store/store.registry.js +37 -0
- package/src/store/store.registry.js.map +1 -0
- package/src/store/store.tokens.d.ts +3 -0
- package/src/store/store.tokens.js +7 -0
- package/src/store/store.tokens.js.map +1 -0
- package/src/store/store.types.d.ts +64 -0
- package/src/store/store.types.js +11 -0
- package/src/store/store.types.js.map +1 -0
- package/src/store/store.utils.d.ts +8 -0
- package/src/store/store.utils.js +18 -0
- package/src/store/store.utils.js.map +1 -0
- package/src/tool/flows/call-tool.flow.d.ts +875 -0
- package/src/tool/flows/call-tool.flow.js +249 -0
- package/src/tool/flows/call-tool.flow.js.map +1 -0
- package/src/tool/flows/tools-list.flow.d.ts +771 -0
- package/src/tool/flows/tools-list.flow.js +149 -0
- package/src/tool/flows/tools-list.flow.js.map +1 -0
- package/src/tool/tool.events.d.ts +17 -0
- package/src/tool/tool.events.js +16 -0
- package/src/tool/tool.events.js.map +1 -0
- package/src/tool/tool.instance.d.ts +15 -0
- package/src/tool/tool.instance.js +68 -0
- package/src/tool/tool.instance.js.map +1 -0
- package/src/tool/tool.registry.d.ts +72 -0
- package/src/tool/tool.registry.js +339 -0
- package/src/tool/tool.registry.js.map +1 -0
- package/src/tool/tool.types.d.ts +25 -0
- package/src/tool/tool.types.js +10 -0
- package/src/tool/tool.types.js.map +1 -0
- package/src/tool/tool.utils.d.ts +20 -0
- package/src/tool/tool.utils.js +157 -0
- package/src/tool/tool.utils.js.map +1 -0
- package/src/transport/adapters/transport.local.adapter.d.ts +41 -0
- package/src/transport/adapters/transport.local.adapter.js +127 -0
- package/src/transport/adapters/transport.local.adapter.js.map +1 -0
- package/src/transport/adapters/transport.sse.adapter.d.ts +14 -0
- package/src/transport/adapters/transport.sse.adapter.js +63 -0
- package/src/transport/adapters/transport.sse.adapter.js.map +1 -0
- package/src/transport/adapters/transport.streamable-http.adapter.d.ts +13 -0
- package/src/transport/adapters/transport.streamable-http.adapter.js +65 -0
- package/src/transport/adapters/transport.streamable-http.adapter.js.map +1 -0
- package/src/transport/flows/handle.sse.flow.d.ts +92 -0
- package/src/transport/flows/handle.sse.flow.js +129 -0
- package/src/transport/flows/handle.sse.flow.js.map +1 -0
- package/src/transport/flows/handle.streamable-http.flow.d.ts +93 -0
- package/src/transport/flows/handle.streamable-http.flow.js +125 -0
- package/src/transport/flows/handle.streamable-http.flow.js.map +1 -0
- package/src/transport/legacy/legacy.sse.tranporter.d.ts +75 -0
- package/src/transport/legacy/legacy.sse.tranporter.js +170 -0
- package/src/transport/legacy/legacy.sse.tranporter.js.map +1 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.d.ts +3 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +14 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +1 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.d.ts +3 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.js +15 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/index.d.ts +521 -0
- package/src/transport/mcp-handlers/index.js +20 -0
- package/src/transport/mcp-handlers/index.js.map +1 -0
- package/src/transport/mcp-handlers/initialize-request.handler.d.ts +3 -0
- package/src/transport/mcp-handlers/initialize-request.handler.js +33 -0
- package/src/transport/mcp-handlers/initialize-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.d.ts +285 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.js +11 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.d.ts +37 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.js +3 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.js.map +1 -0
- package/src/transport/transport.error.d.ts +4 -0
- package/src/transport/transport.error.js +25 -0
- package/src/transport/transport.error.js.map +1 -0
- package/src/transport/transport.event-store.d.ts +10 -0
- package/src/transport/transport.event-store.js +36 -0
- package/src/transport/transport.event-store.js.map +1 -0
- package/src/transport/transport.local.d.ts +17 -0
- package/src/transport/transport.local.js +65 -0
- package/src/transport/transport.local.js.map +1 -0
- package/src/transport/transport.registry.d.ts +23 -0
- package/src/transport/transport.registry.js +138 -0
- package/src/transport/transport.registry.js.map +1 -0
- package/src/transport/transport.remote.d.ts +15 -0
- package/src/transport/transport.remote.js +31 -0
- package/src/transport/transport.remote.js.map +1 -0
- package/src/transport/transport.types.d.ts +54 -0
- package/src/transport/transport.types.js +3 -0
- package/src/transport/transport.types.js.map +1 -0
- package/src/types/drinen-hooks.types.d.ts +20 -0
- package/src/types/drinen-hooks.types.js +3 -0
- package/src/types/drinen-hooks.types.js.map +1 -0
- package/src/types/invoke.type.d.ts +15 -0
- package/src/types/invoke.type.js +34 -0
- package/src/types/invoke.type.js.map +1 -0
- package/src/types/token.types.d.ts +1 -0
- package/src/types/token.types.js +3 -0
- package/src/types/token.types.js.map +1 -0
- package/src/utils/metadata.utils.d.ts +5 -0
- package/src/utils/metadata.utils.js +26 -0
- package/src/utils/metadata.utils.js.map +1 -0
- package/src/utils/server.utils.d.ts +19 -0
- package/src/utils/server.utils.js +59 -0
- package/src/utils/server.utils.js.map +1 -0
- package/src/utils/string.utils.d.ts +1 -0
- package/src/utils/string.utils.js +10 -0
- package/src/utils/string.utils.js.map +1 -0
- package/src/utils/token.utils.d.ts +11 -0
- package/src/utils/token.utils.js +65 -0
- package/src/utils/token.utils.js.map +1 -0
- package/src/utils/types.utils.d.ts +7 -0
- package/src/utils/types.utils.js +3 -0
- package/src/utils/types.utils.js.map +1 -0
- package/src/constants.d.ts +0 -30
- package/src/constants.js +0 -36
- package/src/constants.js.map +0 -1
- package/src/decorators/adapter.decorator.js.map +0 -1
- package/src/decorators/app.decorator.js.map +0 -1
- package/src/decorators/auth-provider.decorator.js.map +0 -1
- package/src/decorators/flow.decorator.js.map +0 -1
- package/src/decorators/front-mcp.decorator.js +0 -40
- package/src/decorators/front-mcp.decorator.js.map +0 -1
- package/src/decorators/hook.decorator.js.map +0 -1
- package/src/decorators/index.js.map +0 -1
- package/src/decorators/logger.decorator.js.map +0 -1
- package/src/decorators/plugin.decorator.js.map +0 -1
- package/src/decorators/prompt.decorator.js.map +0 -1
- package/src/decorators/provider.decorator.js.map +0 -1
- package/src/decorators/resource.decorator.js.map +0 -1
- package/src/decorators/tool.decorator.d.ts +0 -42
- package/src/decorators/tool.decorator.js +0 -45
- package/src/decorators/tool.decorator.js.map +0 -1
- package/src/decorators-old/async-with.decorator.d.ts +0 -9
- package/src/decorators-old/async-with.decorator.js +0 -23
- package/src/decorators-old/async-with.decorator.js.map +0 -1
- package/src/decorators-old/auth-hook.decorator.js.map +0 -1
- package/src/decorators-old/session-hook.decorator.js.map +0 -1
- package/src/decorators-old/tool-hook.decorator.d.ts +0 -14
- package/src/decorators-old/tool-hook.decorator.js +0 -27
- package/src/decorators-old/tool-hook.decorator.js.map +0 -1
- package/src/dynamic/dynamic.adapter.js.map +0 -1
- package/src/dynamic/dynamic.plugin.js.map +0 -1
- package/src/dynamic/dynamic.utils.d.ts +0 -3
- package/src/dynamic/dynamic.utils.js.map +0 -1
- package/src/dynamic/index.js.map +0 -1
- package/src/entries/adapter.entry.js.map +0 -1
- package/src/entries/app.entry.d.ts +0 -13
- package/src/entries/app.entry.js.map +0 -1
- package/src/entries/auth-provider.entry.js.map +0 -1
- package/src/entries/base.entry.js.map +0 -1
- package/src/entries/flow.entry.js.map +0 -1
- package/src/entries/hook.entry.js.map +0 -1
- package/src/entries/index.js.map +0 -1
- package/src/entries/logger.entry.js.map +0 -1
- package/src/entries/plugin.entry.js.map +0 -1
- package/src/entries/prompt.entry.js.map +0 -1
- package/src/entries/provider.entry.js.map +0 -1
- package/src/entries/resource.entry.js.map +0 -1
- package/src/entries/scope.entry.js.map +0 -1
- package/src/entries/tool.entry.js.map +0 -1
- package/src/interfaces/adapter.interface.js.map +0 -1
- package/src/interfaces/app.interface.js.map +0 -1
- package/src/interfaces/auth-hook.interface.js.map +0 -1
- package/src/interfaces/auth-provider.interface.js.map +0 -1
- package/src/interfaces/base.interface.js.map +0 -1
- package/src/interfaces/flow.interface.d.ts +0 -41
- package/src/interfaces/flow.interface.js.map +0 -1
- package/src/interfaces/front-mcp.interface.js.map +0 -1
- package/src/interfaces/hook.interface.js.map +0 -1
- package/src/interfaces/index.js.map +0 -1
- package/src/interfaces/internal/flow.utils.d.ts +0 -24
- package/src/interfaces/internal/flow.utils.js.map +0 -1
- package/src/interfaces/internal/index.js.map +0 -1
- package/src/interfaces/internal/primary-auth-provider.interface.d.ts +0 -24
- package/src/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
- package/src/interfaces/internal/registry.interface.d.ts +0 -97
- package/src/interfaces/internal/registry.interface.js.map +0 -1
- package/src/interfaces/logger.interface.js.map +0 -1
- package/src/interfaces/plugin.interface.js.map +0 -1
- package/src/interfaces/prompt.interface.js.map +0 -1
- package/src/interfaces/provider.interface.js.map +0 -1
- package/src/interfaces/resource.interface.js.map +0 -1
- package/src/interfaces/scope.interface.js.map +0 -1
- package/src/interfaces/server.interface.js.map +0 -1
- package/src/interfaces/session-hook.interface.js.map +0 -1
- package/src/interfaces/tool-hook.interface.js.map +0 -1
- package/src/interfaces/tool.interface.js.map +0 -1
- package/src/metadata/adapter.metadata.js.map +0 -1
- package/src/metadata/app.metadata.d.ts +0 -872
- package/src/metadata/app.metadata.js.map +0 -1
- package/src/metadata/auth-provider.metadata.js.map +0 -1
- package/src/metadata/flow.metadata.d.ts +0 -77
- package/src/metadata/flow.metadata.js.map +0 -1
- package/src/metadata/front-mcp.metadata.d.ts +0 -1144
- package/src/metadata/front-mcp.metadata.js.map +0 -1
- package/src/metadata/hook.metadata.js.map +0 -1
- package/src/metadata/index.js.map +0 -1
- package/src/metadata/logger.metadata.js.map +0 -1
- package/src/metadata/plugin.metadata.js.map +0 -1
- package/src/metadata/prompt.metadata.js.map +0 -1
- package/src/metadata/provider.metadata.js.map +0 -1
- package/src/metadata/resource.metadata.js.map +0 -1
- package/src/metadata/tool.metadata.d.ts +0 -178
- package/src/metadata/tool.metadata.js.map +0 -1
- package/src/providers/session.provider.js.map +0 -1
- package/src/records/adapter.record.js.map +0 -1
- package/src/records/app.record.js.map +0 -1
- package/src/records/auth-provider.record.js.map +0 -1
- package/src/records/flow.record.js.map +0 -1
- package/src/records/hook.record.js.map +0 -1
- package/src/records/index.js.map +0 -1
- package/src/records/logger.record.d.ts +0 -11
- package/src/records/logger.record.js.map +0 -1
- package/src/records/plugin.record.js.map +0 -1
- package/src/records/prompt.record.js.map +0 -1
- package/src/records/provider.record.js.map +0 -1
- package/src/records/resource.record.js.map +0 -1
- package/src/records/scope.record.js.map +0 -1
- package/src/records/tool.record.js.map +0 -1
- package/src/schemas/annotated-class.schema.js.map +0 -1
- package/src/schemas/http-input.schema.js.map +0 -1
- package/src/schemas/http-output.schema.d.ts +0 -2011
- package/src/schemas/http-output.schema.js.map +0 -1
- package/src/schemas/index.js.map +0 -1
- package/src/tokens/adapter.tokens.js.map +0 -1
- package/src/tokens/app.tokens.js.map +0 -1
- package/src/tokens/auth-provider.tokens.js.map +0 -1
- package/src/tokens/base.tokens.js.map +0 -1
- package/src/tokens/flow-hook.tokens.js.map +0 -1
- package/src/tokens/flow.tokens.js.map +0 -1
- package/src/tokens/front-mcp.tokens.js.map +0 -1
- package/src/tokens/index.js.map +0 -1
- package/src/tokens/logger.tokens.js.map +0 -1
- package/src/tokens/plugin.tokens.js.map +0 -1
- package/src/tokens/prompt.tokens.js.map +0 -1
- package/src/tokens/provider.tokens.js.map +0 -1
- package/src/tokens/resource.tokens.js.map +0 -1
- package/src/tokens/server.tokens.js.map +0 -1
- package/src/tokens/tool.tokens.js.map +0 -1
- package/src/types/auth/index.js.map +0 -1
- package/src/types/auth/jwt.types.js.map +0 -1
- package/src/types/auth/session.types.d.ts +0 -263
- package/src/types/auth/session.types.js.map +0 -1
- package/src/types/common.types.js.map +0 -1
- package/src/types/index.js.map +0 -1
- package/src/types/options/auth.options.d.ts +0 -513
- package/src/types/options/auth.options.js.map +0 -1
- package/src/types/options/http.options.js.map +0 -1
- package/src/types/options/index.js.map +0 -1
- package/src/types/options/logging.options.d.ts +0 -39
- package/src/types/options/logging.options.js.map +0 -1
- package/src/types/options/server-info.options.d.ts +0 -48
- package/src/types/options/server-info.options.js.map +0 -1
- package/src/types/options/session.options.d.ts +0 -67
- package/src/types/options/session.options.js.map +0 -1
- package/src/utils/decide-request-intent.utils.d.ts +0 -79
- package/src/utils/decide-request-intent.utils.js.map +0 -1
- package/src/utils/index.js.map +0 -1
- package/src/utils/path.utils.d.ts +0 -20
- package/src/utils/path.utils.js.map +0 -1
- /package/src/{decorators → common/decorators}/adapter.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/adapter.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/app.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/app.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/auth-provider.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/auth-provider.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/flow.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/flow.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/front-mcp.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/hook.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/hook.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/index.d.ts +0 -0
- /package/src/{decorators → common/decorators}/index.js +0 -0
- /package/src/{decorators → common/decorators}/logger.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/logger.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/plugin.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/plugin.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/prompt.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/prompt.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/provider.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/provider.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/resource.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/resource.decorator.js +0 -0
- /package/src/{decorators-old → common/decorators-old}/auth-hook.decorator.d.ts +0 -0
- /package/src/{decorators-old → common/decorators-old}/auth-hook.decorator.js +0 -0
- /package/src/{decorators-old → common/decorators-old}/session-hook.decorator.d.ts +0 -0
- /package/src/{decorators-old → common/decorators-old}/session-hook.decorator.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.adapter.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.adapter.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.plugin.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.plugin.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.utils.js +0 -0
- /package/src/{dynamic → common/dynamic}/index.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/index.js +0 -0
- /package/src/{entries → common/entries}/adapter.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/adapter.entry.js +0 -0
- /package/src/{entries → common/entries}/app.entry.js +0 -0
- /package/src/{entries → common/entries}/auth-provider.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/auth-provider.entry.js +0 -0
- /package/src/{entries → common/entries}/base.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/base.entry.js +0 -0
- /package/src/{entries → common/entries}/flow.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/flow.entry.js +0 -0
- /package/src/{entries → common/entries}/hook.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/hook.entry.js +0 -0
- /package/src/{entries → common/entries}/index.d.ts +0 -0
- /package/src/{entries → common/entries}/index.js +0 -0
- /package/src/{entries → common/entries}/logger.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/logger.entry.js +0 -0
- /package/src/{entries → common/entries}/plugin.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/plugin.entry.js +0 -0
- /package/src/{entries → common/entries}/prompt.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/prompt.entry.js +0 -0
- /package/src/{entries → common/entries}/provider.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/provider.entry.js +0 -0
- /package/src/{entries → common/entries}/resource.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/resource.entry.js +0 -0
- /package/src/{entries → common/entries}/scope.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/scope.entry.js +0 -0
- /package/src/{entries → common/entries}/tool.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/tool.entry.js +0 -0
- /package/src/{interfaces → common/interfaces}/adapter.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/adapter.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/app.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/app.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/auth-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/auth-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/auth-provider.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/auth-provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/base.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/base.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/flow.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/front-mcp.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/front-mcp.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/index.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/index.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/flow.utils.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/index.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/internal/index.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/primary-auth-provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/registry.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/logger.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/logger.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/plugin.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/plugin.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/prompt.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/prompt.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/provider.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/resource.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/resource.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/scope.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/scope.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/server.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/server.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/session-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/session-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/tool-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/tool-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/tool.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/tool.interface.js +0 -0
- /package/src/{metadata → common/metadata}/adapter.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/adapter.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/app.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/auth-provider.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/auth-provider.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/flow.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/front-mcp.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/hook.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/hook.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/index.d.ts +0 -0
- /package/src/{metadata → common/metadata}/index.js +0 -0
- /package/src/{metadata → common/metadata}/logger.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/logger.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/plugin.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/plugin.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/prompt.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/prompt.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/provider.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/provider.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/resource.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/resource.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/tool.metadata.js +0 -0
- /package/src/{providers → common/providers}/session.provider.d.ts +0 -0
- /package/src/{providers → common/providers}/session.provider.js +0 -0
- /package/src/{records → common/records}/adapter.record.d.ts +0 -0
- /package/src/{records → common/records}/adapter.record.js +0 -0
- /package/src/{records → common/records}/app.record.d.ts +0 -0
- /package/src/{records → common/records}/app.record.js +0 -0
- /package/src/{records → common/records}/auth-provider.record.d.ts +0 -0
- /package/src/{records → common/records}/auth-provider.record.js +0 -0
- /package/src/{records → common/records}/flow.record.d.ts +0 -0
- /package/src/{records → common/records}/flow.record.js +0 -0
- /package/src/{records → common/records}/hook.record.d.ts +0 -0
- /package/src/{records → common/records}/hook.record.js +0 -0
- /package/src/{records → common/records}/index.d.ts +0 -0
- /package/src/{records → common/records}/index.js +0 -0
- /package/src/{records → common/records}/logger.record.js +0 -0
- /package/src/{records → common/records}/plugin.record.d.ts +0 -0
- /package/src/{records → common/records}/plugin.record.js +0 -0
- /package/src/{records → common/records}/prompt.record.d.ts +0 -0
- /package/src/{records → common/records}/prompt.record.js +0 -0
- /package/src/{records → common/records}/provider.record.d.ts +0 -0
- /package/src/{records → common/records}/provider.record.js +0 -0
- /package/src/{records → common/records}/resource.record.d.ts +0 -0
- /package/src/{records → common/records}/resource.record.js +0 -0
- /package/src/{records → common/records}/scope.record.d.ts +0 -0
- /package/src/{records → common/records}/scope.record.js +0 -0
- /package/src/{records → common/records}/tool.record.d.ts +0 -0
- /package/src/{records → common/records}/tool.record.js +0 -0
- /package/src/{schemas → common/schemas}/annotated-class.schema.d.ts +0 -0
- /package/src/{schemas → common/schemas}/annotated-class.schema.js +0 -0
- /package/src/{schemas → common/schemas}/http-input.schema.d.ts +0 -0
- /package/src/{schemas → common/schemas}/http-input.schema.js +0 -0
- /package/src/{schemas → common/schemas}/http-output.schema.js +0 -0
- /package/src/{schemas → common/schemas}/index.d.ts +0 -0
- /package/src/{schemas → common/schemas}/index.js +0 -0
- /package/src/{tokens → common/tokens}/adapter.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/adapter.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/app.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/app.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/auth-provider.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/auth-provider.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/base.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/base.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/flow-hook.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/flow-hook.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/flow.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/flow.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/front-mcp.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/front-mcp.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/index.d.ts +0 -0
- /package/src/{tokens → common/tokens}/index.js +0 -0
- /package/src/{tokens → common/tokens}/logger.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/logger.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/plugin.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/plugin.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/prompt.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/prompt.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/provider.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/provider.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/resource.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/resource.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/server.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/server.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/tool.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/tool.tokens.js +0 -0
- /package/src/{types → common/types}/auth/index.d.ts +0 -0
- /package/src/{types → common/types}/auth/index.js +0 -0
- /package/src/{types → common/types}/auth/jwt.types.d.ts +0 -0
- /package/src/{types → common/types}/auth/jwt.types.js +0 -0
- /package/src/{types → common/types}/auth/session.types.js +0 -0
- /package/src/{types → common/types}/common.types.d.ts +0 -0
- /package/src/{types → common/types}/common.types.js +0 -0
- /package/src/{types → common/types}/index.d.ts +0 -0
- /package/src/{types → common/types}/index.js +0 -0
- /package/src/{types → common/types}/options/auth.options.js +0 -0
- /package/src/{types → common/types}/options/http.options.d.ts +0 -0
- /package/src/{types → common/types}/options/http.options.js +0 -0
- /package/src/{types → common/types}/options/index.d.ts +0 -0
- /package/src/{types → common/types}/options/index.js +0 -0
- /package/src/{types → common/types}/options/logging.options.js +0 -0
- /package/src/{types → common/types}/options/server-info.options.js +0 -0
- /package/src/{types → common/types}/options/session.options.js +0 -0
- /package/src/{utils → common/utils}/decide-request-intent.utils.js +0 -0
- /package/src/{utils → common/utils}/index.d.ts +0 -0
- /package/src/{utils → common/utils}/index.js +0 -0
- /package/src/{utils → common/utils}/path.utils.js +0 -0
|
@@ -0,0 +1,404 @@
|
|
|
1
|
+
import { FlowBase, FlowRunOptions } from '../../common';
|
|
2
|
+
import 'reflect-metadata';
|
|
3
|
+
import { z } from 'zod';
|
|
4
|
+
declare const inputSchema: z.ZodObject<{
|
|
5
|
+
request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
|
|
6
|
+
}, "strip", z.ZodTypeAny, {
|
|
7
|
+
request: {} & {
|
|
8
|
+
[k: string]: unknown;
|
|
9
|
+
};
|
|
10
|
+
}, {
|
|
11
|
+
request: {} & {
|
|
12
|
+
[k: string]: unknown;
|
|
13
|
+
};
|
|
14
|
+
}>;
|
|
15
|
+
declare const stateSchema: z.ZodObject<{
|
|
16
|
+
baseUrl: z.ZodString;
|
|
17
|
+
authorizationHeader: z.ZodOptional<z.ZodString>;
|
|
18
|
+
token: z.ZodOptional<z.ZodString>;
|
|
19
|
+
sessionIdHeader: z.ZodOptional<z.ZodString>;
|
|
20
|
+
sessionProtocol: z.ZodOptional<z.ZodString>;
|
|
21
|
+
prmMetadataPath: z.ZodOptional<z.ZodString>;
|
|
22
|
+
prmMetadataHeader: z.ZodOptional<z.ZodString>;
|
|
23
|
+
jwtPayload: z.ZodOptional<z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>>;
|
|
24
|
+
user: z.ZodOptional<z.ZodObject<{
|
|
25
|
+
iss: z.ZodString;
|
|
26
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
27
|
+
sub: z.ZodString;
|
|
28
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
29
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
30
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
31
|
+
email: z.ZodOptional<z.ZodString>;
|
|
32
|
+
username: z.ZodOptional<z.ZodString>;
|
|
33
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
34
|
+
name: z.ZodOptional<z.ZodString>;
|
|
35
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
36
|
+
}, "passthrough", z.ZodTypeAny, z.objectOutputType<{
|
|
37
|
+
iss: z.ZodString;
|
|
38
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
39
|
+
sub: z.ZodString;
|
|
40
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
41
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
42
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
43
|
+
email: z.ZodOptional<z.ZodString>;
|
|
44
|
+
username: z.ZodOptional<z.ZodString>;
|
|
45
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
46
|
+
name: z.ZodOptional<z.ZodString>;
|
|
47
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
48
|
+
}, z.ZodTypeAny, "passthrough">, z.objectInputType<{
|
|
49
|
+
iss: z.ZodString;
|
|
50
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
51
|
+
sub: z.ZodString;
|
|
52
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
53
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
54
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
55
|
+
email: z.ZodOptional<z.ZodString>;
|
|
56
|
+
username: z.ZodOptional<z.ZodString>;
|
|
57
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
58
|
+
name: z.ZodOptional<z.ZodString>;
|
|
59
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
60
|
+
}, z.ZodTypeAny, "passthrough">>>;
|
|
61
|
+
session: z.ZodOptional<z.ZodObject<{
|
|
62
|
+
id: z.ZodString;
|
|
63
|
+
payload: z.ZodObject<{
|
|
64
|
+
nodeId: z.ZodString;
|
|
65
|
+
authSig: z.ZodString;
|
|
66
|
+
uuid: z.ZodString;
|
|
67
|
+
iat: z.ZodNumber;
|
|
68
|
+
protocol: z.ZodEnum<["legacy-sse", "sse", "streamable-http", "stateful-http", "stateless-http"]>;
|
|
69
|
+
}, "strip", z.ZodTypeAny, {
|
|
70
|
+
uuid: string;
|
|
71
|
+
nodeId: string;
|
|
72
|
+
authSig: string;
|
|
73
|
+
iat: number;
|
|
74
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
75
|
+
}, {
|
|
76
|
+
uuid: string;
|
|
77
|
+
nodeId: string;
|
|
78
|
+
authSig: string;
|
|
79
|
+
iat: number;
|
|
80
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
81
|
+
}>;
|
|
82
|
+
}, "strip", z.ZodTypeAny, {
|
|
83
|
+
id: string;
|
|
84
|
+
payload: {
|
|
85
|
+
uuid: string;
|
|
86
|
+
nodeId: string;
|
|
87
|
+
authSig: string;
|
|
88
|
+
iat: number;
|
|
89
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
90
|
+
};
|
|
91
|
+
}, {
|
|
92
|
+
id: string;
|
|
93
|
+
payload: {
|
|
94
|
+
uuid: string;
|
|
95
|
+
nodeId: string;
|
|
96
|
+
authSig: string;
|
|
97
|
+
iat: number;
|
|
98
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
99
|
+
};
|
|
100
|
+
}>>;
|
|
101
|
+
}, "strip", z.ZodTypeAny, {
|
|
102
|
+
baseUrl: string;
|
|
103
|
+
session?: {
|
|
104
|
+
id: string;
|
|
105
|
+
payload: {
|
|
106
|
+
uuid: string;
|
|
107
|
+
nodeId: string;
|
|
108
|
+
authSig: string;
|
|
109
|
+
iat: number;
|
|
110
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
111
|
+
};
|
|
112
|
+
} | undefined;
|
|
113
|
+
prmMetadataHeader?: string | undefined;
|
|
114
|
+
token?: string | undefined;
|
|
115
|
+
user?: z.objectOutputType<{
|
|
116
|
+
iss: z.ZodString;
|
|
117
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
118
|
+
sub: z.ZodString;
|
|
119
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
120
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
121
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
122
|
+
email: z.ZodOptional<z.ZodString>;
|
|
123
|
+
username: z.ZodOptional<z.ZodString>;
|
|
124
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
125
|
+
name: z.ZodOptional<z.ZodString>;
|
|
126
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
127
|
+
}, z.ZodTypeAny, "passthrough"> | undefined;
|
|
128
|
+
authorizationHeader?: string | undefined;
|
|
129
|
+
sessionIdHeader?: string | undefined;
|
|
130
|
+
sessionProtocol?: string | undefined;
|
|
131
|
+
prmMetadataPath?: string | undefined;
|
|
132
|
+
jwtPayload?: z.objectOutputType<{}, z.ZodTypeAny, "passthrough"> | undefined;
|
|
133
|
+
}, {
|
|
134
|
+
baseUrl: string;
|
|
135
|
+
session?: {
|
|
136
|
+
id: string;
|
|
137
|
+
payload: {
|
|
138
|
+
uuid: string;
|
|
139
|
+
nodeId: string;
|
|
140
|
+
authSig: string;
|
|
141
|
+
iat: number;
|
|
142
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
143
|
+
};
|
|
144
|
+
} | undefined;
|
|
145
|
+
prmMetadataHeader?: string | undefined;
|
|
146
|
+
token?: string | undefined;
|
|
147
|
+
user?: z.objectInputType<{
|
|
148
|
+
iss: z.ZodString;
|
|
149
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
150
|
+
sub: z.ZodString;
|
|
151
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
152
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
153
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
154
|
+
email: z.ZodOptional<z.ZodString>;
|
|
155
|
+
username: z.ZodOptional<z.ZodString>;
|
|
156
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
157
|
+
name: z.ZodOptional<z.ZodString>;
|
|
158
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
159
|
+
}, z.ZodTypeAny, "passthrough"> | undefined;
|
|
160
|
+
authorizationHeader?: string | undefined;
|
|
161
|
+
sessionIdHeader?: string | undefined;
|
|
162
|
+
sessionProtocol?: string | undefined;
|
|
163
|
+
prmMetadataPath?: string | undefined;
|
|
164
|
+
jwtPayload?: z.objectInputType<{}, z.ZodTypeAny, "passthrough"> | undefined;
|
|
165
|
+
}>;
|
|
166
|
+
export declare const sessionVerifyOutputSchema: z.ZodUnion<[z.ZodObject<{
|
|
167
|
+
kind: z.ZodLiteral<"unauthorized">;
|
|
168
|
+
prmMetadataHeader: z.ZodString;
|
|
169
|
+
}, "strip", z.ZodTypeAny, {
|
|
170
|
+
kind: "unauthorized";
|
|
171
|
+
prmMetadataHeader: string;
|
|
172
|
+
}, {
|
|
173
|
+
kind: "unauthorized";
|
|
174
|
+
prmMetadataHeader: string;
|
|
175
|
+
}>, z.ZodObject<{
|
|
176
|
+
kind: z.ZodLiteral<"authorized">;
|
|
177
|
+
authorization: z.ZodObject<{
|
|
178
|
+
token: z.ZodString;
|
|
179
|
+
session: z.ZodOptional<z.ZodObject<{
|
|
180
|
+
id: z.ZodString;
|
|
181
|
+
payload: z.ZodObject<{
|
|
182
|
+
nodeId: z.ZodString;
|
|
183
|
+
authSig: z.ZodString;
|
|
184
|
+
uuid: z.ZodString;
|
|
185
|
+
iat: z.ZodNumber;
|
|
186
|
+
protocol: z.ZodEnum<["legacy-sse", "sse", "streamable-http", "stateful-http", "stateless-http"]>;
|
|
187
|
+
}, "strip", z.ZodTypeAny, {
|
|
188
|
+
uuid: string;
|
|
189
|
+
nodeId: string;
|
|
190
|
+
authSig: string;
|
|
191
|
+
iat: number;
|
|
192
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
193
|
+
}, {
|
|
194
|
+
uuid: string;
|
|
195
|
+
nodeId: string;
|
|
196
|
+
authSig: string;
|
|
197
|
+
iat: number;
|
|
198
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
199
|
+
}>;
|
|
200
|
+
}, "strip", z.ZodTypeAny, {
|
|
201
|
+
id: string;
|
|
202
|
+
payload: {
|
|
203
|
+
uuid: string;
|
|
204
|
+
nodeId: string;
|
|
205
|
+
authSig: string;
|
|
206
|
+
iat: number;
|
|
207
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
208
|
+
};
|
|
209
|
+
}, {
|
|
210
|
+
id: string;
|
|
211
|
+
payload: {
|
|
212
|
+
uuid: string;
|
|
213
|
+
nodeId: string;
|
|
214
|
+
authSig: string;
|
|
215
|
+
iat: number;
|
|
216
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
217
|
+
};
|
|
218
|
+
}>>;
|
|
219
|
+
user: z.ZodObject<{
|
|
220
|
+
iss: z.ZodString;
|
|
221
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
222
|
+
sub: z.ZodString;
|
|
223
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
224
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
225
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
226
|
+
email: z.ZodOptional<z.ZodString>;
|
|
227
|
+
username: z.ZodOptional<z.ZodString>;
|
|
228
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
229
|
+
name: z.ZodOptional<z.ZodString>;
|
|
230
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
231
|
+
}, "passthrough", z.ZodTypeAny, z.objectOutputType<{
|
|
232
|
+
iss: z.ZodString;
|
|
233
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
234
|
+
sub: z.ZodString;
|
|
235
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
236
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
237
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
238
|
+
email: z.ZodOptional<z.ZodString>;
|
|
239
|
+
username: z.ZodOptional<z.ZodString>;
|
|
240
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
241
|
+
name: z.ZodOptional<z.ZodString>;
|
|
242
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
243
|
+
}, z.ZodTypeAny, "passthrough">, z.objectInputType<{
|
|
244
|
+
iss: z.ZodString;
|
|
245
|
+
sid: z.ZodOptional<z.ZodString>;
|
|
246
|
+
sub: z.ZodString;
|
|
247
|
+
exp: z.ZodOptional<z.ZodNumber>;
|
|
248
|
+
iat: z.ZodOptional<z.ZodNumber>;
|
|
249
|
+
aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
|
|
250
|
+
email: z.ZodOptional<z.ZodString>;
|
|
251
|
+
username: z.ZodOptional<z.ZodString>;
|
|
252
|
+
preferred_username: z.ZodOptional<z.ZodString>;
|
|
253
|
+
name: z.ZodOptional<z.ZodString>;
|
|
254
|
+
picture: z.ZodOptional<z.ZodString>;
|
|
255
|
+
}, z.ZodTypeAny, "passthrough">>;
|
|
256
|
+
}, "strip", z.ZodTypeAny, {
|
|
257
|
+
token: string;
|
|
258
|
+
user: {
|
|
259
|
+
sub: string;
|
|
260
|
+
iss: string;
|
|
261
|
+
name?: string | undefined;
|
|
262
|
+
email?: string | undefined;
|
|
263
|
+
iat?: number | undefined;
|
|
264
|
+
sid?: string | undefined;
|
|
265
|
+
exp?: number | undefined;
|
|
266
|
+
aud?: string | string[] | undefined;
|
|
267
|
+
username?: string | undefined;
|
|
268
|
+
preferred_username?: string | undefined;
|
|
269
|
+
picture?: string | undefined;
|
|
270
|
+
} & {
|
|
271
|
+
[k: string]: unknown;
|
|
272
|
+
};
|
|
273
|
+
session?: {
|
|
274
|
+
id: string;
|
|
275
|
+
payload: {
|
|
276
|
+
uuid: string;
|
|
277
|
+
nodeId: string;
|
|
278
|
+
authSig: string;
|
|
279
|
+
iat: number;
|
|
280
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
281
|
+
};
|
|
282
|
+
} | undefined;
|
|
283
|
+
}, {
|
|
284
|
+
token: string;
|
|
285
|
+
user: {
|
|
286
|
+
sub: string;
|
|
287
|
+
iss: string;
|
|
288
|
+
name?: string | undefined;
|
|
289
|
+
email?: string | undefined;
|
|
290
|
+
iat?: number | undefined;
|
|
291
|
+
sid?: string | undefined;
|
|
292
|
+
exp?: number | undefined;
|
|
293
|
+
aud?: string | string[] | undefined;
|
|
294
|
+
username?: string | undefined;
|
|
295
|
+
preferred_username?: string | undefined;
|
|
296
|
+
picture?: string | undefined;
|
|
297
|
+
} & {
|
|
298
|
+
[k: string]: unknown;
|
|
299
|
+
};
|
|
300
|
+
session?: {
|
|
301
|
+
id: string;
|
|
302
|
+
payload: {
|
|
303
|
+
uuid: string;
|
|
304
|
+
nodeId: string;
|
|
305
|
+
authSig: string;
|
|
306
|
+
iat: number;
|
|
307
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
308
|
+
};
|
|
309
|
+
} | undefined;
|
|
310
|
+
}>;
|
|
311
|
+
}, "strip", z.ZodTypeAny, {
|
|
312
|
+
kind: "authorized";
|
|
313
|
+
authorization: {
|
|
314
|
+
token: string;
|
|
315
|
+
user: {
|
|
316
|
+
sub: string;
|
|
317
|
+
iss: string;
|
|
318
|
+
name?: string | undefined;
|
|
319
|
+
email?: string | undefined;
|
|
320
|
+
iat?: number | undefined;
|
|
321
|
+
sid?: string | undefined;
|
|
322
|
+
exp?: number | undefined;
|
|
323
|
+
aud?: string | string[] | undefined;
|
|
324
|
+
username?: string | undefined;
|
|
325
|
+
preferred_username?: string | undefined;
|
|
326
|
+
picture?: string | undefined;
|
|
327
|
+
} & {
|
|
328
|
+
[k: string]: unknown;
|
|
329
|
+
};
|
|
330
|
+
session?: {
|
|
331
|
+
id: string;
|
|
332
|
+
payload: {
|
|
333
|
+
uuid: string;
|
|
334
|
+
nodeId: string;
|
|
335
|
+
authSig: string;
|
|
336
|
+
iat: number;
|
|
337
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
338
|
+
};
|
|
339
|
+
} | undefined;
|
|
340
|
+
};
|
|
341
|
+
}, {
|
|
342
|
+
kind: "authorized";
|
|
343
|
+
authorization: {
|
|
344
|
+
token: string;
|
|
345
|
+
user: {
|
|
346
|
+
sub: string;
|
|
347
|
+
iss: string;
|
|
348
|
+
name?: string | undefined;
|
|
349
|
+
email?: string | undefined;
|
|
350
|
+
iat?: number | undefined;
|
|
351
|
+
sid?: string | undefined;
|
|
352
|
+
exp?: number | undefined;
|
|
353
|
+
aud?: string | string[] | undefined;
|
|
354
|
+
username?: string | undefined;
|
|
355
|
+
preferred_username?: string | undefined;
|
|
356
|
+
picture?: string | undefined;
|
|
357
|
+
} & {
|
|
358
|
+
[k: string]: unknown;
|
|
359
|
+
};
|
|
360
|
+
session?: {
|
|
361
|
+
id: string;
|
|
362
|
+
payload: {
|
|
363
|
+
uuid: string;
|
|
364
|
+
nodeId: string;
|
|
365
|
+
authSig: string;
|
|
366
|
+
iat: number;
|
|
367
|
+
protocol: "sse" | "legacy-sse" | "streamable-http" | "stateful-http" | "stateless-http";
|
|
368
|
+
};
|
|
369
|
+
} | undefined;
|
|
370
|
+
};
|
|
371
|
+
}>]>;
|
|
372
|
+
declare const plan: {
|
|
373
|
+
readonly pre: ["parseInput", "requireAuthorizationHeader", "verifyIfJwt"];
|
|
374
|
+
readonly execute: ["deriveUser", "parseSessionHeader", "buildAuthorizedOutput"];
|
|
375
|
+
};
|
|
376
|
+
declare global {
|
|
377
|
+
interface ExtendFlows {
|
|
378
|
+
'session:verify': FlowRunOptions<SessionVerifyFlow, typeof plan, typeof inputSchema, typeof sessionVerifyOutputSchema, typeof stateSchema>;
|
|
379
|
+
}
|
|
380
|
+
}
|
|
381
|
+
declare const name: "session:verify";
|
|
382
|
+
export default class SessionVerifyFlow extends FlowBase<typeof name> {
|
|
383
|
+
parseInput(): Promise<void>;
|
|
384
|
+
requireAuthorizationOrChallenge(): Promise<void>;
|
|
385
|
+
/**
|
|
386
|
+
* If Authorization is a JWT:
|
|
387
|
+
* - Attempt verification against any known / cached public keys we have (gateway/local)
|
|
388
|
+
* - If verification fails → 401
|
|
389
|
+
* - If verification ok → capture payload
|
|
390
|
+
* If NOT a JWT:
|
|
391
|
+
* - we do NOT attempt verification, just pass the raw token through
|
|
392
|
+
*/
|
|
393
|
+
verifyIfJwt(): Promise<void>;
|
|
394
|
+
deriveUser(): Promise<void>;
|
|
395
|
+
/**
|
|
396
|
+
* Parse the session header (mcp-session-id)
|
|
397
|
+
* - If session id is present, validate it
|
|
398
|
+
* - If valid, capture the session info
|
|
399
|
+
* - If NOT valid, ignore (no session)
|
|
400
|
+
*/
|
|
401
|
+
parseSessionHeader(): Promise<void>;
|
|
402
|
+
buildAuthorizedOutput(): Promise<void>;
|
|
403
|
+
}
|
|
404
|
+
export {};
|
|
@@ -0,0 +1,205 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.sessionVerifyOutputSchema = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
// auth/flows/session.verify.flow.ts
|
|
6
|
+
const common_1 = require("../../common");
|
|
7
|
+
require("reflect-metadata");
|
|
8
|
+
const zod_1 = require("zod");
|
|
9
|
+
const path_utils_1 = require("../path.utils");
|
|
10
|
+
const auth_token_utils_1 = require("../session/utils/auth-token.utils");
|
|
11
|
+
const jwks_1 = require("../jwks");
|
|
12
|
+
const session_id_utils_1 = require("../session/utils/session-id.utils");
|
|
13
|
+
const inputSchema = common_1.httpRequestInputSchema;
|
|
14
|
+
const stateSchema = zod_1.z.object({
|
|
15
|
+
baseUrl: zod_1.z.string().min(1),
|
|
16
|
+
authorizationHeader: zod_1.z.string().optional(),
|
|
17
|
+
token: zod_1.z.string().optional(),
|
|
18
|
+
sessionIdHeader: zod_1.z.string().optional(), // 'mcp-session-id'
|
|
19
|
+
sessionProtocol: zod_1.z.string().optional(), // 'sse/http/streamable-http'
|
|
20
|
+
prmMetadataPath: zod_1.z.string().optional(),
|
|
21
|
+
prmMetadataHeader: zod_1.z.string().optional(),
|
|
22
|
+
jwtPayload: zod_1.z.object({}).passthrough().optional(),
|
|
23
|
+
user: common_1.userClaimSchema.optional(),
|
|
24
|
+
session: common_1.sessionIdSchema.optional(),
|
|
25
|
+
});
|
|
26
|
+
const UnauthorizedSchema = zod_1.z
|
|
27
|
+
.object({
|
|
28
|
+
kind: zod_1.z.literal('unauthorized'),
|
|
29
|
+
prmMetadataHeader: zod_1.z.string().describe('Path to protected resource metadata'),
|
|
30
|
+
})
|
|
31
|
+
.describe('401 Unauthorized with \'WWW-Authenticate\' header for requesting authentication\'');
|
|
32
|
+
const AuthorizedSchema = zod_1.z
|
|
33
|
+
.object({
|
|
34
|
+
kind: zod_1.z.literal('authorized'),
|
|
35
|
+
authorization: common_1.authorizationSchema.describe('Session information if session id is present'),
|
|
36
|
+
})
|
|
37
|
+
.describe('Authorized session information');
|
|
38
|
+
exports.sessionVerifyOutputSchema = zod_1.z.union([UnauthorizedSchema, AuthorizedSchema]);
|
|
39
|
+
const plan = {
|
|
40
|
+
pre: ['parseInput', 'requireAuthorizationHeader', 'verifyIfJwt'],
|
|
41
|
+
execute: ['deriveUser', 'parseSessionHeader', 'buildAuthorizedOutput'],
|
|
42
|
+
};
|
|
43
|
+
const name = 'session:verify';
|
|
44
|
+
const Stage = (0, common_1.StageHookOf)(name);
|
|
45
|
+
let SessionVerifyFlow = class SessionVerifyFlow extends common_1.FlowBase {
|
|
46
|
+
async parseInput() {
|
|
47
|
+
const { request } = this.rawInput;
|
|
48
|
+
const entryPath = (0, path_utils_1.normalizeEntryPrefix)(this.scope.entryPath);
|
|
49
|
+
const routeBase = (0, path_utils_1.normalizeScopeBase)(this.scope.routeBase);
|
|
50
|
+
const baseUrl = (0, path_utils_1.getRequestBaseUrl)(request, entryPath);
|
|
51
|
+
const authorizationHeader = request.headers?.['authorization'] ?? undefined;
|
|
52
|
+
const httpTransportHeader = request.headers?.['http-transport'];
|
|
53
|
+
const sessionIdRawHeader = request.headers?.['mcp-session-id'];
|
|
54
|
+
const sessionIdQuery = request.query['sessionId'];
|
|
55
|
+
const sessionIdHeader = sessionIdRawHeader ?? sessionIdQuery ?? undefined;
|
|
56
|
+
const sessionProtocol = httpTransportHeader
|
|
57
|
+
? 'http'
|
|
58
|
+
: sessionIdHeader
|
|
59
|
+
? 'streamable-http'
|
|
60
|
+
: sessionIdQuery
|
|
61
|
+
? 'sse'
|
|
62
|
+
: undefined;
|
|
63
|
+
const token = (0, auth_token_utils_1.extractBearerToken)(authorizationHeader);
|
|
64
|
+
const prmMetadataPath = `/.well-known/oauth-protected-resource${entryPath}${routeBase}`;
|
|
65
|
+
const prmMetadataHeader = `Bearer resource_metadata="${baseUrl}${prmMetadataPath}"`;
|
|
66
|
+
this.state.set({
|
|
67
|
+
baseUrl,
|
|
68
|
+
authorizationHeader,
|
|
69
|
+
token,
|
|
70
|
+
sessionIdHeader,
|
|
71
|
+
sessionProtocol,
|
|
72
|
+
prmMetadataPath,
|
|
73
|
+
prmMetadataHeader,
|
|
74
|
+
});
|
|
75
|
+
}
|
|
76
|
+
async requireAuthorizationOrChallenge() {
|
|
77
|
+
this.respond({
|
|
78
|
+
kind: 'unauthorized',
|
|
79
|
+
prmMetadataHeader: this.state.required.prmMetadataHeader,
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
/**
|
|
83
|
+
* If Authorization is a JWT:
|
|
84
|
+
* - Attempt verification against any known / cached public keys we have (gateway/local)
|
|
85
|
+
* - If verification fails → 401
|
|
86
|
+
* - If verification ok → capture payload
|
|
87
|
+
* If NOT a JWT:
|
|
88
|
+
* - we do NOT attempt verification, just pass the raw token through
|
|
89
|
+
*/
|
|
90
|
+
async verifyIfJwt() {
|
|
91
|
+
const jwks = this.get(jwks_1.JwksService); // TODO: fix providers
|
|
92
|
+
const token = this.state.required.token;
|
|
93
|
+
if (!(0, auth_token_utils_1.isJwt)(token)) {
|
|
94
|
+
// Non-JWT tokens are passed through; user will be mostly empty (the best effort later).
|
|
95
|
+
this.respond({
|
|
96
|
+
kind: 'unauthorized',
|
|
97
|
+
prmMetadataHeader: this.state.required.prmMetadataHeader,
|
|
98
|
+
});
|
|
99
|
+
return;
|
|
100
|
+
}
|
|
101
|
+
// Best-effort verification using locally known keys (gateway/local provider cache).
|
|
102
|
+
let verify;
|
|
103
|
+
if (this.scope.auth.options.type === 'local') { // TODO: fix
|
|
104
|
+
verify = jwks.verifyGatewayToken(token, this.state.required.baseUrl);
|
|
105
|
+
}
|
|
106
|
+
else {
|
|
107
|
+
const primary = this.scope.auth.options;
|
|
108
|
+
const issuer = this.scope.auth.issuer;
|
|
109
|
+
const providerRefs = [
|
|
110
|
+
{
|
|
111
|
+
id: primary.id ?? 'default',
|
|
112
|
+
issuerUrl: issuer,
|
|
113
|
+
jwks: primary.jwks,
|
|
114
|
+
jwksUri: primary.jwksUri,
|
|
115
|
+
},
|
|
116
|
+
];
|
|
117
|
+
verify = jwks.verifyTransparentToken(token, providerRefs);
|
|
118
|
+
}
|
|
119
|
+
const result = await verify;
|
|
120
|
+
if (result.ok) {
|
|
121
|
+
this.state.set({ jwtPayload: result.payload });
|
|
122
|
+
return;
|
|
123
|
+
}
|
|
124
|
+
this.respond({
|
|
125
|
+
kind: 'unauthorized',
|
|
126
|
+
prmMetadataHeader: this.state.required.prmMetadataHeader,
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
async deriveUser() {
|
|
130
|
+
this.state.set('user', (0, auth_token_utils_1.deriveTypedUser)(this.state.required.jwtPayload ?? {}));
|
|
131
|
+
}
|
|
132
|
+
/**
|
|
133
|
+
* Parse the session header (mcp-session-id)
|
|
134
|
+
* - If session id is present, validate it
|
|
135
|
+
* - If valid, capture the session info
|
|
136
|
+
* - If NOT valid, ignore (no session)
|
|
137
|
+
*/
|
|
138
|
+
async parseSessionHeader() {
|
|
139
|
+
const { sessionIdHeader, required: { token } } = this.state;
|
|
140
|
+
const session = (0, session_id_utils_1.parseSessionHeader)(sessionIdHeader, token);
|
|
141
|
+
if (session) {
|
|
142
|
+
this.state.set('session', session);
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
async buildAuthorizedOutput() {
|
|
146
|
+
const { required: { token, user }, session, } = this.state;
|
|
147
|
+
this.respond({
|
|
148
|
+
kind: 'authorized',
|
|
149
|
+
authorization: {
|
|
150
|
+
token,
|
|
151
|
+
user,
|
|
152
|
+
session,
|
|
153
|
+
},
|
|
154
|
+
});
|
|
155
|
+
}
|
|
156
|
+
};
|
|
157
|
+
tslib_1.__decorate([
|
|
158
|
+
Stage('parseInput'),
|
|
159
|
+
tslib_1.__metadata("design:type", Function),
|
|
160
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
161
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
162
|
+
], SessionVerifyFlow.prototype, "parseInput", null);
|
|
163
|
+
tslib_1.__decorate([
|
|
164
|
+
Stage('requireAuthorizationHeader', {
|
|
165
|
+
filter: ({ state }) => !state.authorizationHeader,
|
|
166
|
+
}),
|
|
167
|
+
tslib_1.__metadata("design:type", Function),
|
|
168
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
169
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
170
|
+
], SessionVerifyFlow.prototype, "requireAuthorizationOrChallenge", null);
|
|
171
|
+
tslib_1.__decorate([
|
|
172
|
+
Stage('verifyIfJwt'),
|
|
173
|
+
tslib_1.__metadata("design:type", Function),
|
|
174
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
175
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
176
|
+
], SessionVerifyFlow.prototype, "verifyIfJwt", null);
|
|
177
|
+
tslib_1.__decorate([
|
|
178
|
+
Stage('deriveUser'),
|
|
179
|
+
tslib_1.__metadata("design:type", Function),
|
|
180
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
181
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
182
|
+
], SessionVerifyFlow.prototype, "deriveUser", null);
|
|
183
|
+
tslib_1.__decorate([
|
|
184
|
+
Stage('parseSessionHeader'),
|
|
185
|
+
tslib_1.__metadata("design:type", Function),
|
|
186
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
187
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
188
|
+
], SessionVerifyFlow.prototype, "parseSessionHeader", null);
|
|
189
|
+
tslib_1.__decorate([
|
|
190
|
+
Stage('buildAuthorizedOutput'),
|
|
191
|
+
tslib_1.__metadata("design:type", Function),
|
|
192
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
193
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
194
|
+
], SessionVerifyFlow.prototype, "buildAuthorizedOutput", null);
|
|
195
|
+
SessionVerifyFlow = tslib_1.__decorate([
|
|
196
|
+
(0, common_1.Flow)({
|
|
197
|
+
name,
|
|
198
|
+
plan,
|
|
199
|
+
inputSchema,
|
|
200
|
+
outputSchema: exports.sessionVerifyOutputSchema,
|
|
201
|
+
access: 'authorized',
|
|
202
|
+
})
|
|
203
|
+
], SessionVerifyFlow);
|
|
204
|
+
exports.default = SessionVerifyFlow;
|
|
205
|
+
//# sourceMappingURL=session.verify.flow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.verify.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/session.verify.flow.ts"],"names":[],"mappings":";;;;AAAA,oCAAoC;AACpC,yCAMsB;AACtB,4BAA0B;AAC1B,6BAAsB;AACtB,8CAA0F;AAC1F,wEAI2C;AAC3C,kCAAqE;AACrE,wEAAqE;AAGrE,MAAM,WAAW,GAAG,+BAAsB,CAAC;AAE3C,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,mBAAmB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1C,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,mBAAmB;IAC3D,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,6BAA6B;IACrE,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACtC,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACxC,UAAU,EAAE,OAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;IACjD,IAAI,EAAE,wBAAe,CAAC,QAAQ,EAAE;IAChC,OAAO,EAAE,wBAAe,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,OAAC;KACzB,MAAM,CAAC;IACN,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,cAAc,CAAC;IAC/B,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,qCAAqC,CAAC;CAC9E,CAAC;KACD,QAAQ,CAAC,mFAAmF,CAAC,CAAC;AAEjG,MAAM,gBAAgB,GAAG,OAAC;KACvB,MAAM,CAAC;IACN,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,YAAY,CAAC;IAC7B,aAAa,EAAE,4BAAmB,CAAC,QAAQ,CAAC,8CAA8C,CAAC;CAC5F,CAAC;KACD,QAAQ,CAAC,gCAAgC,CAAC,CAAC;AAGjC,QAAA,yBAAyB,GAAG,OAAC,CAAC,KAAK,CAAC,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAEzF,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,CAAC,YAAY,EAAE,4BAA4B,EAAE,aAAa,CAAC;IAChE,OAAO,EAAE,CAAC,YAAY,EAAE,oBAAoB,EAAE,uBAAuB,CAAC;CACnC,CAAC;AActC,MAAM,IAAI,GAAG,gBAAyB,CAAC;AACvC,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AASjB,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,iBAAqB;IAI5D,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAC,OAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAChC,MAAM,SAAS,GAAG,IAAA,iCAAoB,EAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,IAAA,+BAAkB,EAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC3D,MAAM,OAAO,GAAG,IAAA,8BAAiB,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAEtD,MAAM,mBAAmB,GAAI,OAAO,CAAC,OAAO,EAAE,CAAC,eAAe,CAAwB,IAAI,SAAS,CAAC;QACpG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,gBAAgB,CAAuB,CAAC;QACtF,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,gBAAgB,CAAuB,CAAC;QACrF,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,CAAuB,CAAC;QAExE,MAAM,eAAe,GAAG,kBAAkB,IAAI,cAAc,IAAI,SAAS,CAAC;QAC1E,MAAM,eAAe,GAAG,mBAAmB;YACzC,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,eAAe;gBACf,CAAC,CAAC,iBAAiB;gBACnB,CAAC,CAAC,cAAc;oBACd,CAAC,CAAC,KAAK;oBACP,CAAC,CAAC,SAAS,CAAC;QAElB,MAAM,KAAK,GAAG,IAAA,qCAAkB,EAAC,mBAAmB,CAAC,CAAC;QAEtD,MAAM,eAAe,GAAG,wCAAwC,SAAS,GAAG,SAAS,EAAE,CAAC;QACxF,MAAM,iBAAiB,GAAG,6BAA6B,OAAO,GAAG,eAAe,GAAG,CAAC;QAEpF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;YACb,OAAO;YACP,mBAAmB;YACnB,KAAK;YACL,eAAe;YACf,eAAe;YACf,eAAe;YACf,iBAAiB;SAClB,CAAC,CAAC;IACL,CAAC;IAKK,AAAN,KAAK,CAAC,+BAA+B;QACnC,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACzD,CAAC,CAAC;IACL,CAAC;IAGD;;;;;;;OAOG;IAEG,AAAN,KAAK,CAAC,WAAW;QACf,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,kBAAW,CAAC,CAAC,CAAC,sBAAsB;QAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;QAExC,IAAI,CAAC,IAAA,wBAAK,EAAC,KAAK,CAAC,EAAE,CAAC;YAClB,wFAAwF;YACxF,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,cAAc;gBACpB,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,iBAAiB;aACzD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,oFAAoF;QACpF,IAAI,MAA6B,CAAC;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC,CAAC,YAAY;YAC1D,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEvE,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAA4B,CAAC;YAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;YACtC,MAAM,YAAY,GAAwB;gBACxC;oBACE,EAAE,EAAE,OAAO,CAAC,EAAE,IAAI,SAAS;oBAC3B,SAAS,EAAE,MAAM;oBACjB,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,OAAO,EAAE,OAAO,CAAC,OAAO;iBACzB;aACF,CAAC;YACF,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAC5D,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC;QAE5B,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAC,UAAU,EAAE,MAAM,CAAC,OAAO,EAAC,CAAC,CAAC;YAC7C,OAAO;QACT,CAAC;QACD,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACzD,CAAC,CAAC;IACL,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,IAAA,kCAAe,EAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC;IAChF,CAAC;IAED;;;;;OAKG;IAEG,AAAN,KAAK,CAAC,kBAAkB;QACtB,MAAM,EAAC,eAAe,EAAE,QAAQ,EAAE,EAAC,KAAK,EAAC,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC;QAExD,MAAM,OAAO,GAAG,IAAA,qCAAkB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;QAC3D,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAGK,AAAN,KAAK,CAAC,qBAAqB;QACzB,MAAM,EACJ,QAAQ,EAAE,EAAC,KAAK,EAAE,IAAI,EAAC,EACvB,OAAO,GACR,GAAG,IAAI,CAAC,KAAK,CAAC;QAEf,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,YAAY;YAClB,aAAa,EAAE;gBACb,KAAK;gBACL,IAAI;gBACJ,OAAO;aACR;SACF,CAAC,CAAC;IACL,CAAC;CAEF,CAAA;AAzIO;IADL,KAAK,CAAC,YAAY,CAAC;;;;mDAmCnB;AAKK;IAHL,KAAK,CAAC,4BAA4B,EAAE;QACnC,MAAM,EAAE,CAAC,EAAC,KAAK,EAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,mBAAmB;KAChD,CAAC;;;;wEAMD;AAYK;IADL,KAAK,CAAC,aAAa,CAAC;;;;oDA0CpB;AAGK;IADL,KAAK,CAAC,YAAY,CAAC;;;;mDAGnB;AASK;IADL,KAAK,CAAC,oBAAoB,CAAC;;;;2DAQ3B;AAGK;IADL,KAAK,CAAC,uBAAuB,CAAC;;;;8DAe9B;AA3IkB,iBAAiB;IAPrC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI;QACJ,WAAW;QACX,YAAY,EAAE,iCAAyB;QACvC,MAAM,EAAE,YAAY;KACrB,CAAC;GACmB,iBAAiB,CA6IrC;kBA7IoB,iBAAiB","sourcesContent":["// auth/flows/session.verify.flow.ts\nimport {\n authorizationSchema,\n Flow, FlowBase,\n FlowRunOptions,\n StageHookOf, userClaimSchema,\n RemoteAuthOptions, sessionIdSchema, httpRequestInputSchema, FlowPlan,\n} from '../../common';\nimport 'reflect-metadata';\nimport {z} from 'zod';\nimport {getRequestBaseUrl, normalizeEntryPrefix, normalizeScopeBase} from '../path.utils';\nimport {\n deriveTypedUser,\n extractBearerToken,\n isJwt,\n} from '../session/utils/auth-token.utils';\nimport {JwksService, ProviderVerifyRef, VerifyResult} from '../jwks';\nimport {parseSessionHeader} from '../session/utils/session-id.utils';\n\n\nconst inputSchema = httpRequestInputSchema;\n\nconst stateSchema = z.object({\n baseUrl: z.string().min(1),\n authorizationHeader: z.string().optional(),\n token: z.string().optional(),\n sessionIdHeader: z.string().optional(), // 'mcp-session-id'\n sessionProtocol: z.string().optional(), // 'sse/http/streamable-http'\n prmMetadataPath: z.string().optional(),\n prmMetadataHeader: z.string().optional(),\n jwtPayload: z.object({}).passthrough().optional(),\n user: userClaimSchema.optional(),\n session: sessionIdSchema.optional(),\n});\n\nconst UnauthorizedSchema = z\n .object({\n kind: z.literal('unauthorized'),\n prmMetadataHeader: z.string().describe('Path to protected resource metadata'),\n })\n .describe('401 Unauthorized with \\'WWW-Authenticate\\' header for requesting authentication\\'');\n\nconst AuthorizedSchema = z\n .object({\n kind: z.literal('authorized'),\n authorization: authorizationSchema.describe('Session information if session id is present'),\n })\n .describe('Authorized session information');\n\n\nexport const sessionVerifyOutputSchema = z.union([UnauthorizedSchema, AuthorizedSchema]);\n\nconst plan = {\n pre: ['parseInput', 'requireAuthorizationHeader', 'verifyIfJwt'],\n execute: ['deriveUser', 'parseSessionHeader', 'buildAuthorizedOutput'],\n} as const satisfies FlowPlan<string>;\n\ndeclare global {\n interface ExtendFlows {\n 'session:verify': FlowRunOptions<\n SessionVerifyFlow,\n typeof plan,\n typeof inputSchema,\n typeof sessionVerifyOutputSchema,\n typeof stateSchema\n >;\n }\n}\n\nconst name = 'session:verify' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan,\n inputSchema,\n outputSchema: sessionVerifyOutputSchema,\n access: 'authorized',\n})\nexport default class SessionVerifyFlow extends FlowBase<typeof name> {\n\n\n @Stage('parseInput')\n async parseInput() {\n const {request} = this.rawInput;\n const entryPath = normalizeEntryPrefix(this.scope.entryPath);\n const routeBase = normalizeScopeBase(this.scope.routeBase);\n const baseUrl = getRequestBaseUrl(request, entryPath);\n\n const authorizationHeader = (request.headers?.['authorization'] as string | undefined) ?? undefined;\n const httpTransportHeader = request.headers?.['http-transport'] as string | undefined;\n const sessionIdRawHeader = request.headers?.['mcp-session-id'] as string | undefined;\n const sessionIdQuery = request.query['sessionId'] as string | undefined;\n\n const sessionIdHeader = sessionIdRawHeader ?? sessionIdQuery ?? undefined;\n const sessionProtocol = httpTransportHeader\n ? 'http'\n : sessionIdHeader\n ? 'streamable-http'\n : sessionIdQuery\n ? 'sse'\n : undefined;\n\n const token = extractBearerToken(authorizationHeader);\n\n const prmMetadataPath = `/.well-known/oauth-protected-resource${entryPath}${routeBase}`;\n const prmMetadataHeader = `Bearer resource_metadata=\"${baseUrl}${prmMetadataPath}\"`;\n\n this.state.set({\n baseUrl,\n authorizationHeader,\n token,\n sessionIdHeader,\n sessionProtocol,\n prmMetadataPath,\n prmMetadataHeader,\n });\n }\n\n @Stage('requireAuthorizationHeader', {\n filter: ({state}) => !state.authorizationHeader,\n })\n async requireAuthorizationOrChallenge() {\n this.respond({\n kind: 'unauthorized',\n prmMetadataHeader: this.state.required.prmMetadataHeader,\n });\n }\n\n\n /**\n * If Authorization is a JWT:\n * - Attempt verification against any known / cached public keys we have (gateway/local)\n * - If verification fails → 401\n * - If verification ok → capture payload\n * If NOT a JWT:\n * - we do NOT attempt verification, just pass the raw token through\n */\n @Stage('verifyIfJwt')\n async verifyIfJwt() {\n const jwks = this.get(JwksService); // TODO: fix providers\n const token = this.state.required.token;\n\n if (!isJwt(token)) {\n // Non-JWT tokens are passed through; user will be mostly empty (the best effort later).\n this.respond({\n kind: 'unauthorized',\n prmMetadataHeader: this.state.required.prmMetadataHeader,\n });\n return;\n }\n\n // Best-effort verification using locally known keys (gateway/local provider cache).\n let verify: Promise<VerifyResult>;\n if (this.scope.auth.options.type === 'local') { // TODO: fix\n verify = jwks.verifyGatewayToken(token, this.state.required.baseUrl);\n\n } else {\n const primary = this.scope.auth.options as RemoteAuthOptions;\n const issuer = this.scope.auth.issuer;\n const providerRefs: ProviderVerifyRef[] = [\n {\n id: primary.id ?? 'default',\n issuerUrl: issuer,\n jwks: primary.jwks,\n jwksUri: primary.jwksUri,\n },\n ];\n verify = jwks.verifyTransparentToken(token, providerRefs);\n }\n const result = await verify;\n\n if (result.ok) {\n this.state.set({jwtPayload: result.payload});\n return;\n }\n this.respond({\n kind: 'unauthorized',\n prmMetadataHeader: this.state.required.prmMetadataHeader,\n });\n }\n\n @Stage('deriveUser')\n async deriveUser() {\n this.state.set('user', deriveTypedUser(this.state.required.jwtPayload ?? {}));\n }\n\n /**\n * Parse the session header (mcp-session-id)\n * - If session id is present, validate it\n * - If valid, capture the session info\n * - If NOT valid, ignore (no session)\n */\n @Stage('parseSessionHeader')\n async parseSessionHeader() {\n const {sessionIdHeader, required: {token}} = this.state;\n\n const session = parseSessionHeader(sessionIdHeader, token);\n if (session) {\n this.state.set('session', session);\n }\n }\n\n @Stage('buildAuthorizedOutput')\n async buildAuthorizedOutput() {\n const {\n required: {token, user},\n session,\n } = this.state;\n\n this.respond({\n kind: 'authorized',\n authorization: {\n token,\n user,\n session,\n },\n });\n }\n\n}\n"]}
|