@frontmcp/sdk 0.2.5 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +81 -99
- package/package.json +24 -2
- package/src/adapter/adapter.instance.d.ts +11 -0
- package/src/adapter/adapter.instance.js +65 -0
- package/src/adapter/adapter.instance.js.map +1 -0
- package/src/adapter/adapter.regsitry.d.ts +13 -0
- package/src/adapter/adapter.regsitry.js +54 -0
- package/src/adapter/adapter.regsitry.js.map +1 -0
- package/src/adapter/adapter.utils.d.ts +10 -0
- package/src/adapter/adapter.utils.js +83 -0
- package/src/adapter/adapter.utils.js.map +1 -0
- package/src/app/app.registry.d.ts +12 -0
- package/src/app/app.registry.js +64 -0
- package/src/app/app.registry.js.map +1 -0
- package/src/app/app.utils.d.ts +15 -0
- package/src/app/app.utils.js +58 -0
- package/src/app/app.utils.js.map +1 -0
- package/src/app/instances/app.local.instance.d.ts +25 -0
- package/src/app/instances/app.local.instance.js +70 -0
- package/src/app/instances/app.local.instance.js.map +1 -0
- package/src/app/instances/app.remote.instance.d.ts +13 -0
- package/src/app/instances/app.remote.instance.js +36 -0
- package/src/app/instances/app.remote.instance.js.map +1 -0
- package/src/app/instances/index.d.ts +2 -0
- package/src/app/instances/index.js +6 -0
- package/src/app/instances/index.js.map +1 -0
- package/src/auth/auth.registry.d.ts +13 -0
- package/src/auth/auth.registry.js +81 -0
- package/src/auth/auth.registry.js.map +1 -0
- package/src/auth/auth.utils.d.ts +10 -0
- package/src/auth/auth.utils.js +85 -0
- package/src/auth/auth.utils.js.map +1 -0
- package/src/auth/flows/oauth.authorize.flow.d.ts +231 -0
- package/src/auth/flows/oauth.authorize.flow.js +154 -0
- package/src/auth/flows/oauth.authorize.flow.js.map +1 -0
- package/src/auth/flows/oauth.register.flow.d.ts +202 -0
- package/src/auth/flows/oauth.register.flow.js +201 -0
- package/src/auth/flows/oauth.register.flow.js.map +1 -0
- package/src/auth/flows/oauth.token.flow.d.ts +242 -0
- package/src/auth/flows/oauth.token.flow.js +181 -0
- package/src/auth/flows/oauth.token.flow.js.map +1 -0
- package/src/auth/flows/session.verify.flow.d.ts +404 -0
- package/src/auth/flows/session.verify.flow.js +205 -0
- package/src/auth/flows/session.verify.flow.js.map +1 -0
- package/src/auth/flows/well-known.jwks.flow.d.ts +261 -0
- package/src/auth/flows/well-known.jwks.flow.js +82 -0
- package/src/auth/flows/well-known.jwks.flow.js.map +1 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.d.ts +282 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js +123 -0
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +1 -0
- package/src/auth/flows/well-known.prm.flow.d.ts +159 -0
- package/src/auth/flows/well-known.prm.flow.js +107 -0
- package/src/auth/flows/well-known.prm.flow.js.map +1 -0
- package/src/auth/instances/instance.local-primary-auth.d.ts +19 -0
- package/src/auth/instances/instance.local-primary-auth.js +76 -0
- package/src/auth/instances/instance.local-primary-auth.js.map +1 -0
- package/src/auth/instances/instance.remote-primary-auth.d.ts +14 -0
- package/src/auth/instances/instance.remote-primary-auth.js +47 -0
- package/src/auth/instances/instance.remote-primary-auth.js.map +1 -0
- package/src/auth/jwks/index.d.ts +2 -0
- package/src/auth/jwks/index.js +6 -0
- package/src/auth/jwks/index.js.map +1 -0
- package/src/auth/jwks/jwks.service.d.ts +41 -0
- package/src/auth/jwks/jwks.service.js +235 -0
- package/src/auth/jwks/jwks.service.js.map +1 -0
- package/src/auth/jwks/jwks.types.d.ts +25 -0
- package/src/auth/jwks/jwks.types.js +3 -0
- package/src/auth/jwks/jwks.types.js.map +1 -0
- package/src/auth/jwks/jwks.utils.d.ts +4 -0
- package/src/auth/jwks/jwks.utils.js +32 -0
- package/src/auth/jwks/jwks.utils.js.map +1 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.d.ts +31 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.js +33 -0
- package/src/auth/oauth/flows/oauth.authorize.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.d.ts +46 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js +48 -0
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.d.ts +26 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.js +28 -0
- package/src/auth/oauth/flows/oauth.introspect.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.par.flow.d.ts +27 -0
- package/src/auth/oauth/flows/oauth.par.flow.js +29 -0
- package/src/auth/oauth/flows/oauth.par.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.d.ts +25 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.js +27 -0
- package/src/auth/oauth/flows/oauth.revoke.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.token.flow.d.ts +57 -0
- package/src/auth/oauth/flows/oauth.token.flow.js +59 -0
- package/src/auth/oauth/flows/oauth.token.flow.js.map +1 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.d.ts +22 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.js +24 -0
- package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +1 -0
- package/src/auth/oauth/flows/oidc.logout.flow.d.ts +18 -0
- package/src/auth/oauth/flows/oidc.logout.flow.js +20 -0
- package/src/auth/oauth/flows/oidc.logout.flow.js.map +1 -0
- package/src/auth/path.utils.d.ts +20 -0
- package/src/auth/path.utils.js +71 -0
- package/src/auth/path.utils.js.map +1 -0
- package/src/auth/session/index.d.ts +4 -0
- package/src/auth/session/index.js +10 -0
- package/src/auth/session/index.js.map +1 -0
- package/src/auth/session/record/session.base.d.ts +103 -0
- package/src/auth/session/record/session.base.js +123 -0
- package/src/auth/session/record/session.base.js.map +1 -0
- package/src/auth/session/record/session.stateful.d.ts +20 -0
- package/src/auth/session/record/session.stateful.js +55 -0
- package/src/auth/session/record/session.stateful.js.map +1 -0
- package/src/auth/session/record/session.stateless.d.ts +17 -0
- package/src/auth/session/record/session.stateless.js +30 -0
- package/src/auth/session/record/session.stateless.js.map +1 -0
- package/src/auth/session/record/session.transparent.d.ts +17 -0
- package/src/auth/session/record/session.transparent.js +22 -0
- package/src/auth/session/record/session.transparent.js.map +1 -0
- package/src/auth/session/session.crypto.d.ts +7 -0
- package/src/auth/session/session.crypto.js +47 -0
- package/src/auth/session/session.crypto.js.map +1 -0
- package/src/auth/session/session.schema.d.ts +5 -0
- package/src/auth/session/session.schema.js +13 -0
- package/src/auth/session/session.schema.js.map +1 -0
- package/src/auth/session/session.service.d.ts +17 -0
- package/src/auth/session/session.service.js +111 -0
- package/src/auth/session/session.service.js.map +1 -0
- package/src/auth/session/session.transport.d.ts +4 -0
- package/src/auth/session/session.transport.js +20 -0
- package/src/auth/session/session.transport.js.map +1 -0
- package/src/auth/session/session.types.d.ts +65 -0
- package/src/auth/session/session.types.js +4 -0
- package/src/auth/session/session.types.js.map +1 -0
- package/src/auth/session/token.refresh.d.ts +60 -0
- package/src/auth/session/token.refresh.js +63 -0
- package/src/auth/session/token.refresh.js.map +1 -0
- package/src/auth/session/token.store.d.ts +35 -0
- package/src/auth/session/token.store.js +53 -0
- package/src/auth/session/token.store.js.map +1 -0
- package/src/auth/session/token.vault.d.ts +26 -0
- package/src/auth/session/token.vault.js +54 -0
- package/src/auth/session/token.vault.js.map +1 -0
- package/src/auth/session/utils/auth-token.utils.d.ts +11 -0
- package/src/auth/session/utils/auth-token.utils.js +57 -0
- package/src/auth/session/utils/auth-token.utils.js.map +1 -0
- package/src/auth/session/utils/session-id.utils.d.ts +17 -0
- package/src/auth/session/utils/session-id.utils.js +129 -0
- package/src/auth/session/utils/session-id.utils.js.map +1 -0
- package/src/auth/session/utils/tiny-ttl-cache.d.ts +7 -0
- package/src/auth/session/utils/tiny-ttl-cache.js +26 -0
- package/src/auth/session/utils/tiny-ttl-cache.js.map +1 -0
- package/src/common/common.schema.d.ts +29 -0
- package/src/common/common.schema.js +35 -0
- package/src/common/common.schema.js.map +1 -0
- package/src/common/constants.d.ts +2 -0
- package/src/common/constants.js +8 -0
- package/src/common/constants.js.map +1 -0
- package/src/common/decorators/adapter.decorator.js.map +1 -0
- package/src/common/decorators/app.decorator.js.map +1 -0
- package/src/common/decorators/auth-provider.decorator.js.map +1 -0
- package/src/common/decorators/flow.decorator.js.map +1 -0
- package/src/common/decorators/front-mcp.decorator.js +40 -0
- package/src/common/decorators/front-mcp.decorator.js.map +1 -0
- package/src/common/decorators/hook.decorator.js.map +1 -0
- package/src/common/decorators/index.js.map +1 -0
- package/src/common/decorators/logger.decorator.js.map +1 -0
- package/src/common/decorators/plugin.decorator.js.map +1 -0
- package/src/common/decorators/prompt.decorator.js.map +1 -0
- package/src/common/decorators/provider.decorator.js.map +1 -0
- package/src/common/decorators/resource.decorator.js.map +1 -0
- package/src/common/decorators/tool.decorator.d.ts +42 -0
- package/src/common/decorators/tool.decorator.js +46 -0
- package/src/common/decorators/tool.decorator.js.map +1 -0
- package/src/common/decorators-old/async-with.decorator.d.ts +10 -0
- package/src/common/decorators-old/async-with.decorator.js +24 -0
- package/src/common/decorators-old/async-with.decorator.js.map +1 -0
- package/src/common/decorators-old/auth-hook.decorator.js.map +1 -0
- package/src/common/decorators-old/session-hook.decorator.js.map +1 -0
- package/src/common/dynamic/dynamic.adapter.js.map +1 -0
- package/src/common/dynamic/dynamic.plugin.js.map +1 -0
- package/src/common/dynamic/dynamic.utils.d.ts +3 -0
- package/src/common/dynamic/dynamic.utils.js.map +1 -0
- package/src/common/dynamic/index.js.map +1 -0
- package/src/common/entries/adapter.entry.js.map +1 -0
- package/src/common/entries/app.entry.d.ts +13 -0
- package/src/common/entries/app.entry.js.map +1 -0
- package/src/common/entries/auth-provider.entry.js.map +1 -0
- package/src/common/entries/base.entry.js.map +1 -0
- package/src/common/entries/flow.entry.js.map +1 -0
- package/src/common/entries/hook.entry.js.map +1 -0
- package/src/common/entries/index.js.map +1 -0
- package/src/common/entries/logger.entry.js.map +1 -0
- package/src/common/entries/plugin.entry.js.map +1 -0
- package/src/common/entries/prompt.entry.js.map +1 -0
- package/src/common/entries/provider.entry.js.map +1 -0
- package/src/common/entries/resource.entry.js.map +1 -0
- package/src/common/entries/scope.entry.js.map +1 -0
- package/src/common/entries/tool.entry.js.map +1 -0
- package/src/common/index.d.ts +17 -0
- package/src/common/index.js +21 -0
- package/src/common/index.js.map +1 -0
- package/src/common/interfaces/adapter.interface.js.map +1 -0
- package/src/common/interfaces/app.interface.js.map +1 -0
- package/src/common/interfaces/auth-hook.interface.js.map +1 -0
- package/src/common/interfaces/auth-provider.interface.js.map +1 -0
- package/src/common/interfaces/base.interface.js.map +1 -0
- package/src/common/interfaces/flow.interface.d.ts +41 -0
- package/src/common/interfaces/flow.interface.js.map +1 -0
- package/src/common/interfaces/front-mcp.interface.js.map +1 -0
- package/src/common/interfaces/hook.interface.js.map +1 -0
- package/src/common/interfaces/index.js.map +1 -0
- package/src/common/interfaces/internal/flow.utils.d.ts +23 -0
- package/src/common/interfaces/internal/flow.utils.js.map +1 -0
- package/src/common/interfaces/internal/index.js.map +1 -0
- package/src/common/interfaces/internal/primary-auth-provider.interface.d.ts +24 -0
- package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +1 -0
- package/src/common/interfaces/internal/registry.interface.d.ts +95 -0
- package/src/common/interfaces/internal/registry.interface.js.map +1 -0
- package/src/common/interfaces/logger.interface.js.map +1 -0
- package/src/common/interfaces/plugin.interface.js.map +1 -0
- package/src/common/interfaces/prompt.interface.js.map +1 -0
- package/src/common/interfaces/provider.interface.js.map +1 -0
- package/src/common/interfaces/resource.interface.js.map +1 -0
- package/src/common/interfaces/scope.interface.js.map +1 -0
- package/src/common/interfaces/server.interface.js.map +1 -0
- package/src/common/interfaces/session-hook.interface.js.map +1 -0
- package/src/common/interfaces/tool-hook.interface.js.map +1 -0
- package/src/common/interfaces/tool.interface.js.map +1 -0
- package/src/common/metadata/adapter.metadata.js.map +1 -0
- package/src/common/metadata/app.metadata.d.ts +872 -0
- package/src/common/metadata/app.metadata.js.map +1 -0
- package/src/common/metadata/auth-provider.metadata.js.map +1 -0
- package/src/common/metadata/flow.metadata.d.ts +77 -0
- package/src/common/metadata/flow.metadata.js.map +1 -0
- package/src/common/metadata/front-mcp.metadata.d.ts +1144 -0
- package/src/common/metadata/front-mcp.metadata.js.map +1 -0
- package/src/common/metadata/hook.metadata.js.map +1 -0
- package/src/common/metadata/index.js.map +1 -0
- package/src/common/metadata/logger.metadata.js.map +1 -0
- package/src/common/metadata/plugin.metadata.js.map +1 -0
- package/src/common/metadata/prompt.metadata.js.map +1 -0
- package/src/common/metadata/provider.metadata.js.map +1 -0
- package/src/common/metadata/resource.metadata.js.map +1 -0
- package/src/common/metadata/tool.metadata.d.ts +178 -0
- package/src/common/metadata/tool.metadata.js.map +1 -0
- package/src/common/providers/session.provider.js.map +1 -0
- package/src/common/records/adapter.record.js.map +1 -0
- package/src/common/records/app.record.js.map +1 -0
- package/src/common/records/auth-provider.record.js.map +1 -0
- package/src/common/records/flow.record.js.map +1 -0
- package/src/common/records/hook.record.js.map +1 -0
- package/src/common/records/index.js.map +1 -0
- package/src/common/records/logger.record.d.ts +11 -0
- package/src/common/records/logger.record.js.map +1 -0
- package/src/common/records/plugin.record.js.map +1 -0
- package/src/common/records/prompt.record.js.map +1 -0
- package/src/common/records/provider.record.js.map +1 -0
- package/src/common/records/resource.record.js.map +1 -0
- package/src/common/records/scope.record.js.map +1 -0
- package/src/common/records/tool.record.js.map +1 -0
- package/src/common/schemas/annotated-class.schema.js.map +1 -0
- package/src/common/schemas/http-input.schema.js.map +1 -0
- package/src/common/schemas/http-output.schema.d.ts +2011 -0
- package/src/common/schemas/http-output.schema.js.map +1 -0
- package/src/common/schemas/index.js.map +1 -0
- package/src/common/tokens/adapter.tokens.js.map +1 -0
- package/src/common/tokens/app.tokens.js.map +1 -0
- package/src/common/tokens/auth-provider.tokens.js.map +1 -0
- package/src/common/tokens/base.tokens.js.map +1 -0
- package/src/common/tokens/flow-hook.tokens.js.map +1 -0
- package/src/common/tokens/flow.tokens.js.map +1 -0
- package/src/common/tokens/front-mcp.tokens.js.map +1 -0
- package/src/common/tokens/index.js.map +1 -0
- package/src/common/tokens/logger.tokens.js.map +1 -0
- package/src/common/tokens/plugin.tokens.js.map +1 -0
- package/src/common/tokens/prompt.tokens.js.map +1 -0
- package/src/common/tokens/provider.tokens.js.map +1 -0
- package/src/common/tokens/resource.tokens.js.map +1 -0
- package/src/common/tokens/server.tokens.js.map +1 -0
- package/src/common/tokens/tool.tokens.js.map +1 -0
- package/src/common/types/auth/index.js.map +1 -0
- package/src/common/types/auth/jwt.types.js.map +1 -0
- package/src/common/types/auth/session.types.d.ts +263 -0
- package/src/common/types/auth/session.types.js.map +1 -0
- package/src/common/types/common.types.js.map +1 -0
- package/src/common/types/index.js.map +1 -0
- package/src/common/types/options/auth.options.d.ts +513 -0
- package/src/common/types/options/auth.options.js.map +1 -0
- package/src/common/types/options/http.options.js.map +1 -0
- package/src/common/types/options/index.js.map +1 -0
- package/src/common/types/options/logging.options.d.ts +39 -0
- package/src/common/types/options/logging.options.js.map +1 -0
- package/src/common/types/options/server-info.options.d.ts +48 -0
- package/src/common/types/options/server-info.options.js.map +1 -0
- package/src/common/types/options/session.options.d.ts +67 -0
- package/src/common/types/options/session.options.js.map +1 -0
- package/src/common/utils/decide-request-intent.utils.d.ts +79 -0
- package/src/common/utils/decide-request-intent.utils.js.map +1 -0
- package/src/common/utils/index.js.map +1 -0
- package/src/common/utils/path.utils.d.ts +20 -0
- package/src/common/utils/path.utils.js.map +1 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.d.ts +3 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.js +11 -0
- package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +1 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.d.ts +5 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +15 -0
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +1 -0
- package/src/flows/flow.instance.d.ts +16 -0
- package/src/flows/flow.instance.js +332 -0
- package/src/flows/flow.instance.js.map +1 -0
- package/src/flows/flow.registry.d.ts +14 -0
- package/src/flows/flow.registry.js +79 -0
- package/src/flows/flow.registry.js.map +1 -0
- package/src/flows/flow.stages.d.ts +12 -0
- package/src/flows/flow.stages.js +110 -0
- package/src/flows/flow.stages.js.map +1 -0
- package/src/flows/flow.utils.d.ts +8 -0
- package/src/flows/flow.utils.js +36 -0
- package/src/flows/flow.utils.js.map +1 -0
- package/src/front-mcp/front-mcp.d.ts +12 -0
- package/src/front-mcp/front-mcp.js +44 -0
- package/src/front-mcp/front-mcp.js.map +1 -0
- package/src/front-mcp/front-mcp.providers.d.ts +198 -0
- package/src/front-mcp/front-mcp.providers.js +30 -0
- package/src/front-mcp/front-mcp.providers.js.map +1 -0
- package/src/front-mcp/front-mcp.tokens.d.ts +2 -0
- package/src/front-mcp/front-mcp.tokens.js +5 -0
- package/src/front-mcp/front-mcp.tokens.js.map +1 -0
- package/src/front-mcp/index.d.ts +1 -0
- package/src/front-mcp/index.js +5 -0
- package/src/front-mcp/index.js.map +1 -0
- package/src/hooks/hook.instance.d.ts +7 -0
- package/src/hooks/hook.instance.js +23 -0
- package/src/hooks/hook.instance.js.map +1 -0
- package/src/hooks/hook.registry.d.ts +34 -0
- package/src/hooks/hook.registry.js +138 -0
- package/src/hooks/hook.registry.js.map +1 -0
- package/src/hooks/hooks.utils.d.ts +3 -0
- package/src/hooks/hooks.utils.js +27 -0
- package/src/hooks/hooks.utils.js.map +1 -0
- package/src/index.d.ts +21 -18
- package/src/index.js +9 -18
- package/src/index.js.map +1 -1
- package/src/logger/instances/instance.console-logger.d.ts +10 -0
- package/src/logger/instances/instance.console-logger.js +75 -0
- package/src/logger/instances/instance.console-logger.js.map +1 -0
- package/src/logger/instances/instance.logger.d.ts +24 -0
- package/src/logger/instances/instance.logger.js +77 -0
- package/src/logger/instances/instance.logger.js.map +1 -0
- package/src/logger/logger.registry.d.ts +13 -0
- package/src/logger/logger.registry.js +91 -0
- package/src/logger/logger.registry.js.map +1 -0
- package/src/logger/logger.tokens.d.ts +1 -0
- package/src/logger/logger.tokens.js +3 -0
- package/src/logger/logger.tokens.js.map +1 -0
- package/src/logger/logger.types.d.ts +10 -0
- package/src/logger/logger.types.js +8 -0
- package/src/logger/logger.types.js.map +1 -0
- package/src/logger/logger.utils.d.ts +15 -0
- package/src/logger/logger.utils.js +42 -0
- package/src/logger/logger.utils.js.map +1 -0
- package/src/plugin/plugin.registry.d.ts +24 -0
- package/src/plugin/plugin.registry.js +137 -0
- package/src/plugin/plugin.registry.js.map +1 -0
- package/src/plugin/plugin.utils.d.ts +10 -0
- package/src/plugin/plugin.utils.js +88 -0
- package/src/plugin/plugin.utils.js.map +1 -0
- package/src/prompt/prompt.registry.d.ts +16 -0
- package/src/prompt/prompt.registry.js +34 -0
- package/src/prompt/prompt.registry.js.map +1 -0
- package/src/provider/provider.registry.d.ts +75 -0
- package/src/provider/provider.registry.js +679 -0
- package/src/provider/provider.registry.js.map +1 -0
- package/src/provider/provider.types.d.ts +9 -0
- package/src/provider/provider.types.js +3 -0
- package/src/provider/provider.types.js.map +1 -0
- package/src/provider/provider.utils.d.ts +13 -0
- package/src/provider/provider.utils.js +103 -0
- package/src/provider/provider.utils.js.map +1 -0
- package/src/regsitry/index.d.ts +1 -0
- package/src/regsitry/index.js +5 -0
- package/src/regsitry/index.js.map +1 -0
- package/src/regsitry/registry.base.d.ts +25 -0
- package/src/regsitry/registry.base.js +32 -0
- package/src/regsitry/registry.base.js.map +1 -0
- package/src/resource/resource.registry.d.ts +15 -0
- package/src/resource/resource.registry.js +31 -0
- package/src/resource/resource.registry.js.map +1 -0
- package/src/scope/flows/http.request.flow.d.ts +384 -0
- package/src/scope/flows/http.request.flow.js +210 -0
- package/src/scope/flows/http.request.flow.js.map +1 -0
- package/src/scope/index.d.ts +1 -0
- package/src/scope/index.js +6 -0
- package/src/scope/index.js.map +1 -0
- package/src/scope/scope.instance.d.ts +35 -0
- package/src/scope/scope.instance.js +120 -0
- package/src/scope/scope.instance.js.map +1 -0
- package/src/scope/scope.registry.d.ts +10 -0
- package/src/scope/scope.registry.js +93 -0
- package/src/scope/scope.registry.js.map +1 -0
- package/src/scope/scope.utils.d.ts +13 -0
- package/src/scope/scope.utils.js +59 -0
- package/src/scope/scope.utils.js.map +1 -0
- package/src/server/adapters/base.host.adapter.d.ts +7 -0
- package/src/server/adapters/base.host.adapter.js +8 -0
- package/src/server/adapters/base.host.adapter.js.map +1 -0
- package/src/server/adapters/express.host.adapter.d.ts +12 -0
- package/src/server/adapters/express.host.adapter.js +50 -0
- package/src/server/adapters/express.host.adapter.js.map +1 -0
- package/src/server/server.instance.d.ts +12 -0
- package/src/server/server.instance.js +47 -0
- package/src/server/server.instance.js.map +1 -0
- package/src/server/server.types.d.ts +24 -0
- package/src/server/server.types.js +3 -0
- package/src/server/server.types.js.map +1 -0
- package/src/server/server.validation.d.ts +2 -0
- package/src/server/server.validation.js +192 -0
- package/src/server/server.validation.js.map +1 -0
- package/src/store/adapters/store.base.adapter.d.ts +21 -0
- package/src/store/adapters/store.base.adapter.js +16 -0
- package/src/store/adapters/store.base.adapter.js.map +1 -0
- package/src/store/adapters/store.memory.adapter.d.ts +26 -0
- package/src/store/adapters/store.memory.adapter.js +87 -0
- package/src/store/adapters/store.memory.adapter.js.map +1 -0
- package/src/store/adapters/store.redis.adapter.d.ts +33 -0
- package/src/store/adapters/store.redis.adapter.js +104 -0
- package/src/store/adapters/store.redis.adapter.js.map +1 -0
- package/src/store/index.d.ts +8 -0
- package/src/store/index.js +12 -0
- package/src/store/index.js.map +1 -0
- package/src/store/store.helpers.d.ts +9 -0
- package/src/store/store.helpers.js +67 -0
- package/src/store/store.helpers.js.map +1 -0
- package/src/store/store.registry.d.ts +13 -0
- package/src/store/store.registry.js +37 -0
- package/src/store/store.registry.js.map +1 -0
- package/src/store/store.tokens.d.ts +3 -0
- package/src/store/store.tokens.js +7 -0
- package/src/store/store.tokens.js.map +1 -0
- package/src/store/store.types.d.ts +64 -0
- package/src/store/store.types.js +11 -0
- package/src/store/store.types.js.map +1 -0
- package/src/store/store.utils.d.ts +8 -0
- package/src/store/store.utils.js +18 -0
- package/src/store/store.utils.js.map +1 -0
- package/src/tool/flows/call-tool.flow.d.ts +875 -0
- package/src/tool/flows/call-tool.flow.js +249 -0
- package/src/tool/flows/call-tool.flow.js.map +1 -0
- package/src/tool/flows/tools-list.flow.d.ts +771 -0
- package/src/tool/flows/tools-list.flow.js +149 -0
- package/src/tool/flows/tools-list.flow.js.map +1 -0
- package/src/tool/tool.events.d.ts +17 -0
- package/src/tool/tool.events.js +16 -0
- package/src/tool/tool.events.js.map +1 -0
- package/src/tool/tool.instance.d.ts +15 -0
- package/src/tool/tool.instance.js +68 -0
- package/src/tool/tool.instance.js.map +1 -0
- package/src/tool/tool.registry.d.ts +72 -0
- package/src/tool/tool.registry.js +339 -0
- package/src/tool/tool.registry.js.map +1 -0
- package/src/tool/tool.types.d.ts +25 -0
- package/src/tool/tool.types.js +10 -0
- package/src/tool/tool.types.js.map +1 -0
- package/src/tool/tool.utils.d.ts +20 -0
- package/src/tool/tool.utils.js +157 -0
- package/src/tool/tool.utils.js.map +1 -0
- package/src/transport/adapters/transport.local.adapter.d.ts +41 -0
- package/src/transport/adapters/transport.local.adapter.js +127 -0
- package/src/transport/adapters/transport.local.adapter.js.map +1 -0
- package/src/transport/adapters/transport.sse.adapter.d.ts +14 -0
- package/src/transport/adapters/transport.sse.adapter.js +63 -0
- package/src/transport/adapters/transport.sse.adapter.js.map +1 -0
- package/src/transport/adapters/transport.streamable-http.adapter.d.ts +13 -0
- package/src/transport/adapters/transport.streamable-http.adapter.js +65 -0
- package/src/transport/adapters/transport.streamable-http.adapter.js.map +1 -0
- package/src/transport/flows/handle.sse.flow.d.ts +92 -0
- package/src/transport/flows/handle.sse.flow.js +129 -0
- package/src/transport/flows/handle.sse.flow.js.map +1 -0
- package/src/transport/flows/handle.streamable-http.flow.d.ts +93 -0
- package/src/transport/flows/handle.streamable-http.flow.js +125 -0
- package/src/transport/flows/handle.streamable-http.flow.js.map +1 -0
- package/src/transport/legacy/legacy.sse.tranporter.d.ts +75 -0
- package/src/transport/legacy/legacy.sse.tranporter.js +170 -0
- package/src/transport/legacy/legacy.sse.tranporter.js.map +1 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.d.ts +3 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +14 -0
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +1 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.d.ts +3 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.js +15 -0
- package/src/transport/mcp-handlers/call-tool-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/index.d.ts +521 -0
- package/src/transport/mcp-handlers/index.js +20 -0
- package/src/transport/mcp-handlers/index.js.map +1 -0
- package/src/transport/mcp-handlers/initialize-request.handler.d.ts +3 -0
- package/src/transport/mcp-handlers/initialize-request.handler.js +33 -0
- package/src/transport/mcp-handlers/initialize-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.d.ts +285 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.js +11 -0
- package/src/transport/mcp-handlers/list-tools-request.handler.js.map +1 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.d.ts +37 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.js +3 -0
- package/src/transport/mcp-handlers/mcp-handlers.types.js.map +1 -0
- package/src/transport/transport.error.d.ts +4 -0
- package/src/transport/transport.error.js +25 -0
- package/src/transport/transport.error.js.map +1 -0
- package/src/transport/transport.event-store.d.ts +10 -0
- package/src/transport/transport.event-store.js +36 -0
- package/src/transport/transport.event-store.js.map +1 -0
- package/src/transport/transport.local.d.ts +17 -0
- package/src/transport/transport.local.js +65 -0
- package/src/transport/transport.local.js.map +1 -0
- package/src/transport/transport.registry.d.ts +23 -0
- package/src/transport/transport.registry.js +138 -0
- package/src/transport/transport.registry.js.map +1 -0
- package/src/transport/transport.remote.d.ts +15 -0
- package/src/transport/transport.remote.js +31 -0
- package/src/transport/transport.remote.js.map +1 -0
- package/src/transport/transport.types.d.ts +54 -0
- package/src/transport/transport.types.js +3 -0
- package/src/transport/transport.types.js.map +1 -0
- package/src/types/drinen-hooks.types.d.ts +20 -0
- package/src/types/drinen-hooks.types.js +3 -0
- package/src/types/drinen-hooks.types.js.map +1 -0
- package/src/types/invoke.type.d.ts +15 -0
- package/src/types/invoke.type.js +34 -0
- package/src/types/invoke.type.js.map +1 -0
- package/src/types/token.types.d.ts +1 -0
- package/src/types/token.types.js +3 -0
- package/src/types/token.types.js.map +1 -0
- package/src/utils/metadata.utils.d.ts +5 -0
- package/src/utils/metadata.utils.js +26 -0
- package/src/utils/metadata.utils.js.map +1 -0
- package/src/utils/server.utils.d.ts +19 -0
- package/src/utils/server.utils.js +59 -0
- package/src/utils/server.utils.js.map +1 -0
- package/src/utils/string.utils.d.ts +1 -0
- package/src/utils/string.utils.js +10 -0
- package/src/utils/string.utils.js.map +1 -0
- package/src/utils/token.utils.d.ts +11 -0
- package/src/utils/token.utils.js +65 -0
- package/src/utils/token.utils.js.map +1 -0
- package/src/utils/types.utils.d.ts +7 -0
- package/src/utils/types.utils.js +3 -0
- package/src/utils/types.utils.js.map +1 -0
- package/src/constants.d.ts +0 -30
- package/src/constants.js +0 -36
- package/src/constants.js.map +0 -1
- package/src/decorators/adapter.decorator.js.map +0 -1
- package/src/decorators/app.decorator.js.map +0 -1
- package/src/decorators/auth-provider.decorator.js.map +0 -1
- package/src/decorators/flow.decorator.js.map +0 -1
- package/src/decorators/front-mcp.decorator.js +0 -40
- package/src/decorators/front-mcp.decorator.js.map +0 -1
- package/src/decorators/hook.decorator.js.map +0 -1
- package/src/decorators/index.js.map +0 -1
- package/src/decorators/logger.decorator.js.map +0 -1
- package/src/decorators/plugin.decorator.js.map +0 -1
- package/src/decorators/prompt.decorator.js.map +0 -1
- package/src/decorators/provider.decorator.js.map +0 -1
- package/src/decorators/resource.decorator.js.map +0 -1
- package/src/decorators/tool.decorator.d.ts +0 -42
- package/src/decorators/tool.decorator.js +0 -45
- package/src/decorators/tool.decorator.js.map +0 -1
- package/src/decorators-old/async-with.decorator.d.ts +0 -9
- package/src/decorators-old/async-with.decorator.js +0 -23
- package/src/decorators-old/async-with.decorator.js.map +0 -1
- package/src/decorators-old/auth-hook.decorator.js.map +0 -1
- package/src/decorators-old/session-hook.decorator.js.map +0 -1
- package/src/decorators-old/tool-hook.decorator.d.ts +0 -14
- package/src/decorators-old/tool-hook.decorator.js +0 -27
- package/src/decorators-old/tool-hook.decorator.js.map +0 -1
- package/src/dynamic/dynamic.adapter.js.map +0 -1
- package/src/dynamic/dynamic.plugin.js.map +0 -1
- package/src/dynamic/dynamic.utils.d.ts +0 -3
- package/src/dynamic/dynamic.utils.js.map +0 -1
- package/src/dynamic/index.js.map +0 -1
- package/src/entries/adapter.entry.js.map +0 -1
- package/src/entries/app.entry.d.ts +0 -13
- package/src/entries/app.entry.js.map +0 -1
- package/src/entries/auth-provider.entry.js.map +0 -1
- package/src/entries/base.entry.js.map +0 -1
- package/src/entries/flow.entry.js.map +0 -1
- package/src/entries/hook.entry.js.map +0 -1
- package/src/entries/index.js.map +0 -1
- package/src/entries/logger.entry.js.map +0 -1
- package/src/entries/plugin.entry.js.map +0 -1
- package/src/entries/prompt.entry.js.map +0 -1
- package/src/entries/provider.entry.js.map +0 -1
- package/src/entries/resource.entry.js.map +0 -1
- package/src/entries/scope.entry.js.map +0 -1
- package/src/entries/tool.entry.js.map +0 -1
- package/src/interfaces/adapter.interface.js.map +0 -1
- package/src/interfaces/app.interface.js.map +0 -1
- package/src/interfaces/auth-hook.interface.js.map +0 -1
- package/src/interfaces/auth-provider.interface.js.map +0 -1
- package/src/interfaces/base.interface.js.map +0 -1
- package/src/interfaces/flow.interface.d.ts +0 -41
- package/src/interfaces/flow.interface.js.map +0 -1
- package/src/interfaces/front-mcp.interface.js.map +0 -1
- package/src/interfaces/hook.interface.js.map +0 -1
- package/src/interfaces/index.js.map +0 -1
- package/src/interfaces/internal/flow.utils.d.ts +0 -24
- package/src/interfaces/internal/flow.utils.js.map +0 -1
- package/src/interfaces/internal/index.js.map +0 -1
- package/src/interfaces/internal/primary-auth-provider.interface.d.ts +0 -24
- package/src/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
- package/src/interfaces/internal/registry.interface.d.ts +0 -97
- package/src/interfaces/internal/registry.interface.js.map +0 -1
- package/src/interfaces/logger.interface.js.map +0 -1
- package/src/interfaces/plugin.interface.js.map +0 -1
- package/src/interfaces/prompt.interface.js.map +0 -1
- package/src/interfaces/provider.interface.js.map +0 -1
- package/src/interfaces/resource.interface.js.map +0 -1
- package/src/interfaces/scope.interface.js.map +0 -1
- package/src/interfaces/server.interface.js.map +0 -1
- package/src/interfaces/session-hook.interface.js.map +0 -1
- package/src/interfaces/tool-hook.interface.js.map +0 -1
- package/src/interfaces/tool.interface.js.map +0 -1
- package/src/metadata/adapter.metadata.js.map +0 -1
- package/src/metadata/app.metadata.d.ts +0 -872
- package/src/metadata/app.metadata.js.map +0 -1
- package/src/metadata/auth-provider.metadata.js.map +0 -1
- package/src/metadata/flow.metadata.d.ts +0 -77
- package/src/metadata/flow.metadata.js.map +0 -1
- package/src/metadata/front-mcp.metadata.d.ts +0 -1144
- package/src/metadata/front-mcp.metadata.js.map +0 -1
- package/src/metadata/hook.metadata.js.map +0 -1
- package/src/metadata/index.js.map +0 -1
- package/src/metadata/logger.metadata.js.map +0 -1
- package/src/metadata/plugin.metadata.js.map +0 -1
- package/src/metadata/prompt.metadata.js.map +0 -1
- package/src/metadata/provider.metadata.js.map +0 -1
- package/src/metadata/resource.metadata.js.map +0 -1
- package/src/metadata/tool.metadata.d.ts +0 -178
- package/src/metadata/tool.metadata.js.map +0 -1
- package/src/providers/session.provider.js.map +0 -1
- package/src/records/adapter.record.js.map +0 -1
- package/src/records/app.record.js.map +0 -1
- package/src/records/auth-provider.record.js.map +0 -1
- package/src/records/flow.record.js.map +0 -1
- package/src/records/hook.record.js.map +0 -1
- package/src/records/index.js.map +0 -1
- package/src/records/logger.record.d.ts +0 -11
- package/src/records/logger.record.js.map +0 -1
- package/src/records/plugin.record.js.map +0 -1
- package/src/records/prompt.record.js.map +0 -1
- package/src/records/provider.record.js.map +0 -1
- package/src/records/resource.record.js.map +0 -1
- package/src/records/scope.record.js.map +0 -1
- package/src/records/tool.record.js.map +0 -1
- package/src/schemas/annotated-class.schema.js.map +0 -1
- package/src/schemas/http-input.schema.js.map +0 -1
- package/src/schemas/http-output.schema.d.ts +0 -2011
- package/src/schemas/http-output.schema.js.map +0 -1
- package/src/schemas/index.js.map +0 -1
- package/src/tokens/adapter.tokens.js.map +0 -1
- package/src/tokens/app.tokens.js.map +0 -1
- package/src/tokens/auth-provider.tokens.js.map +0 -1
- package/src/tokens/base.tokens.js.map +0 -1
- package/src/tokens/flow-hook.tokens.js.map +0 -1
- package/src/tokens/flow.tokens.js.map +0 -1
- package/src/tokens/front-mcp.tokens.js.map +0 -1
- package/src/tokens/index.js.map +0 -1
- package/src/tokens/logger.tokens.js.map +0 -1
- package/src/tokens/plugin.tokens.js.map +0 -1
- package/src/tokens/prompt.tokens.js.map +0 -1
- package/src/tokens/provider.tokens.js.map +0 -1
- package/src/tokens/resource.tokens.js.map +0 -1
- package/src/tokens/server.tokens.js.map +0 -1
- package/src/tokens/tool.tokens.js.map +0 -1
- package/src/types/auth/index.js.map +0 -1
- package/src/types/auth/jwt.types.js.map +0 -1
- package/src/types/auth/session.types.d.ts +0 -263
- package/src/types/auth/session.types.js.map +0 -1
- package/src/types/common.types.js.map +0 -1
- package/src/types/index.js.map +0 -1
- package/src/types/options/auth.options.d.ts +0 -513
- package/src/types/options/auth.options.js.map +0 -1
- package/src/types/options/http.options.js.map +0 -1
- package/src/types/options/index.js.map +0 -1
- package/src/types/options/logging.options.d.ts +0 -39
- package/src/types/options/logging.options.js.map +0 -1
- package/src/types/options/server-info.options.d.ts +0 -48
- package/src/types/options/server-info.options.js.map +0 -1
- package/src/types/options/session.options.d.ts +0 -67
- package/src/types/options/session.options.js.map +0 -1
- package/src/utils/decide-request-intent.utils.d.ts +0 -79
- package/src/utils/decide-request-intent.utils.js.map +0 -1
- package/src/utils/index.js.map +0 -1
- package/src/utils/path.utils.d.ts +0 -20
- package/src/utils/path.utils.js.map +0 -1
- /package/src/{decorators → common/decorators}/adapter.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/adapter.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/app.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/app.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/auth-provider.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/auth-provider.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/flow.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/flow.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/front-mcp.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/hook.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/hook.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/index.d.ts +0 -0
- /package/src/{decorators → common/decorators}/index.js +0 -0
- /package/src/{decorators → common/decorators}/logger.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/logger.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/plugin.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/plugin.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/prompt.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/prompt.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/provider.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/provider.decorator.js +0 -0
- /package/src/{decorators → common/decorators}/resource.decorator.d.ts +0 -0
- /package/src/{decorators → common/decorators}/resource.decorator.js +0 -0
- /package/src/{decorators-old → common/decorators-old}/auth-hook.decorator.d.ts +0 -0
- /package/src/{decorators-old → common/decorators-old}/auth-hook.decorator.js +0 -0
- /package/src/{decorators-old → common/decorators-old}/session-hook.decorator.d.ts +0 -0
- /package/src/{decorators-old → common/decorators-old}/session-hook.decorator.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.adapter.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.adapter.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.plugin.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.plugin.js +0 -0
- /package/src/{dynamic → common/dynamic}/dynamic.utils.js +0 -0
- /package/src/{dynamic → common/dynamic}/index.d.ts +0 -0
- /package/src/{dynamic → common/dynamic}/index.js +0 -0
- /package/src/{entries → common/entries}/adapter.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/adapter.entry.js +0 -0
- /package/src/{entries → common/entries}/app.entry.js +0 -0
- /package/src/{entries → common/entries}/auth-provider.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/auth-provider.entry.js +0 -0
- /package/src/{entries → common/entries}/base.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/base.entry.js +0 -0
- /package/src/{entries → common/entries}/flow.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/flow.entry.js +0 -0
- /package/src/{entries → common/entries}/hook.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/hook.entry.js +0 -0
- /package/src/{entries → common/entries}/index.d.ts +0 -0
- /package/src/{entries → common/entries}/index.js +0 -0
- /package/src/{entries → common/entries}/logger.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/logger.entry.js +0 -0
- /package/src/{entries → common/entries}/plugin.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/plugin.entry.js +0 -0
- /package/src/{entries → common/entries}/prompt.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/prompt.entry.js +0 -0
- /package/src/{entries → common/entries}/provider.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/provider.entry.js +0 -0
- /package/src/{entries → common/entries}/resource.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/resource.entry.js +0 -0
- /package/src/{entries → common/entries}/scope.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/scope.entry.js +0 -0
- /package/src/{entries → common/entries}/tool.entry.d.ts +0 -0
- /package/src/{entries → common/entries}/tool.entry.js +0 -0
- /package/src/{interfaces → common/interfaces}/adapter.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/adapter.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/app.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/app.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/auth-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/auth-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/auth-provider.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/auth-provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/base.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/base.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/flow.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/front-mcp.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/front-mcp.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/index.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/index.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/flow.utils.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/index.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/internal/index.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/primary-auth-provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/internal/registry.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/logger.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/logger.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/plugin.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/plugin.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/prompt.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/prompt.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/provider.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/provider.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/resource.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/resource.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/scope.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/scope.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/server.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/server.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/session-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/session-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/tool-hook.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/tool-hook.interface.js +0 -0
- /package/src/{interfaces → common/interfaces}/tool.interface.d.ts +0 -0
- /package/src/{interfaces → common/interfaces}/tool.interface.js +0 -0
- /package/src/{metadata → common/metadata}/adapter.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/adapter.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/app.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/auth-provider.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/auth-provider.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/flow.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/front-mcp.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/hook.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/hook.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/index.d.ts +0 -0
- /package/src/{metadata → common/metadata}/index.js +0 -0
- /package/src/{metadata → common/metadata}/logger.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/logger.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/plugin.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/plugin.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/prompt.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/prompt.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/provider.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/provider.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/resource.metadata.d.ts +0 -0
- /package/src/{metadata → common/metadata}/resource.metadata.js +0 -0
- /package/src/{metadata → common/metadata}/tool.metadata.js +0 -0
- /package/src/{providers → common/providers}/session.provider.d.ts +0 -0
- /package/src/{providers → common/providers}/session.provider.js +0 -0
- /package/src/{records → common/records}/adapter.record.d.ts +0 -0
- /package/src/{records → common/records}/adapter.record.js +0 -0
- /package/src/{records → common/records}/app.record.d.ts +0 -0
- /package/src/{records → common/records}/app.record.js +0 -0
- /package/src/{records → common/records}/auth-provider.record.d.ts +0 -0
- /package/src/{records → common/records}/auth-provider.record.js +0 -0
- /package/src/{records → common/records}/flow.record.d.ts +0 -0
- /package/src/{records → common/records}/flow.record.js +0 -0
- /package/src/{records → common/records}/hook.record.d.ts +0 -0
- /package/src/{records → common/records}/hook.record.js +0 -0
- /package/src/{records → common/records}/index.d.ts +0 -0
- /package/src/{records → common/records}/index.js +0 -0
- /package/src/{records → common/records}/logger.record.js +0 -0
- /package/src/{records → common/records}/plugin.record.d.ts +0 -0
- /package/src/{records → common/records}/plugin.record.js +0 -0
- /package/src/{records → common/records}/prompt.record.d.ts +0 -0
- /package/src/{records → common/records}/prompt.record.js +0 -0
- /package/src/{records → common/records}/provider.record.d.ts +0 -0
- /package/src/{records → common/records}/provider.record.js +0 -0
- /package/src/{records → common/records}/resource.record.d.ts +0 -0
- /package/src/{records → common/records}/resource.record.js +0 -0
- /package/src/{records → common/records}/scope.record.d.ts +0 -0
- /package/src/{records → common/records}/scope.record.js +0 -0
- /package/src/{records → common/records}/tool.record.d.ts +0 -0
- /package/src/{records → common/records}/tool.record.js +0 -0
- /package/src/{schemas → common/schemas}/annotated-class.schema.d.ts +0 -0
- /package/src/{schemas → common/schemas}/annotated-class.schema.js +0 -0
- /package/src/{schemas → common/schemas}/http-input.schema.d.ts +0 -0
- /package/src/{schemas → common/schemas}/http-input.schema.js +0 -0
- /package/src/{schemas → common/schemas}/http-output.schema.js +0 -0
- /package/src/{schemas → common/schemas}/index.d.ts +0 -0
- /package/src/{schemas → common/schemas}/index.js +0 -0
- /package/src/{tokens → common/tokens}/adapter.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/adapter.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/app.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/app.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/auth-provider.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/auth-provider.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/base.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/base.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/flow-hook.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/flow-hook.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/flow.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/flow.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/front-mcp.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/front-mcp.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/index.d.ts +0 -0
- /package/src/{tokens → common/tokens}/index.js +0 -0
- /package/src/{tokens → common/tokens}/logger.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/logger.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/plugin.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/plugin.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/prompt.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/prompt.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/provider.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/provider.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/resource.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/resource.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/server.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/server.tokens.js +0 -0
- /package/src/{tokens → common/tokens}/tool.tokens.d.ts +0 -0
- /package/src/{tokens → common/tokens}/tool.tokens.js +0 -0
- /package/src/{types → common/types}/auth/index.d.ts +0 -0
- /package/src/{types → common/types}/auth/index.js +0 -0
- /package/src/{types → common/types}/auth/jwt.types.d.ts +0 -0
- /package/src/{types → common/types}/auth/jwt.types.js +0 -0
- /package/src/{types → common/types}/auth/session.types.js +0 -0
- /package/src/{types → common/types}/common.types.d.ts +0 -0
- /package/src/{types → common/types}/common.types.js +0 -0
- /package/src/{types → common/types}/index.d.ts +0 -0
- /package/src/{types → common/types}/index.js +0 -0
- /package/src/{types → common/types}/options/auth.options.js +0 -0
- /package/src/{types → common/types}/options/http.options.d.ts +0 -0
- /package/src/{types → common/types}/options/http.options.js +0 -0
- /package/src/{types → common/types}/options/index.d.ts +0 -0
- /package/src/{types → common/types}/options/index.js +0 -0
- /package/src/{types → common/types}/options/logging.options.js +0 -0
- /package/src/{types → common/types}/options/server-info.options.js +0 -0
- /package/src/{types → common/types}/options/session.options.js +0 -0
- /package/src/{utils → common/utils}/decide-request-intent.utils.js +0 -0
- /package/src/{utils → common/utils}/index.d.ts +0 -0
- /package/src/{utils → common/utils}/index.js +0 -0
- /package/src/{utils → common/utils}/path.utils.js +0 -0
|
@@ -0,0 +1,123 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.wellKnownAsStateSchema = exports.outputSchema = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
// auth/flows/well-known.oauth-authorization-server.flow.ts
|
|
6
|
+
require("reflect-metadata");
|
|
7
|
+
const zod_1 = require("zod");
|
|
8
|
+
const common_1 = require("../../common");
|
|
9
|
+
const path_utils_1 = require("../path.utils");
|
|
10
|
+
const inputSchema = common_1.httpInputSchema;
|
|
11
|
+
// ===== Result =====
|
|
12
|
+
const AuthServerMetadataSchema = zod_1.z.object({
|
|
13
|
+
kind: zod_1.z.literal('json'),
|
|
14
|
+
status: zod_1.z.literal(200),
|
|
15
|
+
contentType: zod_1.z.literal('application/json; charset=utf-8'),
|
|
16
|
+
body: zod_1.z
|
|
17
|
+
.object({
|
|
18
|
+
issuer: zod_1.z.string().min(1),
|
|
19
|
+
authorization_endpoint: zod_1.z.string().min(1),
|
|
20
|
+
token_endpoint: zod_1.z.string().min(1),
|
|
21
|
+
userinfo_endpoint: zod_1.z.string().min(1).optional(),
|
|
22
|
+
jwks_uri: zod_1.z.string().min(1),
|
|
23
|
+
registration_endpoint: zod_1.z.string().min(1).optional(),
|
|
24
|
+
token_endpoint_auth_methods_supported: zod_1.z
|
|
25
|
+
.array(zod_1.z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))
|
|
26
|
+
.optional(),
|
|
27
|
+
response_types_supported: zod_1.z.array(zod_1.z.enum(['code'])).default(['code']),
|
|
28
|
+
grant_types_supported: zod_1.z
|
|
29
|
+
.array(zod_1.z.enum(['authorization_code', 'refresh_token']))
|
|
30
|
+
.default(['authorization_code', 'refresh_token']),
|
|
31
|
+
scopes_supported: zod_1.z.array(zod_1.z.string()).default(['openid', 'profile', 'email']),
|
|
32
|
+
code_challenge_methods_supported: zod_1.z.array(zod_1.z.enum(['S256'])).default(['S256']),
|
|
33
|
+
})
|
|
34
|
+
.passthrough(),
|
|
35
|
+
});
|
|
36
|
+
exports.outputSchema = zod_1.z.union([AuthServerMetadataSchema, common_1.HttpRedirectSchema, common_1.HttpTextSchema]);
|
|
37
|
+
exports.wellKnownAsStateSchema = zod_1.z.object({
|
|
38
|
+
baseUrl: zod_1.z.string().min(1), // baseUrl + entryPrefix (unsuffixed)
|
|
39
|
+
scopesSupported: zod_1.z.array(zod_1.z.string()).default(['openid', 'profile', 'email']),
|
|
40
|
+
tokenEndpointAuthMethods: zod_1.z
|
|
41
|
+
.array(zod_1.z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))
|
|
42
|
+
.default(['client_secret_basic', 'client_secret_post']),
|
|
43
|
+
dcrEnabled: zod_1.z.boolean().default(true),
|
|
44
|
+
isOrchestrated: zod_1.z.boolean(),
|
|
45
|
+
});
|
|
46
|
+
const wellKnownAsPlan = {
|
|
47
|
+
pre: ['parseInput'],
|
|
48
|
+
execute: ['collectData'],
|
|
49
|
+
};
|
|
50
|
+
const name = 'well-known.oauth-authorization-server';
|
|
51
|
+
const Stage = (0, common_1.StageHookOf)(name);
|
|
52
|
+
let WellKnownAsFlow = class WellKnownAsFlow extends common_1.FlowBase {
|
|
53
|
+
static canActivate(request, scope) {
|
|
54
|
+
return (0, path_utils_1.makeWellKnownPaths)('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);
|
|
55
|
+
}
|
|
56
|
+
async parseInput() {
|
|
57
|
+
const { request } = this.rawInput;
|
|
58
|
+
if (!request)
|
|
59
|
+
throw new Error('Request is undefined');
|
|
60
|
+
const baseUrl = (0, path_utils_1.getRequestBaseUrl)(request, this.scope.entryPath);
|
|
61
|
+
this.state.set(exports.wellKnownAsStateSchema.parse({
|
|
62
|
+
baseUrl,
|
|
63
|
+
scopesSupported: [],
|
|
64
|
+
tokenEndpointAuthMethods: [],
|
|
65
|
+
dcrEnabled: false, //scope.oauth.dcrEnabled,
|
|
66
|
+
isOrchestrated: !this.scope.metadata.auth, // scope.orchestrated,
|
|
67
|
+
}));
|
|
68
|
+
}
|
|
69
|
+
async collectData() {
|
|
70
|
+
const { baseUrl, scopesSupported, tokenEndpointAuthMethods, dcrEnabled, isOrchestrated } = this.state.required;
|
|
71
|
+
// Orchestrated => gateway is the AS
|
|
72
|
+
if (isOrchestrated) {
|
|
73
|
+
const baseIssuer = `${baseUrl}`;
|
|
74
|
+
this.respond({
|
|
75
|
+
kind: 'json',
|
|
76
|
+
contentType: 'application/json; charset=utf-8',
|
|
77
|
+
status: 200,
|
|
78
|
+
body: {
|
|
79
|
+
issuer: baseIssuer,
|
|
80
|
+
authorization_endpoint: `${baseIssuer}/oauth/authorize`,
|
|
81
|
+
token_endpoint: `${baseIssuer}/oauth/token`,
|
|
82
|
+
userinfo_endpoint: `${baseIssuer}/oauth/userinfo`,
|
|
83
|
+
jwks_uri: `${baseIssuer}/.well-known/jwks.json`,
|
|
84
|
+
registration_endpoint: `${baseIssuer}/oauth/register`,
|
|
85
|
+
token_endpoint_auth_methods_supported: tokenEndpointAuthMethods,
|
|
86
|
+
response_types_supported: ['code'],
|
|
87
|
+
grant_types_supported: ['authorization_code', 'refresh_token'],
|
|
88
|
+
scopes_supported: scopesSupported,
|
|
89
|
+
code_challenge_methods_supported: ['S256'],
|
|
90
|
+
},
|
|
91
|
+
});
|
|
92
|
+
return;
|
|
93
|
+
}
|
|
94
|
+
const primary = this.scope.auth;
|
|
95
|
+
this.respond(common_1.httpRespond.redirect(`${primary.issuer}/.well-known/oauth-authorization-server`));
|
|
96
|
+
}
|
|
97
|
+
};
|
|
98
|
+
tslib_1.__decorate([
|
|
99
|
+
Stage('parseInput'),
|
|
100
|
+
tslib_1.__metadata("design:type", Function),
|
|
101
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
102
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
103
|
+
], WellKnownAsFlow.prototype, "parseInput", null);
|
|
104
|
+
tslib_1.__decorate([
|
|
105
|
+
Stage('collectData'),
|
|
106
|
+
tslib_1.__metadata("design:type", Function),
|
|
107
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
108
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
109
|
+
], WellKnownAsFlow.prototype, "collectData", null);
|
|
110
|
+
WellKnownAsFlow = tslib_1.__decorate([
|
|
111
|
+
(0, common_1.Flow)({
|
|
112
|
+
name,
|
|
113
|
+
plan: wellKnownAsPlan,
|
|
114
|
+
inputSchema,
|
|
115
|
+
outputSchema: exports.outputSchema,
|
|
116
|
+
access: 'public',
|
|
117
|
+
middleware: {
|
|
118
|
+
method: 'GET',
|
|
119
|
+
},
|
|
120
|
+
})
|
|
121
|
+
], WellKnownAsFlow);
|
|
122
|
+
exports.default = WellKnownAsFlow;
|
|
123
|
+
//# sourceMappingURL=well-known.oauth-authorization-server.flow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"well-known.oauth-authorization-server.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.oauth-authorization-server.flow.ts"],"names":[],"mappings":";;;;AAAA,2DAA2D;AAC3D,4BAA0B;AAC1B,6BAAsB;AACtB,yCAUsB;AACtB,8CAAoE;AAGpE,MAAM,WAAW,GAAG,wBAAe,CAAC;AAGpC,qBAAqB;AACrB,MAAM,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACvB,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACtB,WAAW,EAAE,OAAC,CAAC,OAAO,CAAC,iCAAiC,CAAC;IACzD,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzB,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzC,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QAC/C,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACnD,qCAAqC,EAAE,OAAC;aACrC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;aAC/E,QAAQ,EAAE;QACb,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;QACrE,qBAAqB,EAAE,OAAC;aACrB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC,CAAC;aACtD,OAAO,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;QACnD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,gCAAgC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;KAC9E,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEU,QAAA,YAAY,GAAG,OAAC,CAAC,KAAK,CAAC,CAAC,wBAAwB,EAAE,2BAAkB,EAAE,uBAAc,CAAC,CAAC,CAAC;AAEvF,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,qCAAqC;IACjE,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,wBAAwB,EAAE,OAAC;SACxB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;SAC/E,OAAO,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,CAAC,CAAC;IACzD,UAAU,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAGH,MAAM,eAAe,GAAG;IACtB,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;CACW,CAAC;AAiBtC,MAAM,IAAI,GAAG,uCAAgD,CAAC;AAC9D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAajB,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,iBAAqB;IAChE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,+BAAkB,EAAC,4BAA4B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAC,OAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,OAAO,GAAG,IAAA,8BAAiB,EAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,8BAAsB,CAAC,KAAK,CAAC;YAC1C,OAAO;YACP,eAAe,EAAE,EAAE;YACnB,wBAAwB,EAAE,EAAE;YAC5B,UAAU,EAAE,KAAK,EAAE,yBAAyB;YAC5C,cAAc,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,sBAAsB;SAClE,CAAC,CAAC,CAAC;IACN,CAAC;IAGK,AAAN,KAAK,CAAC,WAAW;QACf,MAAM,EAAC,OAAO,EAAE,eAAe,EAAE,wBAAwB,EAAE,UAAU,EAAE,cAAc,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC7G,oCAAoC;QACpC,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,GAAG,OAAO,EAAE,CAAC;YAChC,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,MAAM,EAAE,UAAU;oBAClB,sBAAsB,EAAE,GAAG,UAAU,kBAAkB;oBACvD,cAAc,EAAE,GAAG,UAAU,cAAc;oBAC3C,iBAAiB,EAAE,GAAG,UAAU,iBAAiB;oBACjD,QAAQ,EAAE,GAAG,UAAU,wBAAwB;oBAC/C,qBAAqB,EAAE,GAAG,UAAU,iBAAiB;oBACrD,qCAAqC,EAAE,wBAAwB;oBAC/D,wBAAwB,EAAE,CAAC,MAAM,CAAC;oBAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;oBAC9D,gBAAgB,EAAE,eAAe;oBACjC,gCAAgC,EAAE,CAAC,MAAM,CAAC;iBAC3C;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QAChC,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,MAAM,yCAAyC,CAAC,CAAC,CAAC;IACjG,CAAC;CACF,CAAA;AA3CO;IADL,KAAK,CAAC,YAAY,CAAC;;;;iDAanB;AAGK;IADL,KAAK,CAAC,aAAa,CAAC;;;;kDA4BpB;AAhDkB,eAAe;IAVnC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI,EAAE,eAAe;QACrB,WAAW;QACX,YAAY,EAAZ,oBAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,eAAe,CAiDnC;kBAjDoB,eAAe","sourcesContent":["// auth/flows/well-known.oauth-authorization-server.flow.ts\nimport 'reflect-metadata';\nimport {z} from 'zod';\nimport {\n HttpRedirectSchema,\n httpRespond,\n HttpTextSchema,\n Flow,\n FlowBase,\n FlowRunOptions,\n ScopeEntry,\n ServerRequest,\n StageHookOf, httpInputSchema, FlowPlan,\n} from '../../common';\nimport {getRequestBaseUrl, makeWellKnownPaths} from '../path.utils';\n\n\nconst inputSchema = httpInputSchema;\n\n\n// ===== Result =====\nconst AuthServerMetadataSchema = z.object({\n kind: z.literal('json'),\n status: z.literal(200),\n contentType: z.literal('application/json; charset=utf-8'),\n body: z\n .object({\n issuer: z.string().min(1),\n authorization_endpoint: z.string().min(1),\n token_endpoint: z.string().min(1),\n userinfo_endpoint: z.string().min(1).optional(),\n jwks_uri: z.string().min(1),\n registration_endpoint: z.string().min(1).optional(),\n token_endpoint_auth_methods_supported: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .optional(),\n response_types_supported: z.array(z.enum(['code'])).default(['code']),\n grant_types_supported: z\n .array(z.enum(['authorization_code', 'refresh_token']))\n .default(['authorization_code', 'refresh_token']),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n code_challenge_methods_supported: z.array(z.enum(['S256'])).default(['S256']),\n })\n .passthrough(),\n});\n\nexport const outputSchema = z.union([AuthServerMetadataSchema, HttpRedirectSchema, HttpTextSchema]);\n\nexport const wellKnownAsStateSchema = z.object({\n baseUrl: z.string().min(1), // baseUrl + entryPrefix (unsuffixed)\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n tokenEndpointAuthMethods: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .default(['client_secret_basic', 'client_secret_post']),\n dcrEnabled: z.boolean().default(true),\n isOrchestrated: z.boolean(),\n});\n\n\nconst wellKnownAsPlan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n} as const satisfies FlowPlan<string>;\n\ntype WellKnownAsPlan = typeof wellKnownAsPlan;\ntype WellKnownAsFlowOptions = FlowRunOptions<\n WellKnownAsFlow,\n WellKnownAsPlan,\n typeof inputSchema,\n typeof outputSchema,\n typeof wellKnownAsStateSchema\n>\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-authorization-server': WellKnownAsFlowOptions;\n }\n}\n\nconst name = 'well-known.oauth-authorization-server' as const;\nconst Stage = StageHookOf(name);\n\n\n@Flow({\n name,\n plan: wellKnownAsPlan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownAsFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const {request} = this.rawInput;\n if (!request) throw new Error('Request is undefined');\n\n const baseUrl = getRequestBaseUrl(request, this.scope.entryPath);\n this.state.set(wellKnownAsStateSchema.parse({\n baseUrl,\n scopesSupported: [],\n tokenEndpointAuthMethods: [],\n dcrEnabled: false, //scope.oauth.dcrEnabled,\n isOrchestrated: !this.scope.metadata.auth, // scope.orchestrated,\n }));\n }\n\n @Stage('collectData')\n async collectData() {\n const {baseUrl, scopesSupported, tokenEndpointAuthMethods, dcrEnabled, isOrchestrated} = this.state.required;\n // Orchestrated => gateway is the AS\n if (isOrchestrated) {\n const baseIssuer = `${baseUrl}`;\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n issuer: baseIssuer,\n authorization_endpoint: `${baseIssuer}/oauth/authorize`,\n token_endpoint: `${baseIssuer}/oauth/token`,\n userinfo_endpoint: `${baseIssuer}/oauth/userinfo`,\n jwks_uri: `${baseIssuer}/.well-known/jwks.json`,\n registration_endpoint: `${baseIssuer}/oauth/register`,\n token_endpoint_auth_methods_supported: tokenEndpointAuthMethods,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n scopes_supported: scopesSupported,\n code_challenge_methods_supported: ['S256'],\n },\n });\n return;\n }\n const primary = this.scope.auth;\n this.respond(httpRespond.redirect(`${primary.issuer}/.well-known/oauth-authorization-server`));\n }\n}\n"]}
|
|
@@ -0,0 +1,159 @@
|
|
|
1
|
+
import 'reflect-metadata';
|
|
2
|
+
import { z } from 'zod';
|
|
3
|
+
import { FlowBase, FlowRunOptions, ScopeEntry, ServerRequest } from '../../common';
|
|
4
|
+
declare const inputSchema: z.ZodObject<{
|
|
5
|
+
request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
|
|
6
|
+
response: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
|
|
7
|
+
next: z.ZodOptional<z.ZodFunction<z.ZodTuple<[], z.ZodUnknown>, z.ZodUnknown>>;
|
|
8
|
+
}, "strip", z.ZodTypeAny, {
|
|
9
|
+
request: {} & {
|
|
10
|
+
[k: string]: unknown;
|
|
11
|
+
};
|
|
12
|
+
response: {} & {
|
|
13
|
+
[k: string]: unknown;
|
|
14
|
+
};
|
|
15
|
+
next?: ((...args: unknown[]) => unknown) | undefined;
|
|
16
|
+
}, {
|
|
17
|
+
request: {} & {
|
|
18
|
+
[k: string]: unknown;
|
|
19
|
+
};
|
|
20
|
+
response: {} & {
|
|
21
|
+
[k: string]: unknown;
|
|
22
|
+
};
|
|
23
|
+
next?: ((...args: unknown[]) => unknown) | undefined;
|
|
24
|
+
}>;
|
|
25
|
+
declare const stateSchema: z.ZodObject<{
|
|
26
|
+
resource: z.ZodString;
|
|
27
|
+
baseUrl: z.ZodString;
|
|
28
|
+
scopesSupported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
29
|
+
isOrchestrated: z.ZodBoolean;
|
|
30
|
+
}, "strip", z.ZodTypeAny, {
|
|
31
|
+
resource: string;
|
|
32
|
+
baseUrl: string;
|
|
33
|
+
scopesSupported: string[];
|
|
34
|
+
isOrchestrated: boolean;
|
|
35
|
+
}, {
|
|
36
|
+
resource: string;
|
|
37
|
+
baseUrl: string;
|
|
38
|
+
isOrchestrated: boolean;
|
|
39
|
+
scopesSupported?: string[] | undefined;
|
|
40
|
+
}>;
|
|
41
|
+
declare const outputSchema: z.ZodObject<{
|
|
42
|
+
kind: z.ZodLiteral<"json">;
|
|
43
|
+
status: z.ZodEffects<z.ZodNumber, number, number>;
|
|
44
|
+
contentType: z.ZodDefault<z.ZodString>;
|
|
45
|
+
headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
|
|
46
|
+
cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
47
|
+
name: z.ZodString;
|
|
48
|
+
value: z.ZodString;
|
|
49
|
+
path: z.ZodDefault<z.ZodString>;
|
|
50
|
+
domain: z.ZodOptional<z.ZodString>;
|
|
51
|
+
httpOnly: z.ZodDefault<z.ZodBoolean>;
|
|
52
|
+
secure: z.ZodOptional<z.ZodBoolean>;
|
|
53
|
+
sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
|
|
54
|
+
maxAge: z.ZodOptional<z.ZodNumber>;
|
|
55
|
+
expires: z.ZodOptional<z.ZodDate>;
|
|
56
|
+
}, "strip", z.ZodTypeAny, {
|
|
57
|
+
value: string;
|
|
58
|
+
path: string;
|
|
59
|
+
name: string;
|
|
60
|
+
httpOnly: boolean;
|
|
61
|
+
domain?: string | undefined;
|
|
62
|
+
secure?: boolean | undefined;
|
|
63
|
+
sameSite?: "lax" | "strict" | "none" | undefined;
|
|
64
|
+
maxAge?: number | undefined;
|
|
65
|
+
expires?: Date | undefined;
|
|
66
|
+
}, {
|
|
67
|
+
value: string;
|
|
68
|
+
name: string;
|
|
69
|
+
path?: string | undefined;
|
|
70
|
+
domain?: string | undefined;
|
|
71
|
+
httpOnly?: boolean | undefined;
|
|
72
|
+
secure?: boolean | undefined;
|
|
73
|
+
sameSite?: "lax" | "strict" | "none" | undefined;
|
|
74
|
+
maxAge?: number | undefined;
|
|
75
|
+
expires?: Date | undefined;
|
|
76
|
+
}>, "many">>>;
|
|
77
|
+
} & {
|
|
78
|
+
body: z.ZodObject<{
|
|
79
|
+
resource: z.ZodString;
|
|
80
|
+
authorization_servers: z.ZodArray<z.ZodString, "many">;
|
|
81
|
+
scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
82
|
+
bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
83
|
+
}, "passthrough", z.ZodTypeAny, z.objectOutputType<{
|
|
84
|
+
resource: z.ZodString;
|
|
85
|
+
authorization_servers: z.ZodArray<z.ZodString, "many">;
|
|
86
|
+
scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
87
|
+
bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
88
|
+
}, z.ZodTypeAny, "passthrough">, z.objectInputType<{
|
|
89
|
+
resource: z.ZodString;
|
|
90
|
+
authorization_servers: z.ZodArray<z.ZodString, "many">;
|
|
91
|
+
scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
92
|
+
bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
93
|
+
}, z.ZodTypeAny, "passthrough">>;
|
|
94
|
+
}, "strip", z.ZodTypeAny, {
|
|
95
|
+
status: number;
|
|
96
|
+
kind: "json";
|
|
97
|
+
body: {
|
|
98
|
+
resource: string;
|
|
99
|
+
authorization_servers: string[];
|
|
100
|
+
scopes_supported: string[];
|
|
101
|
+
bearer_methods_supported: string[];
|
|
102
|
+
} & {
|
|
103
|
+
[k: string]: unknown;
|
|
104
|
+
};
|
|
105
|
+
contentType: string;
|
|
106
|
+
headers?: Record<string, string | string[]> | undefined;
|
|
107
|
+
cookies?: {
|
|
108
|
+
value: string;
|
|
109
|
+
path: string;
|
|
110
|
+
name: string;
|
|
111
|
+
httpOnly: boolean;
|
|
112
|
+
domain?: string | undefined;
|
|
113
|
+
secure?: boolean | undefined;
|
|
114
|
+
sameSite?: "lax" | "strict" | "none" | undefined;
|
|
115
|
+
maxAge?: number | undefined;
|
|
116
|
+
expires?: Date | undefined;
|
|
117
|
+
}[] | undefined;
|
|
118
|
+
}, {
|
|
119
|
+
status: number;
|
|
120
|
+
kind: "json";
|
|
121
|
+
body: {
|
|
122
|
+
resource: string;
|
|
123
|
+
authorization_servers: string[];
|
|
124
|
+
scopes_supported?: string[] | undefined;
|
|
125
|
+
bearer_methods_supported?: string[] | undefined;
|
|
126
|
+
} & {
|
|
127
|
+
[k: string]: unknown;
|
|
128
|
+
};
|
|
129
|
+
headers?: Record<string, string | string[]> | undefined;
|
|
130
|
+
cookies?: {
|
|
131
|
+
value: string;
|
|
132
|
+
name: string;
|
|
133
|
+
path?: string | undefined;
|
|
134
|
+
domain?: string | undefined;
|
|
135
|
+
httpOnly?: boolean | undefined;
|
|
136
|
+
secure?: boolean | undefined;
|
|
137
|
+
sameSite?: "lax" | "strict" | "none" | undefined;
|
|
138
|
+
maxAge?: number | undefined;
|
|
139
|
+
expires?: Date | undefined;
|
|
140
|
+
}[] | undefined;
|
|
141
|
+
contentType?: string | undefined;
|
|
142
|
+
}>;
|
|
143
|
+
declare const plan: {
|
|
144
|
+
readonly pre: ["parseInput"];
|
|
145
|
+
readonly execute: ["collectData"];
|
|
146
|
+
readonly post: ["validateOutput"];
|
|
147
|
+
};
|
|
148
|
+
declare global {
|
|
149
|
+
interface ExtendFlows {
|
|
150
|
+
'well-known.oauth-protected-resource': FlowRunOptions<WellKnownPrmFlow, typeof plan, typeof inputSchema, typeof outputSchema, typeof stateSchema>;
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
declare const name: "well-known.oauth-protected-resource";
|
|
154
|
+
export default class WellKnownPrmFlow extends FlowBase<typeof name> {
|
|
155
|
+
static canActivate(request: ServerRequest, scope: ScopeEntry): boolean;
|
|
156
|
+
parseInput(): Promise<void>;
|
|
157
|
+
collectData(): Promise<void>;
|
|
158
|
+
}
|
|
159
|
+
export {};
|
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const tslib_1 = require("tslib");
|
|
4
|
+
// auth/flows/well-known.prm.flow.ts
|
|
5
|
+
require("reflect-metadata");
|
|
6
|
+
const zod_1 = require("zod");
|
|
7
|
+
const common_1 = require("../../common");
|
|
8
|
+
const path_utils_1 = require("../path.utils");
|
|
9
|
+
const inputSchema = common_1.httpInputSchema;
|
|
10
|
+
const stateSchema = zod_1.z.object({
|
|
11
|
+
resource: zod_1.z.string().min(1),
|
|
12
|
+
baseUrl: zod_1.z.string().min(1),
|
|
13
|
+
scopesSupported: zod_1.z.array(zod_1.z.string()).default(['openid', 'profile', 'email']),
|
|
14
|
+
isOrchestrated: zod_1.z.boolean(),
|
|
15
|
+
});
|
|
16
|
+
const outputSchema = common_1.HttpJsonSchema.extend({
|
|
17
|
+
body: zod_1.z
|
|
18
|
+
.object({
|
|
19
|
+
resource: zod_1.z.string().min(1),
|
|
20
|
+
authorization_servers: zod_1.z.array(zod_1.z.string().min(1)).min(1),
|
|
21
|
+
scopes_supported: zod_1.z.array(zod_1.z.string()).default(['openid', 'profile', 'email']),
|
|
22
|
+
bearer_methods_supported: zod_1.z.array(zod_1.z.string()).default(['header']),
|
|
23
|
+
})
|
|
24
|
+
.passthrough(),
|
|
25
|
+
});
|
|
26
|
+
const plan = {
|
|
27
|
+
pre: ['parseInput'],
|
|
28
|
+
execute: ['collectData'],
|
|
29
|
+
post: ['validateOutput'],
|
|
30
|
+
};
|
|
31
|
+
const name = 'well-known.oauth-protected-resource';
|
|
32
|
+
const Stage = (0, common_1.StageHookOf)(name);
|
|
33
|
+
let WellKnownPrmFlow = class WellKnownPrmFlow extends common_1.FlowBase {
|
|
34
|
+
static canActivate(request, scope) {
|
|
35
|
+
return (0, path_utils_1.makeWellKnownPaths)('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);
|
|
36
|
+
}
|
|
37
|
+
async parseInput() {
|
|
38
|
+
const { request } = this.rawInput;
|
|
39
|
+
const scope = this.scope;
|
|
40
|
+
if (!request)
|
|
41
|
+
throw new Error('Request is undefined');
|
|
42
|
+
const resource = (0, path_utils_1.computeResource)(request, scope.entryPath, scope.routeBase);
|
|
43
|
+
const baseUrl = (0, path_utils_1.getRequestBaseUrl)(request, scope.entryPath);
|
|
44
|
+
this.state.set(stateSchema.parse({
|
|
45
|
+
resource,
|
|
46
|
+
baseUrl,
|
|
47
|
+
scopesSupported: ['openid', 'profile', 'email'],
|
|
48
|
+
isOrchestrated: false, //scope.orchestrated,// TODO: fix
|
|
49
|
+
}));
|
|
50
|
+
}
|
|
51
|
+
async collectData() {
|
|
52
|
+
const { resource, baseUrl, scopesSupported, isOrchestrated } = this.state.required;
|
|
53
|
+
if (isOrchestrated) {
|
|
54
|
+
this.respond({
|
|
55
|
+
kind: 'json',
|
|
56
|
+
contentType: 'application/json; charset=utf-8',
|
|
57
|
+
status: 200,
|
|
58
|
+
body: {
|
|
59
|
+
resource,
|
|
60
|
+
authorization_servers: [baseUrl],
|
|
61
|
+
scopes_supported: scopesSupported,
|
|
62
|
+
bearer_methods_supported: ['header'],
|
|
63
|
+
},
|
|
64
|
+
});
|
|
65
|
+
return;
|
|
66
|
+
}
|
|
67
|
+
const issuer = this.scope.auth.issuer;
|
|
68
|
+
// Transparent scope
|
|
69
|
+
this.respond({
|
|
70
|
+
kind: 'json',
|
|
71
|
+
status: 200,
|
|
72
|
+
contentType: 'application/json; charset=utf-8',
|
|
73
|
+
body: {
|
|
74
|
+
resource,
|
|
75
|
+
authorization_servers: [issuer],
|
|
76
|
+
scopes_supported: scopesSupported,
|
|
77
|
+
bearer_methods_supported: ['header'],
|
|
78
|
+
},
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
};
|
|
82
|
+
tslib_1.__decorate([
|
|
83
|
+
Stage('parseInput'),
|
|
84
|
+
tslib_1.__metadata("design:type", Function),
|
|
85
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
86
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
87
|
+
], WellKnownPrmFlow.prototype, "parseInput", null);
|
|
88
|
+
tslib_1.__decorate([
|
|
89
|
+
Stage('collectData'),
|
|
90
|
+
tslib_1.__metadata("design:type", Function),
|
|
91
|
+
tslib_1.__metadata("design:paramtypes", []),
|
|
92
|
+
tslib_1.__metadata("design:returntype", Promise)
|
|
93
|
+
], WellKnownPrmFlow.prototype, "collectData", null);
|
|
94
|
+
WellKnownPrmFlow = tslib_1.__decorate([
|
|
95
|
+
(0, common_1.Flow)({
|
|
96
|
+
name,
|
|
97
|
+
plan,
|
|
98
|
+
inputSchema,
|
|
99
|
+
outputSchema,
|
|
100
|
+
access: 'public',
|
|
101
|
+
middleware: {
|
|
102
|
+
method: 'GET',
|
|
103
|
+
},
|
|
104
|
+
})
|
|
105
|
+
], WellKnownPrmFlow);
|
|
106
|
+
exports.default = WellKnownPrmFlow;
|
|
107
|
+
//# sourceMappingURL=well-known.prm.flow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"well-known.prm.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.prm.flow.ts"],"names":[],"mappings":";;;AAAA,oCAAoC;AACpC,4BAA0B;AAC1B,6BAAsB;AACtB,yCASsB;AACtB,8CAAqF;AAErF,MAAM,WAAW,GAAG,wBAAe,CAAC;AAEpC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,uBAAc,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC;KAClE,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEH,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;IACxB,IAAI,EAAE,CAAC,gBAAgB,CAAC;CACW,CAAC;AActC,MAAM,IAAI,GAAG,qCAA8C,CAAC;AAC5D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAYjB,IAAM,gBAAgB,GAAtB,MAAM,gBAAiB,SAAQ,iBAAqB;IACjE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,+BAAkB,EAAC,0BAA0B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAC,OAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,QAAQ,GAAG,IAAA,4BAAe,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,IAAA,8BAAiB,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC;YAC/B,QAAQ;YACR,OAAO;YACP,eAAe,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YAC/C,cAAc,EAAE,KAAK,EAAC,iCAAiC;SACxD,CAAC,CAAC,CAAC;IACN,CAAC;IAE2B,AAAN,KAAK,CAAC,WAAW;QACrC,MAAM,EAAC,QAAQ,EAAE,OAAO,EAAE,eAAe,EAAE,cAAc,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAEjF,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,QAAQ;oBACR,qBAAqB,EAAE,CAAC,OAAO,CAAC;oBAChC,gBAAgB,EAAE,eAAe;oBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;iBACrC;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;QACtC,oBAAoB;QACpB,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,iCAAiC;YAC9C,IAAI,EAAE;gBACJ,QAAQ;gBACR,qBAAqB,EAAE,CAAC,MAAM,CAAC;gBAC/B,gBAAgB,EAAE,eAAe;gBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;aACrC;SACF,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AA9CO;IADL,KAAK,CAAC,YAAY,CAAC;;;;kDAcnB;AAE2B;IAA3B,KAAK,CAAC,aAAa,CAAC;;;;mDA8BpB;AAnDkB,gBAAgB;IAVpC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,gBAAgB,CAoDpC;kBApDoB,gBAAgB","sourcesContent":["// auth/flows/well-known.prm.flow.ts\nimport 'reflect-metadata';\nimport {z} from 'zod';\nimport {\n Flow,\n FlowBase, FlowPlan,\n FlowRunOptions,\n httpInputSchema,\n HttpJsonSchema,\n ScopeEntry,\n ServerRequest,\n StageHookOf,\n} from '../../common';\nimport {computeResource, getRequestBaseUrl, makeWellKnownPaths} from '../path.utils';\n\nconst inputSchema = httpInputSchema;\n\nconst stateSchema = z.object({\n resource: z.string().min(1),\n baseUrl: z.string().min(1),\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n isOrchestrated: z.boolean(),\n});\n\nconst outputSchema = HttpJsonSchema.extend({\n body: z\n .object({\n resource: z.string().min(1),\n authorization_servers: z.array(z.string().min(1)).min(1),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n bearer_methods_supported: z.array(z.string()).default(['header']),\n })\n .passthrough(),\n});\n\nconst plan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n post: ['validateOutput'],\n} as const satisfies FlowPlan<string>;\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-protected-resource': FlowRunOptions<\n WellKnownPrmFlow,\n typeof plan,\n typeof inputSchema,\n typeof outputSchema,\n typeof stateSchema\n >;\n }\n}\n\nconst name = 'well-known.oauth-protected-resource' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownPrmFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const {request} = this.rawInput;\n const scope = this.scope;\n if (!request) throw new Error('Request is undefined');\n\n const resource = computeResource(request, scope.entryPath, scope.routeBase);\n const baseUrl = getRequestBaseUrl(request, scope.entryPath);\n this.state.set(stateSchema.parse({\n resource,\n baseUrl,\n scopesSupported: ['openid', 'profile', 'email'],\n isOrchestrated: false,//scope.orchestrated,// TODO: fix\n }));\n }\n\n @Stage('collectData') async collectData() {\n const {resource, baseUrl, scopesSupported, isOrchestrated} = this.state.required;\n\n if (isOrchestrated) {\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n resource,\n authorization_servers: [baseUrl],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n return;\n }\n const issuer = this.scope.auth.issuer;\n // Transparent scope\n this.respond({\n kind: 'json',\n status: 200,\n contentType: 'application/json; charset=utf-8',\n body: {\n resource,\n authorization_servers: [issuer],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n }\n}\n"]}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { URL } from 'url';
|
|
2
|
+
import { FrontMcpAuth, FrontMcpLogger, LocalAuthOptions, ServerRequest } from '../../common';
|
|
3
|
+
import ProviderRegistry from '../../provider/provider.registry';
|
|
4
|
+
export declare class LocalPrimaryAuth extends FrontMcpAuth {
|
|
5
|
+
private providers;
|
|
6
|
+
readonly host: string;
|
|
7
|
+
readonly port: number;
|
|
8
|
+
readonly issuer: string;
|
|
9
|
+
readonly keys: any[];
|
|
10
|
+
readonly secret: Uint8Array;
|
|
11
|
+
readonly logger: FrontMcpLogger;
|
|
12
|
+
private jwks;
|
|
13
|
+
constructor(providers: ProviderRegistry, metadata: LocalAuthOptions);
|
|
14
|
+
signAnonymousJwt(): Promise<string>;
|
|
15
|
+
protected initialize(): Promise<void>;
|
|
16
|
+
fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response>;
|
|
17
|
+
validate(request: ServerRequest): Promise<void>;
|
|
18
|
+
private registerAuthFlows;
|
|
19
|
+
}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.LocalPrimaryAuth = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const jose_1 = require("jose");
|
|
6
|
+
const crypto_1 = require("crypto");
|
|
7
|
+
const common_1 = require("../../common");
|
|
8
|
+
const well_known_prm_flow_1 = tslib_1.__importDefault(require("../flows/well-known.prm.flow"));
|
|
9
|
+
const well_known_oauth_authorization_server_flow_1 = tslib_1.__importDefault(require("../flows/well-known.oauth-authorization-server.flow"));
|
|
10
|
+
const well_known_jwks_flow_1 = tslib_1.__importDefault(require("../flows/well-known.jwks.flow"));
|
|
11
|
+
const session_verify_flow_1 = tslib_1.__importDefault(require("../flows/session.verify.flow"));
|
|
12
|
+
const oauth_authorize_flow_1 = tslib_1.__importDefault(require("../flows/oauth.authorize.flow"));
|
|
13
|
+
const oauth_register_flow_1 = tslib_1.__importDefault(require("../flows/oauth.register.flow"));
|
|
14
|
+
const oauth_token_flow_1 = tslib_1.__importDefault(require("../flows/oauth.token.flow"));
|
|
15
|
+
const jwks_1 = require("../jwks");
|
|
16
|
+
const DEFAULT_NO_AUTH_SECRET = (0, crypto_1.randomBytes)(32);
|
|
17
|
+
class LocalPrimaryAuth extends common_1.FrontMcpAuth {
|
|
18
|
+
providers;
|
|
19
|
+
host;
|
|
20
|
+
port;
|
|
21
|
+
issuer;
|
|
22
|
+
keys = [];
|
|
23
|
+
secret;
|
|
24
|
+
logger;
|
|
25
|
+
jwks = new jwks_1.JwksService();
|
|
26
|
+
constructor(providers, metadata) {
|
|
27
|
+
super(metadata);
|
|
28
|
+
this.providers = providers;
|
|
29
|
+
this.logger = this.providers.getActiveScope().logger.child('LocalPrimaryAuth');
|
|
30
|
+
this.port = this.providers.getActiveScope().metadata.http?.port ?? 3001;
|
|
31
|
+
this.host = 'localhost';
|
|
32
|
+
this.issuer = `http://${this.host}:${this.port}`;
|
|
33
|
+
if (process.env["JWT_SECRET"]) {
|
|
34
|
+
this.secret = new TextEncoder().encode(process.env["JWT_SECRET"]);
|
|
35
|
+
}
|
|
36
|
+
else {
|
|
37
|
+
this.logger.warn('JWT_SECRET is not set, using default secret');
|
|
38
|
+
this.secret = DEFAULT_NO_AUTH_SECRET;
|
|
39
|
+
}
|
|
40
|
+
this.ready = this.initialize();
|
|
41
|
+
}
|
|
42
|
+
async signAnonymousJwt() {
|
|
43
|
+
const sub = (0, crypto_1.randomUUID)();
|
|
44
|
+
return new jose_1.SignJWT({ sub, role: 'user', anonymous: true })
|
|
45
|
+
.setProtectedHeader({ alg: 'HS256', typ: 'JWT' })
|
|
46
|
+
.setIssuedAt()
|
|
47
|
+
.setIssuer(this.issuer)
|
|
48
|
+
.setExpirationTime('1d')
|
|
49
|
+
.sign(this.secret);
|
|
50
|
+
}
|
|
51
|
+
async initialize() {
|
|
52
|
+
// TODO: create separated jwk service for local/remote auth options
|
|
53
|
+
this.providers.injectProvider({
|
|
54
|
+
value: this.jwks,
|
|
55
|
+
metadata: {
|
|
56
|
+
scope: common_1.ProviderScope.GLOBAL,
|
|
57
|
+
name: 'auth:jwk-service',
|
|
58
|
+
},
|
|
59
|
+
provide: jwks_1.JwksService,
|
|
60
|
+
});
|
|
61
|
+
await this.registerAuthFlows();
|
|
62
|
+
return Promise.resolve();
|
|
63
|
+
}
|
|
64
|
+
fetch(input, init) {
|
|
65
|
+
return fetch(input, init);
|
|
66
|
+
}
|
|
67
|
+
validate(request) {
|
|
68
|
+
return Promise.resolve();
|
|
69
|
+
}
|
|
70
|
+
async registerAuthFlows() {
|
|
71
|
+
const scope = this.providers.getActiveScope();
|
|
72
|
+
await scope.registryFlows(well_known_prm_flow_1.default, /** /.well-known/oauth-protected-resource */ well_known_oauth_authorization_server_flow_1.default, /** /.well-known/oauth-authorization-server */ well_known_jwks_flow_1.default, /** /.well-known/jwks.json */ session_verify_flow_1.default, /** Session verification flow */ oauth_authorize_flow_1.default, oauth_token_flow_1.default, oauth_register_flow_1.default);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
exports.LocalPrimaryAuth = LocalPrimaryAuth;
|
|
76
|
+
//# sourceMappingURL=instance.local-primary-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"instance.local-primary-auth.js","sourceRoot":"","sources":["../../../../src/auth/instances/instance.local-primary-auth.ts"],"names":[],"mappings":";;;;AAAA,+BAA6B;AAE7B,mCAA+C;AAC/C,yCAA0G;AAE1G,+FAA4D;AAC5D,6IAAkF;AAClF,iGAA8D;AAC9D,+FAA6D;AAC7D,iGAA+D;AAC/D,+FAA6D;AAC7D,yFAAuD;AACvD,kCAAoC;AAGpC,MAAM,sBAAsB,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;AAE9C,MAAa,gBAAiB,SAAQ,qBAAY;IAS5B;IARX,IAAI,CAAS;IACb,IAAI,CAAS;IACb,MAAM,CAAS;IACf,IAAI,GAAU,EAAE,CAAC;IACjB,MAAM,CAAa;IACnB,MAAM,CAAiB;IACxB,IAAI,GAAG,IAAI,kBAAW,EAAE,CAAC;IAEjC,YAAoB,SAA2B,EAAE,QAA0B;QACzE,KAAK,CAAC,QAAQ,CAAC,CAAC;QADE,cAAS,GAAT,SAAS,CAAkB;QAE7C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAC/E,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC;QACxE,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QACxB,IAAI,CAAC,MAAM,GAAG,UAAU,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE,CAAA;QAEhD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAA;QACnE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,GAAG,sBAAsB,CAAC;QACvC,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IACjC,CAAC;IAGD,KAAK,CAAC,gBAAgB;QACpB,MAAM,GAAG,GAAG,IAAA,mBAAU,GAAE,CAAA;QACxB,OAAO,IAAI,cAAO,CAAC,EAAC,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAC,CAAC;aACrD,kBAAkB,CAAC,EAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAC,CAAC;aAC9C,WAAW,EAAE;aACb,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;aACtB,iBAAiB,CAAC,IAAI,CAAC;aACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACtB,CAAC;IAES,KAAK,CAAC,UAAU;QACxB,mEAAmE;QACnE,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC;YAC5B,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE;gBACR,KAAK,EAAE,sBAAa,CAAC,MAAM;gBAC3B,IAAI,EAAE,kBAAkB;aACzB;YACD,OAAO,EAAE,kBAAW;SACrB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAG/B,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAEQ,KAAK,CAAC,KAAwB,EAAE,IAAkB;QACzD,OAAO,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;IAEQ,QAAQ,CAAC,OAAsB;QACtC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAGO,KAAK,CAAC,iBAAiB;QAC7B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC;QAC9C,MAAM,KAAK,CAAC,aAAa,CACvB,6BAAgB,EAAE,4CAA4C,CAC9D,oDAAe,EAAE,8CAA8C,CAC/D,8BAAiB,EAAE,6BAA6B,CAChD,6BAAiB,EAAE,gCAAgC,CAEnD,8BAAkB,EAClB,0BAAc,EACd,6BAAiB,CAClB,CAAC;IACJ,CAAC;CACF;AA3ED,4CA2EC","sourcesContent":["import {SignJWT} from \"jose\";\nimport {URL} from 'url';\nimport {randomBytes, randomUUID} from \"crypto\";\nimport {FrontMcpAuth, FrontMcpLogger, LocalAuthOptions, ProviderScope, ServerRequest} from '../../common';\nimport ProviderRegistry from '../../provider/provider.registry';\nimport WellKnownPrmFlow from '../flows/well-known.prm.flow';\nimport WellKnownAsFlow from '../flows/well-known.oauth-authorization-server.flow';\nimport WellKnownJwksFlow from '../flows/well-known.jwks.flow';\nimport SessionVerifyFlow from '../flows/session.verify.flow';\nimport OauthAuthorizeFlow from \"../flows/oauth.authorize.flow\";\nimport OauthRegisterFlow from \"../flows/oauth.register.flow\";\nimport OauthTokenFlow from \"../flows/oauth.token.flow\";\nimport {JwksService} from \"../jwks\";\n\n\nconst DEFAULT_NO_AUTH_SECRET = randomBytes(32)\n\nexport class LocalPrimaryAuth extends FrontMcpAuth {\n readonly host: string;\n readonly port: number;\n readonly issuer: string;\n readonly keys: any[] = [];\n readonly secret: Uint8Array;\n readonly logger: FrontMcpLogger;\n private jwks = new JwksService();\n\n constructor(private providers: ProviderRegistry, metadata: LocalAuthOptions) {\n super(metadata);\n this.logger = this.providers.getActiveScope().logger.child('LocalPrimaryAuth');\n this.port = this.providers.getActiveScope().metadata.http?.port ?? 3001;\n this.host = 'localhost';\n this.issuer = `http://${this.host}:${this.port}`\n\n if (process.env[\"JWT_SECRET\"]) {\n this.secret = new TextEncoder().encode(process.env[\"JWT_SECRET\"])\n } else {\n this.logger.warn('JWT_SECRET is not set, using default secret')\n this.secret = DEFAULT_NO_AUTH_SECRET;\n }\n this.ready = this.initialize();\n }\n\n\n async signAnonymousJwt() {\n const sub = randomUUID()\n return new SignJWT({sub, role: 'user', anonymous: true})\n .setProtectedHeader({alg: 'HS256', typ: 'JWT'})\n .setIssuedAt()\n .setIssuer(this.issuer)\n .setExpirationTime('1d')\n .sign(this.secret)\n }\n\n protected async initialize(): Promise<void> {\n // TODO: create separated jwk service for local/remote auth options\n this.providers.injectProvider({\n value: this.jwks,\n metadata: {\n scope: ProviderScope.GLOBAL,\n name: 'auth:jwk-service',\n },\n provide: JwksService,\n });\n\n await this.registerAuthFlows();\n\n\n return Promise.resolve();\n }\n\n override fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response> {\n return fetch(input, init);\n }\n\n override validate(request: ServerRequest): Promise<void> {\n return Promise.resolve();\n }\n\n\n private async registerAuthFlows() {\n const scope = this.providers.getActiveScope();\n await scope.registryFlows(\n WellKnownPrmFlow, /** /.well-known/oauth-protected-resource */\n WellKnownAsFlow, /** /.well-known/oauth-authorization-server */\n WellKnownJwksFlow, /** /.well-known/jwks.json */\n SessionVerifyFlow, /** Session verification flow */\n\n OauthAuthorizeFlow,\n OauthTokenFlow,\n OauthRegisterFlow\n );\n }\n}"]}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { FrontMcpAuth, RemoteAuthOptions, ServerRequest } from '../../common';
|
|
2
|
+
import { URL } from 'url';
|
|
3
|
+
import ProviderRegistry from '../../provider/provider.registry';
|
|
4
|
+
export declare class RemotePrimaryAuth extends FrontMcpAuth<RemoteAuthOptions> {
|
|
5
|
+
private readonly providers;
|
|
6
|
+
ready: Promise<void>;
|
|
7
|
+
private jwks;
|
|
8
|
+
constructor(providers: ProviderRegistry, options: RemoteAuthOptions);
|
|
9
|
+
fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response>;
|
|
10
|
+
validate(request: ServerRequest): Promise<void>;
|
|
11
|
+
get issuer(): string;
|
|
12
|
+
protected initialize(): Promise<void>;
|
|
13
|
+
private registerAuthFlows;
|
|
14
|
+
}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RemotePrimaryAuth = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const common_1 = require("../../common");
|
|
6
|
+
const jwks_1 = require("../jwks");
|
|
7
|
+
const well_known_prm_flow_1 = tslib_1.__importDefault(require("../flows/well-known.prm.flow"));
|
|
8
|
+
const well_known_oauth_authorization_server_flow_1 = tslib_1.__importDefault(require("../flows/well-known.oauth-authorization-server.flow"));
|
|
9
|
+
const well_known_jwks_flow_1 = tslib_1.__importDefault(require("../flows/well-known.jwks.flow"));
|
|
10
|
+
const session_verify_flow_1 = tslib_1.__importDefault(require("../flows/session.verify.flow"));
|
|
11
|
+
class RemotePrimaryAuth extends common_1.FrontMcpAuth {
|
|
12
|
+
providers;
|
|
13
|
+
ready;
|
|
14
|
+
jwks = new jwks_1.JwksService();
|
|
15
|
+
constructor(providers, options) {
|
|
16
|
+
super(options);
|
|
17
|
+
this.providers = providers;
|
|
18
|
+
this.ready = this.initialize();
|
|
19
|
+
}
|
|
20
|
+
fetch(input, init) {
|
|
21
|
+
return fetch(input, init);
|
|
22
|
+
}
|
|
23
|
+
validate(request) {
|
|
24
|
+
return Promise.resolve();
|
|
25
|
+
}
|
|
26
|
+
get issuer() {
|
|
27
|
+
return this.options.baseUrl;
|
|
28
|
+
}
|
|
29
|
+
async initialize() {
|
|
30
|
+
const scope = this.providers.getActiveScope();
|
|
31
|
+
this.providers.injectProvider({
|
|
32
|
+
value: this.jwks,
|
|
33
|
+
metadata: {
|
|
34
|
+
scope: common_1.ProviderScope.GLOBAL,
|
|
35
|
+
name: 'auth:jwk-service',
|
|
36
|
+
},
|
|
37
|
+
provide: jwks_1.JwksService,
|
|
38
|
+
});
|
|
39
|
+
await this.registerAuthFlows(scope);
|
|
40
|
+
return Promise.resolve();
|
|
41
|
+
}
|
|
42
|
+
async registerAuthFlows(scope) {
|
|
43
|
+
await scope.registryFlows(well_known_prm_flow_1.default, /** /.well-known/oauth-protected-resource */ well_known_oauth_authorization_server_flow_1.default, /** /.well-known/oauth-authorization-server */ well_known_jwks_flow_1.default, /** /.well-known/jwks.json */ session_verify_flow_1.default);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
exports.RemotePrimaryAuth = RemotePrimaryAuth;
|
|
47
|
+
//# sourceMappingURL=instance.remote-primary-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"instance.remote-primary-auth.js","sourceRoot":"","sources":["../../../../src/auth/instances/instance.remote-primary-auth.ts"],"names":[],"mappings":";;;;AAAA,yCAA2F;AAG3F,kCAAoC;AACpC,+FAA4D;AAC5D,6IAAkF;AAClF,iGAA8D;AAC9D,+FAA6D;AAI7D,MAAa,iBAAkB,SAAQ,qBAA+B;IAIvC;IAHpB,KAAK,CAAgB;IACtB,IAAI,GAAG,IAAI,kBAAW,EAAE,CAAC;IAEjC,YAA6B,SAA2B,EAAE,OAA0B;QAClF,KAAK,CAAC,OAAO,CAAC,CAAC;QADY,cAAS,GAAT,SAAS,CAAkB;QAEtD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;IACjC,CAAC;IAEQ,KAAK,CAAC,KAAwB,EAAE,IAAkB;QACzD,OAAO,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;IAEQ,QAAQ,CAAC,OAAsB;QACtC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAGD,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;IAC9B,CAAC;IAES,KAAK,CAAC,UAAU;QACxB,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,CAAC;QAE9C,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC;YAC5B,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE;gBACR,KAAK,EAAE,sBAAa,CAAC,MAAM;gBAC3B,IAAI,EAAE,kBAAkB;aACzB;YACD,OAAO,EAAE,kBAAW;SACrB,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAGO,KAAK,CAAC,iBAAiB,CAAC,KAAY;QAC1C,MAAM,KAAK,CAAC,aAAa,CACvB,6BAAgB,EAAE,4CAA4C,CAC9D,oDAAe,EAAE,8CAA8C,CAC/D,8BAAiB,EAAE,6BAA6B,CAChD,6BAAiB,CAClB,CAAC;IACJ,CAAC;CACF;AA/CD,8CA+CC","sourcesContent":["import {FrontMcpAuth, ProviderScope, RemoteAuthOptions, ServerRequest} from '../../common';\nimport {URL} from 'url';\nimport ProviderRegistry from '../../provider/provider.registry';\nimport {JwksService} from '../jwks';\nimport WellKnownPrmFlow from '../flows/well-known.prm.flow';\nimport WellKnownAsFlow from '../flows/well-known.oauth-authorization-server.flow';\nimport WellKnownJwksFlow from '../flows/well-known.jwks.flow';\nimport SessionVerifyFlow from '../flows/session.verify.flow';\nimport {Scope} from '../../scope';\n\n\nexport class RemotePrimaryAuth extends FrontMcpAuth<RemoteAuthOptions> {\n override ready: Promise<void>;\n private jwks = new JwksService();\n\n constructor(private readonly providers: ProviderRegistry, options: RemoteAuthOptions) {\n super(options);\n this.ready = this.initialize();\n }\n\n override fetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response> {\n return fetch(input, init);\n }\n\n override validate(request: ServerRequest): Promise<void> {\n return Promise.resolve();\n }\n\n\n get issuer(): string {\n return this.options.baseUrl;\n }\n\n protected async initialize() {\n const scope = this.providers.getActiveScope();\n\n this.providers.injectProvider({\n value: this.jwks,\n metadata: {\n scope: ProviderScope.GLOBAL,\n name: 'auth:jwk-service',\n },\n provide: JwksService,\n });\n\n await this.registerAuthFlows(scope);\n return Promise.resolve();\n }\n\n\n private async registerAuthFlows(scope: Scope) {\n await scope.registryFlows(\n WellKnownPrmFlow, /** /.well-known/oauth-protected-resource */\n WellKnownAsFlow, /** /.well-known/oauth-authorization-server */\n WellKnownJwksFlow, /** /.well-known/jwks.json */\n SessionVerifyFlow, /** Session verification flow */\n );\n }\n}"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/auth/jwks/index.ts"],"names":[],"mappings":";;;AAAA,yDAA+B;AAC/B,uDAA6B","sourcesContent":["export * from './jwks.service';\nexport * from './jwks.types';\n"]}
|