npm - @frontmcp/sdk - Versions diffs - 0.4.1 → 0.5.0 - Mend

@frontmcp/sdk 0.4.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (558) hide show

package/README.md +30 -18
package/package.json +20 -5
package/src/app/app.registry.d.ts +3 -2
package/src/app/app.registry.js +3 -1
package/src/app/app.registry.js.map +1 -1
package/src/app/instances/app.local.instance.js +2 -2
package/src/app/instances/app.local.instance.js.map +1 -1
package/src/auth/auth.registry.d.ts +34 -2
package/src/auth/auth.registry.js +162 -24
package/src/auth/auth.registry.js.map +1 -1
package/src/auth/auth.utils.js +8 -9
package/src/auth/auth.utils.js.map +1 -1
package/src/auth/authorization/authorization.class.d.ts +125 -0
package/src/auth/authorization/authorization.class.js +224 -0
package/src/auth/authorization/authorization.class.js.map +1 -0
package/src/auth/authorization/authorization.types.d.ts +300 -0
package/src/auth/authorization/authorization.types.js +79 -0
package/src/auth/authorization/authorization.types.js.map +1 -0
package/src/auth/authorization/index.d.ts +5 -0
package/src/auth/authorization/index.js +19 -0
package/src/auth/authorization/index.js.map +1 -0
package/src/auth/authorization/orchestrated.authorization.d.ts +242 -0
package/src/auth/authorization/orchestrated.authorization.js +306 -0
package/src/auth/authorization/orchestrated.authorization.js.map +1 -0
package/src/auth/authorization/public.authorization.d.ts +91 -0
package/src/auth/authorization/public.authorization.js +132 -0
package/src/auth/authorization/public.authorization.js.map +1 -0
package/src/auth/authorization/transparent.authorization.d.ts +130 -0
package/src/auth/authorization/transparent.authorization.js +147 -0
package/src/auth/authorization/transparent.authorization.js.map +1 -0
package/src/auth/consent/consent.types.d.ts +111 -0
package/src/auth/consent/consent.types.js +119 -0
package/src/auth/consent/consent.types.js.map +1 -0
package/src/auth/consent/index.d.ts +1 -0
package/src/auth/consent/index.js +13 -0
package/src/auth/consent/index.js.map +1 -0
package/src/auth/detection/auth-provider-detection.d.ts +84 -0
package/src/auth/detection/auth-provider-detection.js +230 -0
package/src/auth/detection/auth-provider-detection.js.map +1 -0
package/src/auth/detection/index.d.ts +1 -0
package/src/auth/detection/index.js +15 -0
package/src/auth/detection/index.js.map +1 -0
package/src/auth/flows/auth.verify.flow.d.ts +110 -0
package/src/auth/flows/auth.verify.flow.js +379 -0
package/src/auth/flows/auth.verify.flow.js.map +1 -0
package/src/auth/flows/oauth.authorize.flow.d.ts +118 -164
package/src/auth/flows/oauth.authorize.flow.js +701 -33
package/src/auth/flows/oauth.authorize.flow.js.map +1 -1
package/src/auth/flows/oauth.callback.flow.d.ts +117 -0
package/src/auth/flows/oauth.callback.flow.js +357 -0
package/src/auth/flows/oauth.callback.flow.js.map +1 -0
package/src/auth/flows/oauth.register.flow.d.ts +32 -125
package/src/auth/flows/oauth.token.flow.d.ts +52 -154
package/src/auth/flows/oauth.token.flow.js +193 -55
package/src/auth/flows/oauth.token.flow.js.map +1 -1
package/src/auth/flows/session.verify.flow.d.ts +66 -321
package/src/auth/flows/session.verify.flow.js +107 -18
package/src/auth/flows/session.verify.flow.js.map +1 -1
package/src/auth/flows/well-known.jwks.flow.d.ts +34 -205
package/src/auth/flows/well-known.jwks.flow.js +15 -8
package/src/auth/flows/well-known.jwks.flow.js.map +1 -1
package/src/auth/flows/well-known.oauth-authorization-server.flow.d.ts +48 -223
package/src/auth/flows/well-known.oauth-authorization-server.flow.js +2 -3
package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +1 -1
package/src/auth/flows/well-known.prm.flow.d.ts +19 -120
package/src/auth/flows/well-known.prm.flow.js +3 -4
package/src/auth/flows/well-known.prm.flow.js.map +1 -1
package/src/auth/instances/instance.local-primary-auth.d.ts +91 -4
package/src/auth/instances/instance.local-primary-auth.js +236 -6
package/src/auth/instances/instance.local-primary-auth.js.map +1 -1
package/src/auth/instances/instance.remote-primary-auth.d.ts +4 -3
package/src/auth/instances/instance.remote-primary-auth.js +2 -2
package/src/auth/instances/instance.remote-primary-auth.js.map +1 -1
package/src/auth/session/authorization-vault.d.ts +611 -0
package/src/auth/session/authorization-vault.js +817 -0
package/src/auth/session/authorization-vault.js.map +1 -0
package/src/auth/session/authorization.store.d.ts +301 -0
package/src/auth/session/authorization.store.js +323 -0
package/src/auth/session/authorization.store.js.map +1 -0
package/src/auth/session/encrypted-authorization-vault.d.ts +181 -0
package/src/auth/session/encrypted-authorization-vault.js +493 -0
package/src/auth/session/encrypted-authorization-vault.js.map +1 -0
package/src/auth/session/index.d.ts +4 -4
package/src/auth/session/index.js +11 -7
package/src/auth/session/index.js.map +1 -1
package/src/auth/session/session.schema.d.ts +1 -1
package/src/auth/session/session.service.d.ts +1 -1
package/src/auth/session/transport-session.manager.d.ts +101 -0
package/src/auth/session/transport-session.manager.js +300 -0
package/src/auth/session/transport-session.manager.js.map +1 -0
package/src/auth/session/transport-session.types.d.ts +457 -0
package/src/auth/session/transport-session.types.js +110 -0
package/src/auth/session/transport-session.types.js.map +1 -0
package/src/auth/session/utils/session-id.utils.d.ts +14 -2
package/src/auth/session/utils/session-id.utils.js +68 -19
package/src/auth/session/utils/session-id.utils.js.map +1 -1
package/src/auth/session/vault-encryption.d.ts +189 -0
package/src/auth/session/vault-encryption.js +263 -0
package/src/auth/session/vault-encryption.js.map +1 -0
package/src/auth/ui/base-layout.d.ts +188 -0
package/src/auth/ui/base-layout.js +292 -0
package/src/auth/ui/base-layout.js.map +1 -0
package/src/auth/ui/htmx-templates.d.ts +135 -0
package/src/auth/ui/htmx-templates.js +433 -0
package/src/auth/ui/htmx-templates.js.map +1 -0
package/src/auth/ui/index.d.ts +11 -0
package/src/auth/ui/index.js +35 -0
package/src/auth/ui/index.js.map +1 -0
package/src/auth/utils/audience.validator.d.ts +129 -0
package/src/auth/utils/audience.validator.js +196 -0
package/src/auth/utils/audience.validator.js.map +1 -0
package/src/auth/utils/index.d.ts +2 -0
package/src/auth/utils/index.js +7 -0
package/src/auth/utils/index.js.map +1 -0
package/src/auth/utils/www-authenticate.utils.d.ts +97 -0
package/src/auth/utils/www-authenticate.utils.js +183 -0
package/src/auth/utils/www-authenticate.utils.js.map +1 -0
package/src/common/common.schema.d.ts +2 -16
package/src/common/constants.d.ts +3 -0
package/src/common/constants.js +6 -1
package/src/common/constants.js.map +1 -1
package/src/common/decorators/decorator-utils.d.ts +131 -0
package/src/common/decorators/decorator-utils.js +195 -0
package/src/common/decorators/decorator-utils.js.map +1 -0
package/src/common/decorators/front-mcp.decorator.js +3 -2
package/src/common/decorators/front-mcp.decorator.js.map +1 -1
package/src/common/decorators/hook.decorator.d.ts +58 -2
package/src/common/decorators/hook.decorator.js +127 -17
package/src/common/decorators/hook.decorator.js.map +1 -1
package/src/common/decorators/plugin.decorator.d.ts +1 -1
package/src/common/decorators/plugin.decorator.js +11 -10
package/src/common/decorators/plugin.decorator.js.map +1 -1
package/src/common/decorators/resource.decorator.d.ts +32 -3
package/src/common/decorators/resource.decorator.js +46 -4
package/src/common/decorators/resource.decorator.js.map +1 -1
package/src/common/decorators/tool.decorator.d.ts +54 -5
package/src/common/decorators/tool.decorator.js.map +1 -1
package/src/common/dynamic/dynamic.plugin.d.ts +22 -11
package/src/common/dynamic/dynamic.plugin.js +7 -1
package/src/common/dynamic/dynamic.plugin.js.map +1 -1
package/src/common/entries/prompt.entry.d.ts +46 -2
package/src/common/entries/prompt.entry.js +10 -0
package/src/common/entries/prompt.entry.js.map +1 -1
package/src/common/entries/resource.entry.d.ts +69 -6
package/src/common/entries/resource.entry.js +27 -3
package/src/common/entries/resource.entry.js.map +1 -1
package/src/common/entries/scope.entry.d.ts +5 -1
package/src/common/entries/scope.entry.js +3 -3
package/src/common/entries/scope.entry.js.map +1 -1
package/src/common/flow/flow.utils.d.ts +56 -0
package/src/common/flow/flow.utils.js +96 -0
package/src/common/flow/flow.utils.js.map +1 -0
package/src/common/index.d.ts +2 -2
package/src/common/index.js +2 -2
package/src/common/index.js.map +1 -1
package/src/common/interfaces/execution-context.interface.d.ts +59 -0
package/src/common/interfaces/execution-context.interface.js +81 -0
package/src/common/interfaces/execution-context.interface.js.map +1 -0
package/src/common/interfaces/flow.interface.d.ts +1 -1
package/src/common/interfaces/flow.interface.js.map +1 -1
package/src/common/interfaces/index.d.ts +1 -0
package/src/common/interfaces/index.js +1 -0
package/src/common/interfaces/index.js.map +1 -1
package/src/common/interfaces/internal/primary-auth-provider.interface.d.ts +17 -2
package/src/common/interfaces/internal/primary-auth-provider.interface.js +52 -4
package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +1 -1
package/src/common/interfaces/internal/registry.interface.d.ts +16 -2
package/src/common/interfaces/internal/registry.interface.js.map +1 -1
package/src/common/interfaces/plugin.interface.js.map +1 -1
package/src/common/interfaces/prompt.interface.d.ts +53 -4
package/src/common/interfaces/prompt.interface.js +78 -0
package/src/common/interfaces/prompt.interface.js.map +1 -1
package/src/common/interfaces/resource.interface.d.ts +47 -17
package/src/common/interfaces/resource.interface.js +53 -0
package/src/common/interfaces/resource.interface.js.map +1 -1
package/src/common/interfaces/tool.interface.d.ts +39 -22
package/src/common/interfaces/tool.interface.js +61 -34
package/src/common/interfaces/tool.interface.js.map +1 -1
package/src/common/metadata/adapter.metadata.d.ts +1 -9
package/src/common/metadata/app.metadata.d.ts +425 -730
package/src/common/metadata/auth-provider.metadata.d.ts +2 -12
package/src/common/metadata/flow.metadata.d.ts +10 -25
package/src/common/metadata/front-mcp.metadata.d.ts +602 -1023
package/src/common/metadata/front-mcp.metadata.js +6 -4
package/src/common/metadata/front-mcp.metadata.js.map +1 -1
package/src/common/metadata/hook.metadata.d.ts +1 -1
package/src/common/metadata/hook.metadata.js.map +1 -1
package/src/common/metadata/index.d.ts +1 -0
package/src/common/metadata/index.js +1 -0
package/src/common/metadata/index.js.map +1 -1
package/src/common/metadata/logger.metadata.d.ts +1 -9
package/src/common/metadata/plugin.metadata.d.ts +8 -30
package/src/common/metadata/prompt.metadata.d.ts +4 -161
package/src/common/metadata/provider.metadata.d.ts +2 -12
package/src/common/metadata/resource.metadata.d.ts +6 -98
package/src/common/metadata/resource.metadata.js +15 -6
package/src/common/metadata/resource.metadata.js.map +1 -1
package/src/common/metadata/tool-ui.metadata.d.ts +10 -0
package/src/common/metadata/tool-ui.metadata.js +12 -0
package/src/common/metadata/tool-ui.metadata.js.map +1 -0
package/src/common/metadata/tool.metadata.d.ts +78 -199
package/src/common/metadata/tool.metadata.js +11 -14
package/src/common/metadata/tool.metadata.js.map +1 -1
package/src/common/providers/base-config.provider.d.ts +84 -0
package/src/common/providers/base-config.provider.js +128 -0
package/src/common/providers/base-config.provider.js.map +1 -0
package/src/common/records/plugin.record.d.ts +5 -6
package/src/common/records/plugin.record.js.map +1 -1
package/src/common/records/prompt.record.js.map +1 -1
package/src/common/records/resource.record.d.ts +17 -1
package/src/common/records/resource.record.js +12 -6
package/src/common/records/resource.record.js.map +1 -1
package/src/common/records/tool.record.js.map +1 -1
package/src/common/schemas/annotated-class.schema.d.ts +9 -9
package/src/common/schemas/annotated-class.schema.js +92 -27
package/src/common/schemas/annotated-class.schema.js.map +1 -1
package/src/common/schemas/http-input.schema.d.ts +6 -30
package/src/common/schemas/http-output.schema.d.ts +326 -1630
package/src/common/schemas/http-output.schema.js +39 -1
package/src/common/schemas/http-output.schema.js.map +1 -1
package/src/common/tokens/front-mcp.tokens.js +4 -1
package/src/common/tokens/front-mcp.tokens.js.map +1 -1
package/src/common/tokens/resource.tokens.d.ts +2 -0
package/src/common/tokens/resource.tokens.js +4 -1
package/src/common/tokens/resource.tokens.js.map +1 -1
package/src/common/tokens/tool.tokens.d.ts +2 -0
package/src/common/tokens/tool.tokens.js +2 -0
package/src/common/tokens/tool.tokens.js.map +1 -1
package/src/common/types/auth/jwt.types.d.ts +5 -31
package/src/common/types/auth/session.types.d.ts +97 -192
package/src/common/types/auth/session.types.js +24 -11
package/src/common/types/auth/session.types.js.map +1 -1
package/src/common/types/options/auth.options.d.ts +1013 -490
package/src/common/types/options/auth.options.js +554 -36
package/src/common/types/options/auth.options.js.map +1 -1
package/src/common/types/options/http.options.d.ts +1 -9
package/src/common/types/options/logging.options.d.ts +7 -13
package/src/common/types/options/logging.options.js +4 -0
package/src/common/types/options/logging.options.js.map +1 -1
package/src/common/types/options/server-info.options.d.ts +3 -31
package/src/common/types/options/session.options.d.ts +90 -10
package/src/common/types/options/session.options.js +26 -3
package/src/common/types/options/session.options.js.map +1 -1
package/src/common/utils/decide-request-intent.utils.d.ts +8 -46
package/src/common/utils/decide-request-intent.utils.js +88 -23
package/src/common/utils/decide-request-intent.utils.js.map +1 -1
package/src/completion/flows/complete.flow.d.ts +74 -0
package/src/completion/flows/complete.flow.js +199 -0
package/src/completion/flows/complete.flow.js.map +1 -0
package/src/errors/authorization-required.error.d.ts +189 -0
package/src/errors/authorization-required.error.js +274 -0
package/src/errors/authorization-required.error.js.map +1 -0
package/src/errors/index.d.ts +2 -1
package/src/errors/index.js +17 -1
package/src/errors/index.js.map +1 -1
package/src/errors/mcp.error.d.ts +101 -1
package/src/errors/mcp.error.js +147 -2
package/src/errors/mcp.error.js.map +1 -1
package/src/flows/flow.instance.js +4 -3
package/src/flows/flow.instance.js.map +1 -1
package/src/flows/flow.registry.js.map +1 -1
package/src/flows/flow.stages.js +14 -11
package/src/flows/flow.stages.js.map +1 -1
package/src/front-mcp/front-mcp.providers.d.ts +464 -102
package/src/front-mcp/front-mcp.providers.js +3 -5
package/src/front-mcp/front-mcp.providers.js.map +1 -1
package/src/hooks/hook.instance.d.ts +1 -1
package/src/hooks/hook.instance.js +5 -2
package/src/hooks/hook.instance.js.map +1 -1
package/src/hooks/hook.registry.js +7 -5
package/src/hooks/hook.registry.js.map +1 -1
package/src/index.d.ts +28 -9
package/src/index.js +5 -1
package/src/index.js.map +1 -1
package/src/logger/instances/instance.logger.js +3 -2
package/src/logger/instances/instance.logger.js.map +1 -1
package/src/logger/logger.registry.js +7 -2
package/src/logger/logger.registry.js.map +1 -1
package/src/logging/flows/set-level.flow.d.ts +62 -0
package/src/logging/flows/set-level.flow.js +108 -0
package/src/logging/flows/set-level.flow.js.map +1 -0
package/src/mcp-apps/csp.d.ts +111 -0
package/src/mcp-apps/csp.js +267 -0
package/src/mcp-apps/csp.js.map +1 -0
package/src/mcp-apps/index.d.ts +23 -0
package/src/mcp-apps/index.js +91 -0
package/src/mcp-apps/index.js.map +1 -0
package/src/mcp-apps/schemas.d.ts +403 -0
package/src/mcp-apps/schemas.js +345 -0
package/src/mcp-apps/schemas.js.map +1 -0
package/src/mcp-apps/template.d.ts +94 -0
package/src/mcp-apps/template.js +419 -0
package/src/mcp-apps/template.js.map +1 -0
package/src/mcp-apps/types.d.ts +323 -0
package/src/mcp-apps/types.js +59 -0
package/src/mcp-apps/types.js.map +1 -0
package/src/notification/index.d.ts +1 -0
package/src/notification/index.js +13 -0
package/src/notification/index.js.map +1 -0
package/src/notification/notification.service.d.ts +378 -0
package/src/notification/notification.service.js +727 -0
package/src/notification/notification.service.js.map +1 -0
package/src/plugin/plugin.registry.js +12 -9
package/src/plugin/plugin.registry.js.map +1 -1
package/src/prompt/flows/get-prompt.flow.d.ts +153 -0
package/src/prompt/flows/get-prompt.flow.js +214 -0
package/src/prompt/flows/get-prompt.flow.js.map +1 -0
package/src/prompt/flows/prompts-list.flow.d.ts +67 -0
package/src/prompt/flows/prompts-list.flow.js +176 -0
package/src/prompt/flows/prompts-list.flow.js.map +1 -0
package/src/prompt/index.d.ts +7 -0
package/src/prompt/index.js +17 -0
package/src/prompt/index.js.map +1 -0
package/src/prompt/prompt.events.d.ts +17 -0
package/src/prompt/prompt.events.js +25 -0
package/src/prompt/prompt.events.js.map +1 -0
package/src/prompt/prompt.instance.d.ts +30 -0
package/src/prompt/prompt.instance.js +120 -0
package/src/prompt/prompt.instance.js.map +1 -0
package/src/prompt/prompt.registry.d.ts +79 -12
package/src/prompt/prompt.registry.js +360 -15
package/src/prompt/prompt.registry.js.map +1 -1
package/src/prompt/prompt.types.d.ts +26 -0
package/src/prompt/prompt.types.js +11 -0
package/src/prompt/prompt.types.js.map +1 -0
package/src/prompt/prompt.utils.d.ts +26 -0
package/src/prompt/prompt.utils.js +136 -0
package/src/prompt/prompt.utils.js.map +1 -0
package/src/provider/provider.registry.d.ts +12 -5
package/src/provider/provider.registry.js +30 -138
package/src/provider/provider.registry.js.map +1 -1
package/src/regsitry/registry.base.d.ts +1 -1
package/src/regsitry/registry.base.js.map +1 -1
package/src/resource/flows/read-resource.flow.d.ts +91 -0
package/src/resource/flows/read-resource.flow.js +270 -0
package/src/resource/flows/read-resource.flow.js.map +1 -0
package/src/resource/flows/resource-templates-list.flow.d.ts +64 -0
package/src/resource/flows/resource-templates-list.flow.js +191 -0
package/src/resource/flows/resource-templates-list.flow.js.map +1 -0
package/src/resource/flows/resources-list.flow.d.ts +64 -0
package/src/resource/flows/resources-list.flow.js +196 -0
package/src/resource/flows/resources-list.flow.js.map +1 -0
package/src/resource/flows/subscribe-resource.flow.d.ts +45 -0
package/src/resource/flows/subscribe-resource.flow.js +123 -0
package/src/resource/flows/subscribe-resource.flow.js.map +1 -0
package/src/resource/flows/unsubscribe-resource.flow.d.ts +44 -0
package/src/resource/flows/unsubscribe-resource.flow.js +107 -0
package/src/resource/flows/unsubscribe-resource.flow.js.map +1 -0
package/src/resource/index.d.ts +8 -0
package/src/resource/index.js +20 -0
package/src/resource/index.js.map +1 -0
package/src/resource/resource.events.d.ts +24 -0
package/src/resource/resource.events.js +17 -0
package/src/resource/resource.events.js.map +1 -0
package/src/resource/resource.instance.d.ts +35 -0
package/src/resource/resource.instance.js +163 -0
package/src/resource/resource.instance.js.map +1 -0
package/src/resource/resource.registry.d.ts +106 -12
package/src/resource/resource.registry.js +449 -13
package/src/resource/resource.registry.js.map +1 -1
package/src/resource/resource.types.d.ts +35 -0
package/src/resource/resource.types.js +11 -0
package/src/resource/resource.types.js.map +1 -0
package/src/resource/resource.utils.d.ts +30 -0
package/src/resource/resource.utils.js +151 -0
package/src/resource/resource.utils.js.map +1 -0
package/src/scope/flows/http.request.flow.d.ts +48 -330
package/src/scope/flows/http.request.flow.js +306 -78
package/src/scope/flows/http.request.flow.js.map +1 -1
package/src/scope/scope.instance.d.ts +12 -0
package/src/scope/scope.instance.js +145 -15
package/src/scope/scope.instance.js.map +1 -1
package/src/tool/flows/call-tool.flow.d.ts +64 -1110
package/src/tool/flows/call-tool.flow.js +303 -15
package/src/tool/flows/call-tool.flow.js.map +1 -1
package/src/tool/flows/tools-list.flow.d.ts +32 -473
package/src/tool/flows/tools-list.flow.js +121 -40
package/src/tool/flows/tools-list.flow.js.map +1 -1
package/src/tool/tool.events.d.ts +8 -1
package/src/tool/tool.events.js.map +1 -1
package/src/tool/tool.instance.d.ts +3 -1
package/src/tool/tool.instance.js +17 -3
package/src/tool/tool.instance.js.map +1 -1
package/src/tool/tool.registry.d.ts +7 -1
package/src/tool/tool.registry.js +26 -10
package/src/tool/tool.registry.js.map +1 -1
package/src/tool/tool.types.d.ts +4 -4
package/src/tool/tool.types.js.map +1 -1
package/src/tool/tool.utils.d.ts +3 -12
package/src/tool/tool.utils.js +39 -193
package/src/tool/tool.utils.js.map +1 -1
package/src/tool/ui/index.d.ts +22 -0
package/src/tool/ui/index.js +63 -0
package/src/tool/ui/index.js.map +1 -0
package/src/tool/ui/platform-adapters.d.ts +10 -0
package/src/tool/ui/platform-adapters.js +18 -0
package/src/tool/ui/platform-adapters.js.map +1 -0
package/src/tool/ui/template-helpers.d.ts +46 -0
package/src/tool/ui/template-helpers.js +112 -0
package/src/tool/ui/template-helpers.js.map +1 -0
package/src/tool/ui/ui-resource-template.d.ts +34 -0
package/src/tool/ui/ui-resource-template.js +64 -0
package/src/tool/ui/ui-resource-template.js.map +1 -0
package/src/tool/ui/ui-resource.handler.d.ts +74 -0
package/src/tool/ui/ui-resource.handler.js +129 -0
package/src/tool/ui/ui-resource.handler.js.map +1 -0
package/src/transport/adapters/transport.local.adapter.d.ts +2 -2
package/src/transport/adapters/transport.local.adapter.js +28 -7
package/src/transport/adapters/transport.local.adapter.js.map +1 -1
package/src/transport/adapters/transport.sse.adapter.d.ts +2 -2
package/src/transport/adapters/transport.sse.adapter.js +4 -3
package/src/transport/adapters/transport.sse.adapter.js.map +1 -1
package/src/transport/adapters/transport.streamable-http.adapter.d.ts +10 -3
package/src/transport/adapters/transport.streamable-http.adapter.js +54 -8
package/src/transport/adapters/transport.streamable-http.adapter.js.map +1 -1
package/src/transport/flows/handle.sse.flow.d.ts +29 -63
package/src/transport/flows/handle.sse.flow.js +78 -10
package/src/transport/flows/handle.sse.flow.js.map +1 -1
package/src/transport/flows/handle.stateless-http.flow.d.ts +29 -0
package/src/transport/flows/handle.stateless-http.flow.js +102 -0
package/src/transport/flows/handle.stateless-http.flow.js.map +1 -0
package/src/transport/flows/handle.streamable-http.flow.d.ts +32 -64
package/src/transport/flows/handle.streamable-http.flow.js +158 -26
package/src/transport/flows/handle.streamable-http.flow.js.map +1 -1
package/src/transport/legacy/legacy.sse.tranporter.d.ts +9 -0
package/src/transport/legacy/legacy.sse.tranporter.js +17 -2
package/src/transport/legacy/legacy.sse.tranporter.js.map +1 -1
package/src/transport/mcp-handlers/call-tool-request.handler.js +27 -1
package/src/transport/mcp-handlers/call-tool-request.handler.js.map +1 -1
package/src/transport/mcp-handlers/complete-request.handler.d.ts +69 -0
package/src/transport/mcp-handlers/complete-request.handler.js +11 -0
package/src/transport/mcp-handlers/complete-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/get-prompt-request.handler.d.ts +87 -0
package/src/transport/mcp-handlers/get-prompt-request.handler.js +11 -0
package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/index.d.ts +517 -208
package/src/transport/mcp-handlers/index.js +39 -2
package/src/transport/mcp-handlers/index.js.map +1 -1
package/src/transport/mcp-handlers/initialize-request.handler.d.ts +1 -1
package/src/transport/mcp-handlers/initialize-request.handler.js +73 -7
package/src/transport/mcp-handlers/initialize-request.handler.js.map +1 -1
package/src/transport/mcp-handlers/list-prompts-request.handler.d.ts +54 -0
package/src/transport/mcp-handlers/list-prompts-request.handler.js +11 -0
package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/list-resource-templates-request.handler.d.ts +51 -0
package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +12 -0
package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/list-resources-request.handler.d.ts +51 -0
package/src/transport/mcp-handlers/list-resources-request.handler.js +12 -0
package/src/transport/mcp-handlers/list-resources-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/list-tools-request.handler.d.ts +19 -146
package/src/transport/mcp-handlers/logging-set-level-request.handler.d.ts +46 -0
package/src/transport/mcp-handlers/logging-set-level-request.handler.js +34 -0
package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/mcp-handlers.types.d.ts +3 -7
package/src/transport/mcp-handlers/mcp-handlers.types.js.map +1 -1
package/src/transport/mcp-handlers/read-resource-request.handler.d.ts +46 -0
package/src/transport/mcp-handlers/read-resource-request.handler.js +12 -0
package/src/transport/mcp-handlers/read-resource-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/roots-list-changed-notification.handler.d.ts +11 -0
package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +26 -0
package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +1 -0
package/src/transport/mcp-handlers/subscribe-request.handler.d.ts +37 -0
package/src/transport/mcp-handlers/subscribe-request.handler.js +34 -0
package/src/transport/mcp-handlers/subscribe-request.handler.js.map +1 -0
package/src/transport/mcp-handlers/unsubscribe-request.handler.d.ts +37 -0
package/src/transport/mcp-handlers/unsubscribe-request.handler.js +34 -0
package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +1 -0
package/src/transport/transport.local.js +7 -2
package/src/transport/transport.local.js.map +1 -1
package/src/transport/transport.registry.d.ts +30 -0
package/src/transport/transport.registry.js +84 -1
package/src/transport/transport.registry.js.map +1 -1
package/src/transport/transport.types.d.ts +3 -3
package/src/transport/transport.types.js.map +1 -1
package/src/utils/content.utils.d.ts +48 -0
package/src/utils/content.utils.js +194 -0
package/src/utils/content.utils.js.map +1 -0
package/src/utils/index.d.ts +8 -0
package/src/utils/index.js +55 -0
package/src/utils/index.js.map +1 -0
package/src/utils/lineage.utils.d.ts +40 -0
package/src/utils/lineage.utils.js +82 -0
package/src/utils/lineage.utils.js.map +1 -0
package/src/utils/naming.utils.d.ts +46 -0
package/src/utils/naming.utils.js +136 -0
package/src/utils/naming.utils.js.map +1 -0
package/src/utils/types.utils.d.ts +2 -2
package/src/utils/types.utils.js.map +1 -1
package/src/utils/uri-template.utils.d.ts +57 -0
package/src/utils/uri-template.utils.js +113 -0
package/src/utils/uri-template.utils.js.map +1 -0
package/src/utils/uri-validation.utils.d.ts +40 -0
package/src/utils/uri-validation.utils.js +76 -0
package/src/utils/uri-validation.utils.js.map +1 -0
package/src/__test-utils__/fixtures/hook.fixtures.d.ts +0 -46
package/src/__test-utils__/fixtures/hook.fixtures.js +0 -114
package/src/__test-utils__/fixtures/hook.fixtures.js.map +0 -1
package/src/__test-utils__/fixtures/index.d.ts +0 -7
package/src/__test-utils__/fixtures/index.js +0 -11
package/src/__test-utils__/fixtures/index.js.map +0 -1
package/src/__test-utils__/fixtures/plugin.fixtures.d.ts +0 -46
package/src/__test-utils__/fixtures/plugin.fixtures.js +0 -127
package/src/__test-utils__/fixtures/plugin.fixtures.js.map +0 -1
package/src/__test-utils__/fixtures/provider.fixtures.d.ts +0 -69
package/src/__test-utils__/fixtures/provider.fixtures.js +0 -131
package/src/__test-utils__/fixtures/provider.fixtures.js.map +0 -1
package/src/__test-utils__/fixtures/scope.fixtures.d.ts +0 -14
package/src/__test-utils__/fixtures/scope.fixtures.js +0 -59
package/src/__test-utils__/fixtures/scope.fixtures.js.map +0 -1
package/src/__test-utils__/fixtures/tool.fixtures.d.ts +0 -36
package/src/__test-utils__/fixtures/tool.fixtures.js +0 -91
package/src/__test-utils__/fixtures/tool.fixtures.js.map +0 -1
package/src/__test-utils__/helpers/assertion.helpers.d.ts +0 -45
package/src/__test-utils__/helpers/assertion.helpers.js +0 -153
package/src/__test-utils__/helpers/assertion.helpers.js.map +0 -1
package/src/__test-utils__/helpers/async.helpers.d.ts +0 -48
package/src/__test-utils__/helpers/async.helpers.js +0 -112
package/src/__test-utils__/helpers/async.helpers.js.map +0 -1
package/src/__test-utils__/helpers/index.d.ts +0 -6
package/src/__test-utils__/helpers/index.js +0 -10
package/src/__test-utils__/helpers/index.js.map +0 -1
package/src/__test-utils__/helpers/setup.helpers.d.ts +0 -54
package/src/__test-utils__/helpers/setup.helpers.js +0 -106
package/src/__test-utils__/helpers/setup.helpers.js.map +0 -1
package/src/__test-utils__/index.d.ts +0 -9
package/src/__test-utils__/index.js +0 -14
package/src/__test-utils__/index.js.map +0 -1
package/src/__test-utils__/mocks/flow-instance.mock.d.ts +0 -50
package/src/__test-utils__/mocks/flow-instance.mock.js +0 -72
package/src/__test-utils__/mocks/flow-instance.mock.js.map +0 -1
package/src/__test-utils__/mocks/hook-registry.mock.d.ts +0 -25
package/src/__test-utils__/mocks/hook-registry.mock.js +0 -65
package/src/__test-utils__/mocks/hook-registry.mock.js.map +0 -1
package/src/__test-utils__/mocks/index.d.ts +0 -8
package/src/__test-utils__/mocks/index.js +0 -12
package/src/__test-utils__/mocks/index.js.map +0 -1
package/src/__test-utils__/mocks/plugin-registry.mock.d.ts +0 -43
package/src/__test-utils__/mocks/plugin-registry.mock.js +0 -70
package/src/__test-utils__/mocks/plugin-registry.mock.js.map +0 -1
package/src/__test-utils__/mocks/provider-registry.mock.d.ts +0 -39
package/src/__test-utils__/mocks/provider-registry.mock.js +0 -72
package/src/__test-utils__/mocks/provider-registry.mock.js.map +0 -1
package/src/__test-utils__/mocks/tool-registry.mock.d.ts +0 -43
package/src/__test-utils__/mocks/tool-registry.mock.js +0 -79
package/src/__test-utils__/mocks/tool-registry.mock.js.map +0 -1
package/src/auth/path.utils.d.ts +0 -20
package/src/auth/path.utils.js +0 -71
package/src/auth/path.utils.js.map +0 -1
package/src/common/decorators-old/async-with.decorator.d.ts +0 -10
package/src/common/decorators-old/async-with.decorator.js +0 -24
package/src/common/decorators-old/async-with.decorator.js.map +0 -1
package/src/common/decorators-old/auth-hook.decorator.d.ts +0 -14
package/src/common/decorators-old/auth-hook.decorator.js +0 -27
package/src/common/decorators-old/auth-hook.decorator.js.map +0 -1
package/src/common/decorators-old/session-hook.decorator.d.ts +0 -14
package/src/common/decorators-old/session-hook.decorator.js +0 -27
package/src/common/decorators-old/session-hook.decorator.js.map +0 -1

package/src/auth/flows/oauth.callback.flow.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"oauth.callback.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/oauth.callback.flow.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,yCAUsB;AACtB,6BAAwB;AAExB,mCAAgD;AAChD,8BAAmC;AAEnC,MAAM,WAAW,GAAG,wBAAe,CAAC;AAEpC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,oBAAoB;IACpB,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,oCAAoC;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACpC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,YAAY;IACZ,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACxC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,wCAAwC;IACxC,aAAa,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACzC,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACxC,uBAAuB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9C,kBAAkB;IAClB,WAAW,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACvC,iBAAiB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACjD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,UAAU;IACV,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAC1C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC9C,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,OAAC,CAAC,KAAK,CAAC,CAAC,2BAAkB,EAAE,uBAAc,CAAC,CAAC,CAAC;AAEnE,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,CAAC,YAAY,EAAE,qBAAqB,CAAC;IAC1C,OAAO,EAAE,CAAC,uBAAuB,EAAE,yBAAyB,EAAE,kBAAkB,CAAC;CAC9C,CAAC;AActC,MAAM,IAAI,GAAG,gBAAyB,CAAC;AACvC,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAajB,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,iBAAqB;IAC1D,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAGxD,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAElC,4CAA4C;QAC5C,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAuB,CAAC;QAC7E,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAuB,CAAC;QAC3D,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAuB,CAAC;QAEzD,mDAAmD;QACnD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,MAAM,CAAC;QAC9D,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAuB,CAAC;QAElE,6BAA6B;QAC7B,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,MAAM,CAAC;QAC1D,kEAAkE;QAClE,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,iBAAuC,CAAC;QAC5C,IAAI,cAAc,EAAE,CAAC;YACnB,iBAAiB,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QACxF,CAAC;QAED,+CAA+C;QAC/C,kEAAkE;QAClE,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC1C,IAAI,aAAmC,CAAC;QACxC,IAAI,UAAU,EAAE,CAAC;YACf,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;YACb,aAAa;YACb,KAAK;YACL,IAAI;YACJ,aAAa;YACb,WAAW;YACX,WAAW;YACX,iBAAiB;YACjB,aAAa;SACd,CAAC,CAAC;QAEH,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,WAAW,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,iBAAiB,EAAE,MAAM,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACzG,CAAC;QAED,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,aAAa,CAAC,MAAM,iBAAiB,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;IAGK,AAAN,KAAK,CAAC,mBAAmB;QACvB,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,iBAAiB,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAE1G,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;YACxD,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,mCAAmC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YAClH,OAAO;QACT,CAAC;QAED,2EAA2E;QAC3E,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,EAAE,CAAC;YAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YAC9C,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YAClG,OAAO;QACT,CAAC;QAED,qCAAqC;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAwB,CAAC;QACtD,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,kBAAkB,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;QAE9F,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,aAAa,EAAE,CAAC,CAAC;YACjF,IAAI,CAAC,OAAO,CACV,oBAAW,CAAC,IAAI,CACd,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,sDAAsD,CAAC,EAC/F,GAAG,CACJ,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,uFAAuF;QACvF,yEAAyE;QACzE,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEhE,mDAAmD;QACnD,IAAI,gBAAsC,CAAC;QAC3C,IAAI,WAAW,IAAI,WAAW,CAAC,cAAc,EAAE,CAAC;YAC9C,MAAM,YAAY,GAAG,WAAW,CAAC,cAAc,CAAC,WAAW,CAAC;YAC5D,MAAM,QAAQ,GAAG,iBAAiB,IAAI,EAAE,CAAC;YACzC,gBAAgB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC;QAED,oBAAoB;QACpB,MAAM,cAAc,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,IAAI,KAAK,CAAC;QAC7D,2FAA2F;QAC3F,MAAM,kBAAkB,GAAG,cAAc,IAAI,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,EAAE,gBAAgB,CAAC;QAEnH,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;YACb,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,WAAW,EAAE,WAAW,CAAC,WAAW;YACpC,MAAM,EAAE,WAAW,CAAC,MAAM;YAC1B,aAAa,EAAE,WAAW,CAAC,IAAI,CAAC,SAAS;YACzC,aAAa,EAAE,WAAW,CAAC,KAAK;YAChC,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,OAAO;YACP,4DAA4D;YAC5D,aAAa,EAAE,WAAW,CAAC,aAAa,IAAI,aAAa;YACzD,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW;YAC9D,YAAY,EAAE,WAAW,CAAC,YAAY;YACtC,iBAAiB,EAAE,WAAW,CAAC,iBAAiB;YAChD,uBAAuB,EAAE,WAAW,CAAC,uBAAuB;YAC5D,kBAAkB;YAClB,WAAW,EAAE,WAAW,IAAI,CAAC,CAAC,WAAW,CAAC,cAAc;YACxD,iBAAiB,EAAE,iBAAiB;YACpC,gBAAgB,EAAE,gBAAgB;YAClC,UAAU;YACV,cAAc;YACd,aAAa,EAAE,kBAAkB;SAClC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,SAAS,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;IAC/E,CAAC;IAED;;;;OAIG;IAEG,AAAN,KAAK,CAAC,qBAAqB;QACzB,MAAM,EAAE,aAAa,EAAE,WAAW,EAAE,uBAAuB,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAExF,+BAA+B;QAC/B,IAAI,CAAC,aAAa,IAAI,CAAC,WAAW,EAAE,CAAC;YACnC,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iDAAiD,WAAW,EAAE,CAAC,CAAC;QAEjF,oCAAoC;QACpC,iDAAiD;QACjD,uEAAuE;QACvE,2DAA2D;QAE3D,4EAA4E;QAC5E,6DAA6D;QAE7D,yDAAyD;QACzD,sEAAsE;QACtE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sCAAsC,WAAW,oBAAoB,uBAAuB,IAAI,MAAM,EAAE,CACzG,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,uBAAuB;QAC3B,MAAM,EACJ,QAAQ,EACR,WAAW,EACX,MAAM,EACN,aAAa,EACb,aAAa,EACb,QAAQ,EACR,KAAK,EACL,IAAI,EACJ,OAAO;QACP,8BAA8B;QAC9B,cAAc,EACd,aAAa,EACb,WAAW,EACX,iBAAiB,EACjB,gBAAgB,GACjB,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAExB,8DAA8D;QAC9D,IAAI,CAAC,QAAQ,IAAI,CAAC,WAAW,IAAI,CAAC,aAAa,IAAI,CAAC,OAAO,EAAE,CAAC;YAC5D,MAAM,aAAa,GAAG;gBACpB,CAAC,QAAQ,IAAI,UAAU;gBACvB,CAAC,WAAW,IAAI,aAAa;gBAC7B,CAAC,aAAa,IAAI,eAAe;gBACjC,CAAC,OAAO,IAAI,SAAS;aACtB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mDAAmD,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACjG,IAAI,CAAC,OAAO,CACV,oBAAW,CAAC,IAAI,CACd,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,wDAAwD,CAAC,EAC9F,GAAG,CACJ,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAwB,CAAC;QAEtD,4DAA4D;QAC5D,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,uBAAuB,CAAC;YACnD,QAAQ;YACR,WAAW;YACX,MAAM,EAAE,MAAM,IAAI,EAAE;YACpB,aAAa;YACb,OAAO;YACP,SAAS,EAAE,KAAK;YAChB,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,aAAa;YACpB,QAAQ;YACR,mCAAmC;YACnC,eAAe,EAAE,aAAa;YAC9B,mBAAmB,EAAE,iBAAiB;YACtC,kBAAkB,EAAE,gBAAgB;YACpC,cAAc,EAAE,cAAc;YAC9B,kBAAkB,EAAE,WAAW;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,wCAAwC,OAAO,GAC7C,cAAc,CAAC,CAAC,CAAC,SAAS,aAAa,EAAE,MAAM,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAC1E,GAAG,WAAW,CAAC,CAAC,CAAC,oBAAoB,iBAAiB,EAAE,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,CACxF,CAAC;QACF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;IAC5C,CAAC;IAGK,AAAN,KAAK,CAAC,gBAAgB;QACpB,MAAM,EAAE,WAAW,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAE1G,wCAAwC;QACxC,IAAI,CAAC,WAAW,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;YAC3E,IAAI,CAAC,OAAO,CACV,oBAAW,CAAC,IAAI,CACd,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,qDAAqD,CAAC,EAC3F,GAAG,CACJ,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,qDAAqD;QACrD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QACjC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;QAChD,IAAI,aAAa,EAAE,CAAC;YAClB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC/C,CAAC;QAED,2DAA2D;QAC3D,+DAA+D;QAC/D,IAAI,aAAa,IAAI,WAAW,EAAE,CAAC;YACjC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;YAC5C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0BAA0B,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,GACjD,aAAa,CAAC,CAAC,CAAC,0BAA0B,WAAW,GAAG,CAAC,CAAC,CAAC,EAC7D,EAAE,CACH,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;;OAGG;IACK,eAAe,CAAC,KAAa;QACnC,+DAA+D;QAC/D,kDAAkD;QAClD,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,iBAAiB;QACjB,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;IACtH,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAa,EAAE,WAAmB;QACxD,sDAAsD;QACtD,MAAM,SAAS,GAAG,IAAA,eAAU,EAAC,KAAK,CAAC,CAAC;QACpC,MAAM,eAAe,GAAG,IAAA,eAAU,EAAC,WAAW,CAAC,CAAC;QAEhD,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kCAyCuB,SAAS;SAClC,eAAe;;;;QAIhB,CAAC;IACP,CAAC;CACF,CAAA;AA7UO;IADL,KAAK,CAAC,YAAY,CAAC;;;;mDAoDnB;AAGK;IADL,KAAK,CAAC,qBAAqB,CAAC;;;;4DA0E5B;AAQK;IADL,KAAK,CAAC,uBAAuB,CAAC;;;;8DAwB9B;AAGK;IADL,KAAK,CAAC,yBAAyB,CAAC;;;;gEAiEhC;AAGK;IADL,KAAK,CAAC,kBAAkB,CAAC;;;;yDAoCzB;AA3QkB,iBAAiB;IAXrC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,iBAAiB;SACxB;KACF,CAAC;GACmB,iBAAiB,CAiVrC;kBAjVoB,iBAAiB","sourcesContent":["/**\n * OAuth Callback Endpoint — GET /oauth/callback\n *\n * Who calls: Browser after user completes login form\n *\n * When: After the user submits the login form from /oauth/authorize\n *\n * Purpose: Creates an authorization code and redirects back to the client's redirect_uri\n *\n * Notes: This is a simple \"demo\" login callback. In production, this would integrate\n * with a real identity provider or user database.\n */\n\nimport {\n Flow,\n FlowBase,\n FlowPlan,\n FlowRunOptions,\n httpInputSchema,\n HttpRedirectSchema,\n httpRespond,\n HttpHtmlSchema,\n StageHookOf,\n} from '../../common';\nimport { z } from 'zod';\nimport { LocalPrimaryAuth } from '../instances/instance.local-primary-auth';\nimport { randomUUID, createHash } from 'crypto';\nimport { escapeHtml } from '../ui';\n\nconst inputSchema = httpInputSchema;\n\nconst stateSchema = z.object({\n // From query params\n pendingAuthId: z.string().optional(),\n email: z.string().optional(),\n name: z.string().optional(),\n // From pending authorization record\n clientId: z.string().optional(),\n redirectUri: z.string().optional(),\n scopes: z.array(z.string()).optional(),\n codeChallenge: z.string().optional(),\n originalState: z.string().optional(),\n resource: z.string().optional(),\n // Generated\n authorizationCode: z.string().optional(),\n userSub: z.string().optional(),\n // Progressive/Incremental Authorization\n isIncremental: z.boolean().default(false),\n targetAppId: z.string().optional(),\n targetToolId: z.string().optional(),\n existingSessionId: z.string().optional(),\n existingAuthorizationId: z.string().optional(),\n // Federated Login\n isFederated: z.boolean().default(false),\n selectedProviders: z.array(z.string()).optional(),\n skippedProviders: z.array(z.string()).optional(),\n // Consent\n consentEnabled: z.boolean().default(false),\n selectedTools: z.array(z.string()).optional(),\n});\n\nconst outputSchema = z.union([HttpRedirectSchema, HttpHtmlSchema]);\n\nconst plan = {\n pre: ['parseInput', 'validatePendingAuth'],\n execute: ['handleIncrementalAuth', 'createAuthorizationCode', 'redirectToClient'],\n} as const satisfies FlowPlan<string>;\n\ndeclare global {\n interface ExtendFlows {\n 'oauth:callback': FlowRunOptions<\n OauthCallbackFlow,\n typeof plan,\n typeof inputSchema,\n typeof outputSchema,\n typeof stateSchema\n >;\n }\n}\n\nconst name = 'oauth:callback' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n path: '/oauth/callback',\n },\n})\nexport default class OauthCallbackFlow extends FlowBase<typeof name> {\n private logger = this.scope.logger.child('OauthCallbackFlow');\n\n @Stage('parseInput')\n async parseInput() {\n const { request } = this.rawInput;\n\n // Extract login form data from query params\n const pendingAuthId = request.query['pending_auth_id'] as string | undefined;\n const email = request.query['email'] as string | undefined;\n const name = request.query['name'] as string | undefined;\n\n // Progressive/Incremental Authorization Parameters\n const isIncremental = request.query['incremental'] === 'true';\n const targetAppId = request.query['app_id'] as string | undefined;\n\n // Federated Login Parameters\n const isFederated = request.query['federated'] === 'true';\n // providers can be array (multiple checkboxes) or string (single)\n const providersParam = request.query['providers'];\n let selectedProviders: string[] | undefined;\n if (providersParam) {\n selectedProviders = Array.isArray(providersParam) ? providersParam : [providersParam];\n }\n\n // Consent Parameters (from POST body or query)\n // Note: For consent, we might use POST, but GET is also supported\n const toolsParam = request.query['tools'];\n let selectedTools: string[] | undefined;\n if (toolsParam) {\n selectedTools = Array.isArray(toolsParam) ? toolsParam : [toolsParam];\n }\n\n this.state.set({\n pendingAuthId,\n email,\n name,\n isIncremental,\n targetAppId,\n isFederated,\n selectedProviders,\n selectedTools,\n });\n\n if (isIncremental) {\n this.logger.info(`Incremental auth callback for app: ${targetAppId}`);\n }\n\n if (isFederated) {\n this.logger.info(`Federated login callback with ${selectedProviders?.length || 0} selected providers`);\n }\n\n if (selectedTools && selectedTools.length > 0) {\n this.logger.info(`Consent callback with ${selectedTools.length} selected tools`);\n }\n }\n\n @Stage('validatePendingAuth')\n async validatePendingAuth() {\n const { pendingAuthId, email, isIncremental, isFederated, selectedProviders, selectedTools } = this.state;\n\n if (!pendingAuthId) {\n this.logger.warn('Missing pending_auth_id in callback');\n this.respond(httpRespond.html(this.renderErrorPage('invalid_request', 'Missing pending_auth_id parameter'), 400));\n return;\n }\n\n // For incremental auth, email is not required (user already authenticated)\n if (!isIncremental && !email) {\n this.logger.warn('Missing email in callback');\n this.respond(httpRespond.html(this.renderErrorPage('invalid_request', 'Email is required'), 400));\n return;\n }\n\n // Retrieve the pending authorization\n const localAuth = this.scope.auth as LocalPrimaryAuth;\n const pendingAuth = await localAuth.authorizationStore.getPendingAuthorization(pendingAuthId);\n\n if (!pendingAuth) {\n this.logger.warn(`Pending authorization not found or expired: ${pendingAuthId}`);\n this.respond(\n httpRespond.html(\n this.renderErrorPage('invalid_request', 'Authorization request has expired. Please try again.'),\n 400,\n ),\n );\n return;\n }\n\n // Generate a user sub from email (in production, this would come from a user database)\n // For incremental auth, we might need to use existing session's user sub\n const userSub = email ? this.generateUserSub(email) : undefined;\n\n // Calculate skipped providers from federated login\n let skippedProviders: string[] | undefined;\n if (isFederated && pendingAuth.federatedLogin) {\n const allProviders = pendingAuth.federatedLogin.providerIds;\n const selected = selectedProviders || [];\n skippedProviders = allProviders.filter((id) => !selected.includes(id));\n }\n\n // Get consent state\n const consentEnabled = pendingAuth.consent?.enabled ?? false;\n // If consent was enabled and user submitted selection, use it; otherwise use all available\n const finalSelectedTools = consentEnabled && selectedTools ? selectedTools : pendingAuth.consent?.availableToolIds;\n\n this.state.set({\n clientId: pendingAuth.clientId,\n redirectUri: pendingAuth.redirectUri,\n scopes: pendingAuth.scopes,\n codeChallenge: pendingAuth.pkce.challenge,\n originalState: pendingAuth.state,\n resource: pendingAuth.resource,\n userSub,\n // Progressive/Incremental Authorization from pending record\n isIncremental: pendingAuth.isIncremental || isIncremental,\n targetAppId: pendingAuth.targetAppId || this.state.targetAppId,\n targetToolId: pendingAuth.targetToolId,\n existingSessionId: pendingAuth.existingSessionId,\n existingAuthorizationId: pendingAuth.existingAuthorizationId,\n // Federated Login\n isFederated: isFederated || !!pendingAuth.federatedLogin,\n selectedProviders: selectedProviders,\n skippedProviders: skippedProviders,\n // Consent\n consentEnabled,\n selectedTools: finalSelectedTools,\n });\n\n // Clean up the pending authorization\n await localAuth.authorizationStore.deletePendingAuthorization(pendingAuthId);\n }\n\n /**\n * Handle incremental authorization - expand existing session's token vault\n * For incremental auth, we add the app to the existing authorization without\n * requiring full re-authentication\n */\n @Stage('handleIncrementalAuth')\n async handleIncrementalAuth() {\n const { isIncremental, targetAppId, existingAuthorizationId, redirectUri } = this.state;\n\n // Skip if not incremental auth\n if (!isIncremental || !targetAppId) {\n return;\n }\n\n this.logger.info(`Processing incremental authorization for app: ${targetAppId}`);\n\n // For incremental auth, we need to:\n // 1. Validate the existing session (if provided)\n // 2. Generate a special incremental auth code that includes the app ID\n // 3. The token endpoint will then expand the authorization\n\n // For now, we pass the incremental auth info through the authorization code\n // The token exchange will handle expanding the authorization\n\n // Store incremental auth metadata for the token exchange\n // This will be encoded in the authorization code or stored separately\n this.logger.info(\n `Incremental auth prepared for app: ${targetAppId}, existing auth: ${existingAuthorizationId || 'none'}`,\n );\n }\n\n @Stage('createAuthorizationCode')\n async createAuthorizationCode() {\n const {\n clientId,\n redirectUri,\n scopes,\n codeChallenge,\n originalState,\n resource,\n email,\n name,\n userSub,\n // Consent and Federated Login\n consentEnabled,\n selectedTools,\n isFederated,\n selectedProviders,\n skippedProviders,\n } = this.state.required;\n\n // Validate required fields before creating authorization code\n if (!clientId || !redirectUri || !codeChallenge || !userSub) {\n const missingFields = [\n !clientId && 'clientId',\n !redirectUri && 'redirectUri',\n !codeChallenge && 'codeChallenge',\n !userSub && 'userSub',\n ].filter(Boolean);\n this.logger.error(`Missing required fields for authorization code: ${missingFields.join(', ')}`);\n this.respond(\n httpRespond.html(\n this.renderErrorPage('server_error', 'Authorization request is incomplete. Please try again.'),\n 500,\n ),\n );\n return;\n }\n\n const localAuth = this.scope.auth as LocalPrimaryAuth;\n\n // Create the authorization code with consent/federated data\n const code = await localAuth.createAuthorizationCode({\n clientId,\n redirectUri,\n scopes: scopes ?? [],\n codeChallenge,\n userSub,\n userEmail: email,\n userName: name,\n state: originalState,\n resource,\n // Consent and Federated Login Data\n selectedToolIds: selectedTools,\n selectedProviderIds: selectedProviders,\n skippedProviderIds: skippedProviders,\n consentEnabled: consentEnabled,\n federatedLoginUsed: isFederated,\n });\n\n this.logger.info(\n `Authorization code created for user: ${userSub}${\n consentEnabled ? ` with ${selectedTools?.length || 0} selected tools` : ''\n }${isFederated ? ` (federated with ${selectedProviders?.length || 0} providers)` : ''}`,\n );\n this.state.set('authorizationCode', code);\n }\n\n @Stage('redirectToClient')\n async redirectToClient() {\n const { redirectUri, authorizationCode, originalState, isIncremental, targetAppId } = this.state.required;\n\n // Validate required fields for redirect\n if (!redirectUri || !authorizationCode) {\n this.logger.error('Missing redirectUri or authorizationCode for redirect');\n this.respond(\n httpRespond.html(\n this.renderErrorPage('server_error', 'Failed to complete authorization. Please try again.'),\n 500,\n ),\n );\n return;\n }\n\n // Build the redirect URL with the authorization code\n const url = new URL(redirectUri);\n url.searchParams.set('code', authorizationCode);\n if (originalState) {\n url.searchParams.set('state', originalState);\n }\n\n // For incremental auth, include the app ID in the redirect\n // This allows the client to know which app was just authorized\n if (isIncremental && targetAppId) {\n url.searchParams.set('incremental', 'true');\n url.searchParams.set('app_id', targetAppId);\n }\n\n this.logger.info(\n `Redirecting to client: ${url.origin}${url.pathname}${\n isIncremental ? ` (incremental for app: ${targetAppId})` : ''\n }`,\n );\n this.respond(httpRespond.redirect(url.toString()));\n }\n\n /**\n * Generate a stable user sub from email\n * In production, this would be the user's ID from the database\n */\n private generateUserSub(email: string): string {\n // Create a deterministic UUID from the email for demo purposes\n // In production, this would be the actual user ID\n const hash = createHash('sha256').update(email.toLowerCase()).digest('hex');\n // Format as UUID\n return `${hash.slice(0, 8)}-${hash.slice(8, 12)}-${hash.slice(12, 16)}-${hash.slice(16, 20)}-${hash.slice(20, 32)}`;\n }\n\n /**\n * Render an error page\n */\n private renderErrorPage(error: string, description: string): string {\n // Escape user-provided content to prevent XSS attacks\n const safeError = escapeHtml(error);\n const safeDescription = escapeHtml(description);\n\n return `<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n <title>Authorization Error</title>\n <style>\n body {\n font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;\n background: #f5f5f5;\n min-height: 100vh;\n display: flex;\n align-items: center;\n justify-content: center;\n padding: 20px;\n }\n .error-container {\n background: white;\n padding: 40px;\n border-radius: 12px;\n box-shadow: 0 4px 20px rgba(0,0,0,0.1);\n max-width: 500px;\n text-align: center;\n }\n .error-icon { font-size: 48px; margin-bottom: 20px; }\n h1 { color: #e53e3e; margin-bottom: 10px; }\n p { color: #666; line-height: 1.6; }\n .error-code { font-family: monospace; background: #f5f5f5; padding: 4px 8px; border-radius: 4px; }\n .retry-link {\n display: inline-block;\n margin-top: 20px;\n color: #667eea;\n text-decoration: none;\n }\n .retry-link:hover { text-decoration: underline; }\n </style>\n</head>\n<body>\n <div class=\"error-container\">\n <div class=\"error-icon\">⚠️</div>\n <h1>Authorization Error</h1>\n <p><span class=\"error-code\">${safeError}</span></p>\n <p>${safeDescription}</p>\n <a href=\"javascript:history.back()\" class=\"retry-link\">← Go Back</a>\n </div>\n</body>\n</html>`;\n }\n}\n"]}

package/src/auth/flows/oauth.register.flow.d.ts CHANGED Viewed

@@ -38,33 +38,16 @@ export declare const DevClientRegistry: {
     has(client_id: string): boolean;
 };
 declare const inputSchema: z.ZodObject<{
-    request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
-    response: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
-    next: z.ZodOptional<z.ZodFunction<z.ZodTuple<[], z.ZodUnknown>, z.ZodUnknown>>;
-}, "strip", z.ZodTypeAny, {
-    request: {} & {
-        [k: string]: unknown;
-    };
-    response: {} & {
-        [k: string]: unknown;
-    };
-    next?: ((...args: unknown[]) => unknown) | undefined;
-}, {
-    request: {} & {
-        [k: string]: unknown;
-    };
-    response: {} & {
-        [k: string]: unknown;
-    };
-    next?: ((...args: unknown[]) => unknown) | undefined;
-}>;
+    request: z.ZodObject<{}, z.core.$loose>;
+    response: z.ZodObject<{}, z.core.$loose>;
+    next: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
+}, z.core.$strip>;
 declare const outputSchema: z.ZodObject<{
     kind: z.ZodLiteral<"json">;
-    status: z.ZodEffects<z.ZodNumber, number, number>;
-    body: z.ZodUnion<[z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>, z.ZodArray<z.ZodAny, "many">, z.ZodRecord<z.ZodString, z.ZodAny>]>;
+    status: z.ZodNumber;
+    body: z.ZodUnion<readonly [z.ZodObject<{}, z.core.$loose>, z.ZodArray<z.ZodAny>, z.ZodRecord<z.ZodString, z.ZodAny>]>;
     contentType: z.ZodDefault<z.ZodString>;
-} & {
-    headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
+    headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>]>>>>;
     cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
         name: z.ZodString;
         value: z.ZodString;
@@ -72,114 +55,38 @@ declare const outputSchema: z.ZodObject<{
         domain: z.ZodOptional<z.ZodString>;
         httpOnly: z.ZodDefault<z.ZodBoolean>;
         secure: z.ZodOptional<z.ZodBoolean>;
-        sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
+        sameSite: z.ZodOptional<z.ZodEnum<{
+            lax: "lax";
+            strict: "strict";
+            none: "none";
+        }>>;
         maxAge: z.ZodOptional<z.ZodNumber>;
         expires: z.ZodOptional<z.ZodDate>;
-    }, "strip", z.ZodTypeAny, {
-        value: string;
-        path: string;
-        name: string;
-        httpOnly: boolean;
-        domain?: string | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }, {
-        value: string;
-        name: string;
-        path?: string | undefined;
-        domain?: string | undefined;
-        httpOnly?: boolean | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }>, "many">>>;
-}, "strip", z.ZodTypeAny, {
-    status: number;
-    kind: "json";
-    body: any[] | z.objectOutputType<{}, z.ZodTypeAny, "passthrough"> | Record<string, any>;
-    contentType: string;
-    headers?: Record<string, string | string[]> | undefined;
-    cookies?: {
-        value: string;
-        path: string;
-        name: string;
-        httpOnly: boolean;
-        domain?: string | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }[] | undefined;
-}, {
-    status: number;
-    kind: "json";
-    body: any[] | z.objectInputType<{}, z.ZodTypeAny, "passthrough"> | Record<string, any>;
-    headers?: Record<string, string | string[]> | undefined;
-    cookies?: {
-        value: string;
-        name: string;
-        path?: string | undefined;
-        domain?: string | undefined;
-        httpOnly?: boolean | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }[] | undefined;
-    contentType?: string | undefined;
-}>;
+    }, z.core.$strip>>>>;
+}, z.core.$strip>;
 declare const stateSchema: z.ZodObject<{
     body: z.ZodObject<{
-        redirect_uris: z.ZodArray<z.ZodString, "many">;
-        token_endpoint_auth_method: z.ZodDefault<z.ZodEnum<["none", "client_secret_basic", "client_secret_post", "private_key_jwt", "tls_client_auth"]>>;
-        grant_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code"]>, "many">>;
-        response_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
+        redirect_uris: z.ZodArray<z.ZodString>;
+        token_endpoint_auth_method: z.ZodDefault<z.ZodEnum<{
+            none: "none";
+            client_secret_basic: "client_secret_basic";
+            client_secret_post: "client_secret_post";
+            private_key_jwt: "private_key_jwt";
+            tls_client_auth: "tls_client_auth";
+        }>>;
+        grant_types: z.ZodDefault<z.ZodArray<z.ZodEnum<{
+            authorization_code: "authorization_code";
+            refresh_token: "refresh_token";
+            "urn:ietf:params:oauth:grant-type:device_code": "urn:ietf:params:oauth:grant-type:device_code";
+        }>>>;
+        response_types: z.ZodDefault<z.ZodArray<z.ZodEnum<{
+            code: "code";
+        }>>>;
         client_name: z.ZodOptional<z.ZodString>;
         scope: z.ZodOptional<z.ZodString>;
-    }, "passthrough", z.ZodTypeAny, z.objectOutputType<{
-        redirect_uris: z.ZodArray<z.ZodString, "many">;
-        token_endpoint_auth_method: z.ZodDefault<z.ZodEnum<["none", "client_secret_basic", "client_secret_post", "private_key_jwt", "tls_client_auth"]>>;
-        grant_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code"]>, "many">>;
-        response_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
-        client_name: z.ZodOptional<z.ZodString>;
-        scope: z.ZodOptional<z.ZodString>;
-    }, z.ZodTypeAny, "passthrough">, z.objectInputType<{
-        redirect_uris: z.ZodArray<z.ZodString, "many">;
-        token_endpoint_auth_method: z.ZodDefault<z.ZodEnum<["none", "client_secret_basic", "client_secret_post", "private_key_jwt", "tls_client_auth"]>>;
-        grant_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code"]>, "many">>;
-        response_types: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
-        client_name: z.ZodOptional<z.ZodString>;
-        scope: z.ZodOptional<z.ZodString>;
-    }, z.ZodTypeAny, "passthrough">>;
+    }, z.core.$loose>;
     isDev: z.ZodBoolean;
-}, "strip", z.ZodTypeAny, {
-    body: {
-        redirect_uris: string[];
-        token_endpoint_auth_method: "none" | "client_secret_basic" | "client_secret_post" | "private_key_jwt" | "tls_client_auth";
-        grant_types: ("authorization_code" | "refresh_token" | "urn:ietf:params:oauth:grant-type:device_code")[];
-        response_types: "code"[];
-        scope?: string | undefined;
-        client_name?: string | undefined;
-    } & {
-        [k: string]: unknown;
-    };
-    isDev: boolean;
-}, {
-    body: {
-        redirect_uris: string[];
-        scope?: string | undefined;
-        token_endpoint_auth_method?: "none" | "client_secret_basic" | "client_secret_post" | "private_key_jwt" | "tls_client_auth" | undefined;
-        grant_types?: ("authorization_code" | "refresh_token" | "urn:ietf:params:oauth:grant-type:device_code")[] | undefined;
-        response_types?: "code"[] | undefined;
-        client_name?: string | undefined;
-    } & {
-        [k: string]: unknown;
-    };
-    isDev: boolean;
-}>;
+}, z.core.$strip>;
 declare const plan: {
     readonly pre: ["parseInput", "validateInput"];
     readonly execute: ["registerClient", "respondRegistration"];

package/src/auth/flows/oauth.token.flow.d.ts CHANGED Viewed

@@ -30,7 +30,7 @@
  */
 /**
  *
- * OAuth 2.0 Device Authorization Grant (“device code flow”)
+ * OAuth 2.0 Device Authorization Grant ("device code flow")
  * Who does what (at a glance)
  *
  * Device/TV/CLI (no browser)
@@ -40,122 +40,66 @@
  * Visits the given verification_uri and authenticates using your normal OAuth login (whatever you already have). No new UI required beyond two tiny endpoints.
  *
  * Auth Server (you)
- * Stores the device transaction and, after the user authenticates, marks it as approved so the device’s /oauth/token polling succeeds.
+ * Stores the device transaction and, after the user authenticates, marks it as approved so the device's /oauth/token polling succeeds.
  *
- * Endpoints you need (only two “new” ones)
+ * Endpoints you need (only two "new" ones)
  *
  * POST /oauth/device_authorization ✅ (device calls)
  *
  * POST /oauth/token with grant urn:ietf:params:oauth:grant-type:device_code ✅ (device polls)
  *
- * GET /activate ➜ “UI handler” (user lands here from verification_uri — this just redirects into your existing /oauth/authorize)
+ * GET /activate ➜ "UI handler" (user lands here from verification_uri — this just redirects into your existing /oauth/authorize)
  *
- * GET /activate/callback ➜ “UI handler” (your existing flow returns here after the user logs in; you flip the device record to approved and show a basic “All set” page)
+ * GET /activate/callback ➜ "UI handler" (your existing flow returns here after the user logs in; you flip the device record to approved and show a basic "All set" page)
  *
- * That’s it. No pages with complex consent screens are required; reuse your normal /oauth/authorize
+ * That's it. No pages with complex consent screens are required; reuse your normal /oauth/authorize
  */
-import { FlowBase, FlowRunOptions } from "../../common";
-import { z } from "zod";
+import { FlowBase, FlowRunOptions } from '../../common';
+import { z } from 'zod';
 declare const inputSchema: z.ZodObject<{
-    request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
-    response: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
-    next: z.ZodOptional<z.ZodFunction<z.ZodTuple<[], z.ZodUnknown>, z.ZodUnknown>>;
-}, "strip", z.ZodTypeAny, {
-    request: {} & {
-        [k: string]: unknown;
-    };
-    response: {} & {
-        [k: string]: unknown;
-    };
-    next?: ((...args: unknown[]) => unknown) | undefined;
-}, {
-    request: {} & {
-        [k: string]: unknown;
-    };
-    response: {} & {
-        [k: string]: unknown;
-    };
-    next?: ((...args: unknown[]) => unknown) | undefined;
-}>;
+    request: z.ZodObject<{}, z.core.$loose>;
+    response: z.ZodObject<{}, z.core.$loose>;
+    next: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
+}, z.core.$strip>;
 declare const stateSchema: z.ZodObject<{
-    body: z.ZodDiscriminatedUnion<"grant_type", [z.ZodObject<{
+    body: z.ZodOptional<z.ZodDiscriminatedUnion<[z.ZodObject<{
         grant_type: z.ZodLiteral<"anonymous">;
-        /** Public client identifier; UUID in your example */
         client_id: z.ZodString;
-        /** Target resource/audience is required for this custom flow */
-        resource: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        resource: string;
-        grant_type: "anonymous";
-        client_id: string;
-    }, {
-        resource: string;
-        grant_type: "anonymous";
-        client_id: string;
-    }>, z.ZodObject<{
+        resource: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>, z.ZodObject<{
         grant_type: z.ZodLiteral<"authorization_code">;
-        /** Authorization code returned from the /authorize step */
         code: z.ZodString;
-        /** Must exactly match the redirect URI used when obtaining the code */
         redirect_uri: z.ZodString;
-        /** Public client identifier; UUID in your example */
         client_id: z.ZodString;
-        /** PKCE verifier bound to the code */
         code_verifier: z.ZodString;
-        /** Optional resource/audience (used by some providers like AAD v1) */
-        resource: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        code: string;
-        resource: string;
-        grant_type: "authorization_code";
-        client_id: string;
-        redirect_uri: string;
-        code_verifier: string;
-    }, {
-        code: string;
-        resource: string;
-        grant_type: "authorization_code";
-        client_id: string;
-        redirect_uri: string;
-        code_verifier: string;
-    }>]>;
+    }, z.core.$strip>, z.ZodObject<{
+        grant_type: z.ZodLiteral<"refresh_token">;
+        refresh_token: z.ZodString;
+        client_id: z.ZodString;
+    }, z.core.$strip>], "grant_type">>;
+    grantType: z.ZodOptional<z.ZodEnum<{
+        anonymous: "anonymous";
+        authorization_code: "authorization_code";
+        refresh_token: "refresh_token";
+    }>>;
     isDefaultAuthProvider: z.ZodBoolean;
-}, "strip", z.ZodTypeAny, {
-    body: {
-        resource: string;
-        grant_type: "anonymous";
-        client_id: string;
-    } | {
-        code: string;
-        resource: string;
-        grant_type: "authorization_code";
-        client_id: string;
-        redirect_uri: string;
-        code_verifier: string;
-    };
-    isDefaultAuthProvider: boolean;
-}, {
-    body: {
-        resource: string;
-        grant_type: "anonymous";
-        client_id: string;
-    } | {
-        code: string;
-        resource: string;
-        grant_type: "authorization_code";
-        client_id: string;
-        redirect_uri: string;
-        code_verifier: string;
-    };
-    isDefaultAuthProvider: boolean;
-}>;
+    isOrchestrated: z.ZodBoolean;
+    tokenResponse: z.ZodOptional<z.ZodObject<{
+        access_token: z.ZodString;
+        token_type: z.ZodLiteral<"Bearer">;
+        expires_in: z.ZodNumber;
+        refresh_token: z.ZodOptional<z.ZodString>;
+        scope: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+    error: z.ZodOptional<z.ZodString>;
+    errorDescription: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
 declare const outputSchema: z.ZodObject<{
     kind: z.ZodLiteral<"json">;
-    status: z.ZodEffects<z.ZodNumber, number, number>;
-    body: z.ZodUnion<[z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>, z.ZodArray<z.ZodAny, "many">, z.ZodRecord<z.ZodString, z.ZodAny>]>;
+    status: z.ZodNumber;
+    body: z.ZodUnion<readonly [z.ZodObject<{}, z.core.$loose>, z.ZodArray<z.ZodAny>, z.ZodRecord<z.ZodString, z.ZodAny>]>;
     contentType: z.ZodDefault<z.ZodString>;
-} & {
-    headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
+    headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>]>>>>;
     cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
         name: z.ZodString;
         value: z.ZodString;
@@ -163,68 +107,18 @@ declare const outputSchema: z.ZodObject<{
         domain: z.ZodOptional<z.ZodString>;
         httpOnly: z.ZodDefault<z.ZodBoolean>;
         secure: z.ZodOptional<z.ZodBoolean>;
-        sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
+        sameSite: z.ZodOptional<z.ZodEnum<{
+            lax: "lax";
+            strict: "strict";
+            none: "none";
+        }>>;
         maxAge: z.ZodOptional<z.ZodNumber>;
         expires: z.ZodOptional<z.ZodDate>;
-    }, "strip", z.ZodTypeAny, {
-        value: string;
-        path: string;
-        name: string;
-        httpOnly: boolean;
-        domain?: string | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }, {
-        value: string;
-        name: string;
-        path?: string | undefined;
-        domain?: string | undefined;
-        httpOnly?: boolean | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }>, "many">>>;
-}, "strip", z.ZodTypeAny, {
-    status: number;
-    kind: "json";
-    body: any[] | z.objectOutputType<{}, z.ZodTypeAny, "passthrough"> | Record<string, any>;
-    contentType: string;
-    headers?: Record<string, string | string[]> | undefined;
-    cookies?: {
-        value: string;
-        path: string;
-        name: string;
-        httpOnly: boolean;
-        domain?: string | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }[] | undefined;
-}, {
-    status: number;
-    kind: "json";
-    body: any[] | z.objectInputType<{}, z.ZodTypeAny, "passthrough"> | Record<string, any>;
-    headers?: Record<string, string | string[]> | undefined;
-    cookies?: {
-        value: string;
-        name: string;
-        path?: string | undefined;
-        domain?: string | undefined;
-        httpOnly?: boolean | undefined;
-        secure?: boolean | undefined;
-        sameSite?: "strict" | "lax" | "none" | undefined;
-        maxAge?: number | undefined;
-        expires?: Date | undefined;
-    }[] | undefined;
-    contentType?: string | undefined;
-}>;
+    }, z.core.$strip>>>>;
+}, z.core.$strip>;
 declare const plan: {
     readonly pre: ["parseInput", "validateInput"];
-    readonly execute: ["generateJWT", "buildAuthorizeOutput"];
+    readonly execute: ["handleAuthorizationCodeGrant", "handleRefreshTokenGrant", "handleAnonymousGrant", "buildTokenResponse"];
     readonly post: ["validateOutput"];
 };
 declare global {
@@ -234,9 +128,13 @@ declare global {
 }
 declare const name: "oauth:token";
 export default class OauthTokenFlow extends FlowBase<typeof name> {
+    private logger;
     parseInput(): Promise<void>;
     validateInput(): Promise<void>;
-    buildAuthorizeOutput(): Promise<void>;
+    handleAuthorizationCodeGrant(): Promise<void>;
+    handleRefreshTokenGrant(): Promise<void>;
+    handleAnonymousGrant(): Promise<void>;
+    buildTokenResponse(): Promise<void>;
     validateOutput(): Promise<void>;
 }
 export {};