@frontmcp/sdk 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (558) hide show
  1. package/README.md +30 -18
  2. package/package.json +20 -5
  3. package/src/app/app.registry.d.ts +3 -2
  4. package/src/app/app.registry.js +3 -1
  5. package/src/app/app.registry.js.map +1 -1
  6. package/src/app/instances/app.local.instance.js +2 -2
  7. package/src/app/instances/app.local.instance.js.map +1 -1
  8. package/src/auth/auth.registry.d.ts +34 -2
  9. package/src/auth/auth.registry.js +162 -24
  10. package/src/auth/auth.registry.js.map +1 -1
  11. package/src/auth/auth.utils.js +8 -9
  12. package/src/auth/auth.utils.js.map +1 -1
  13. package/src/auth/authorization/authorization.class.d.ts +125 -0
  14. package/src/auth/authorization/authorization.class.js +224 -0
  15. package/src/auth/authorization/authorization.class.js.map +1 -0
  16. package/src/auth/authorization/authorization.types.d.ts +300 -0
  17. package/src/auth/authorization/authorization.types.js +79 -0
  18. package/src/auth/authorization/authorization.types.js.map +1 -0
  19. package/src/auth/authorization/index.d.ts +5 -0
  20. package/src/auth/authorization/index.js +19 -0
  21. package/src/auth/authorization/index.js.map +1 -0
  22. package/src/auth/authorization/orchestrated.authorization.d.ts +242 -0
  23. package/src/auth/authorization/orchestrated.authorization.js +306 -0
  24. package/src/auth/authorization/orchestrated.authorization.js.map +1 -0
  25. package/src/auth/authorization/public.authorization.d.ts +91 -0
  26. package/src/auth/authorization/public.authorization.js +132 -0
  27. package/src/auth/authorization/public.authorization.js.map +1 -0
  28. package/src/auth/authorization/transparent.authorization.d.ts +130 -0
  29. package/src/auth/authorization/transparent.authorization.js +147 -0
  30. package/src/auth/authorization/transparent.authorization.js.map +1 -0
  31. package/src/auth/consent/consent.types.d.ts +111 -0
  32. package/src/auth/consent/consent.types.js +119 -0
  33. package/src/auth/consent/consent.types.js.map +1 -0
  34. package/src/auth/consent/index.d.ts +1 -0
  35. package/src/auth/consent/index.js +13 -0
  36. package/src/auth/consent/index.js.map +1 -0
  37. package/src/auth/detection/auth-provider-detection.d.ts +84 -0
  38. package/src/auth/detection/auth-provider-detection.js +230 -0
  39. package/src/auth/detection/auth-provider-detection.js.map +1 -0
  40. package/src/auth/detection/index.d.ts +1 -0
  41. package/src/auth/detection/index.js +15 -0
  42. package/src/auth/detection/index.js.map +1 -0
  43. package/src/auth/flows/auth.verify.flow.d.ts +110 -0
  44. package/src/auth/flows/auth.verify.flow.js +379 -0
  45. package/src/auth/flows/auth.verify.flow.js.map +1 -0
  46. package/src/auth/flows/oauth.authorize.flow.d.ts +118 -164
  47. package/src/auth/flows/oauth.authorize.flow.js +701 -33
  48. package/src/auth/flows/oauth.authorize.flow.js.map +1 -1
  49. package/src/auth/flows/oauth.callback.flow.d.ts +117 -0
  50. package/src/auth/flows/oauth.callback.flow.js +357 -0
  51. package/src/auth/flows/oauth.callback.flow.js.map +1 -0
  52. package/src/auth/flows/oauth.register.flow.d.ts +32 -125
  53. package/src/auth/flows/oauth.token.flow.d.ts +52 -154
  54. package/src/auth/flows/oauth.token.flow.js +193 -55
  55. package/src/auth/flows/oauth.token.flow.js.map +1 -1
  56. package/src/auth/flows/session.verify.flow.d.ts +66 -321
  57. package/src/auth/flows/session.verify.flow.js +107 -18
  58. package/src/auth/flows/session.verify.flow.js.map +1 -1
  59. package/src/auth/flows/well-known.jwks.flow.d.ts +34 -205
  60. package/src/auth/flows/well-known.jwks.flow.js +15 -8
  61. package/src/auth/flows/well-known.jwks.flow.js.map +1 -1
  62. package/src/auth/flows/well-known.oauth-authorization-server.flow.d.ts +48 -223
  63. package/src/auth/flows/well-known.oauth-authorization-server.flow.js +2 -3
  64. package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +1 -1
  65. package/src/auth/flows/well-known.prm.flow.d.ts +19 -120
  66. package/src/auth/flows/well-known.prm.flow.js +3 -4
  67. package/src/auth/flows/well-known.prm.flow.js.map +1 -1
  68. package/src/auth/instances/instance.local-primary-auth.d.ts +91 -4
  69. package/src/auth/instances/instance.local-primary-auth.js +236 -6
  70. package/src/auth/instances/instance.local-primary-auth.js.map +1 -1
  71. package/src/auth/instances/instance.remote-primary-auth.d.ts +4 -3
  72. package/src/auth/instances/instance.remote-primary-auth.js +2 -2
  73. package/src/auth/instances/instance.remote-primary-auth.js.map +1 -1
  74. package/src/auth/session/authorization-vault.d.ts +611 -0
  75. package/src/auth/session/authorization-vault.js +817 -0
  76. package/src/auth/session/authorization-vault.js.map +1 -0
  77. package/src/auth/session/authorization.store.d.ts +301 -0
  78. package/src/auth/session/authorization.store.js +323 -0
  79. package/src/auth/session/authorization.store.js.map +1 -0
  80. package/src/auth/session/encrypted-authorization-vault.d.ts +181 -0
  81. package/src/auth/session/encrypted-authorization-vault.js +493 -0
  82. package/src/auth/session/encrypted-authorization-vault.js.map +1 -0
  83. package/src/auth/session/index.d.ts +4 -4
  84. package/src/auth/session/index.js +11 -7
  85. package/src/auth/session/index.js.map +1 -1
  86. package/src/auth/session/session.schema.d.ts +1 -1
  87. package/src/auth/session/session.service.d.ts +1 -1
  88. package/src/auth/session/transport-session.manager.d.ts +101 -0
  89. package/src/auth/session/transport-session.manager.js +300 -0
  90. package/src/auth/session/transport-session.manager.js.map +1 -0
  91. package/src/auth/session/transport-session.types.d.ts +457 -0
  92. package/src/auth/session/transport-session.types.js +110 -0
  93. package/src/auth/session/transport-session.types.js.map +1 -0
  94. package/src/auth/session/utils/session-id.utils.d.ts +14 -2
  95. package/src/auth/session/utils/session-id.utils.js +68 -19
  96. package/src/auth/session/utils/session-id.utils.js.map +1 -1
  97. package/src/auth/session/vault-encryption.d.ts +189 -0
  98. package/src/auth/session/vault-encryption.js +263 -0
  99. package/src/auth/session/vault-encryption.js.map +1 -0
  100. package/src/auth/ui/base-layout.d.ts +188 -0
  101. package/src/auth/ui/base-layout.js +292 -0
  102. package/src/auth/ui/base-layout.js.map +1 -0
  103. package/src/auth/ui/htmx-templates.d.ts +135 -0
  104. package/src/auth/ui/htmx-templates.js +433 -0
  105. package/src/auth/ui/htmx-templates.js.map +1 -0
  106. package/src/auth/ui/index.d.ts +11 -0
  107. package/src/auth/ui/index.js +35 -0
  108. package/src/auth/ui/index.js.map +1 -0
  109. package/src/auth/utils/audience.validator.d.ts +129 -0
  110. package/src/auth/utils/audience.validator.js +196 -0
  111. package/src/auth/utils/audience.validator.js.map +1 -0
  112. package/src/auth/utils/index.d.ts +2 -0
  113. package/src/auth/utils/index.js +7 -0
  114. package/src/auth/utils/index.js.map +1 -0
  115. package/src/auth/utils/www-authenticate.utils.d.ts +97 -0
  116. package/src/auth/utils/www-authenticate.utils.js +183 -0
  117. package/src/auth/utils/www-authenticate.utils.js.map +1 -0
  118. package/src/common/common.schema.d.ts +2 -16
  119. package/src/common/constants.d.ts +3 -0
  120. package/src/common/constants.js +6 -1
  121. package/src/common/constants.js.map +1 -1
  122. package/src/common/decorators/decorator-utils.d.ts +131 -0
  123. package/src/common/decorators/decorator-utils.js +195 -0
  124. package/src/common/decorators/decorator-utils.js.map +1 -0
  125. package/src/common/decorators/front-mcp.decorator.js +3 -2
  126. package/src/common/decorators/front-mcp.decorator.js.map +1 -1
  127. package/src/common/decorators/hook.decorator.d.ts +58 -2
  128. package/src/common/decorators/hook.decorator.js +127 -17
  129. package/src/common/decorators/hook.decorator.js.map +1 -1
  130. package/src/common/decorators/plugin.decorator.d.ts +1 -1
  131. package/src/common/decorators/plugin.decorator.js +11 -10
  132. package/src/common/decorators/plugin.decorator.js.map +1 -1
  133. package/src/common/decorators/resource.decorator.d.ts +32 -3
  134. package/src/common/decorators/resource.decorator.js +46 -4
  135. package/src/common/decorators/resource.decorator.js.map +1 -1
  136. package/src/common/decorators/tool.decorator.d.ts +54 -5
  137. package/src/common/decorators/tool.decorator.js.map +1 -1
  138. package/src/common/dynamic/dynamic.plugin.d.ts +22 -11
  139. package/src/common/dynamic/dynamic.plugin.js +7 -1
  140. package/src/common/dynamic/dynamic.plugin.js.map +1 -1
  141. package/src/common/entries/prompt.entry.d.ts +46 -2
  142. package/src/common/entries/prompt.entry.js +10 -0
  143. package/src/common/entries/prompt.entry.js.map +1 -1
  144. package/src/common/entries/resource.entry.d.ts +69 -6
  145. package/src/common/entries/resource.entry.js +27 -3
  146. package/src/common/entries/resource.entry.js.map +1 -1
  147. package/src/common/entries/scope.entry.d.ts +5 -1
  148. package/src/common/entries/scope.entry.js +3 -3
  149. package/src/common/entries/scope.entry.js.map +1 -1
  150. package/src/common/flow/flow.utils.d.ts +56 -0
  151. package/src/common/flow/flow.utils.js +96 -0
  152. package/src/common/flow/flow.utils.js.map +1 -0
  153. package/src/common/index.d.ts +2 -2
  154. package/src/common/index.js +2 -2
  155. package/src/common/index.js.map +1 -1
  156. package/src/common/interfaces/execution-context.interface.d.ts +59 -0
  157. package/src/common/interfaces/execution-context.interface.js +81 -0
  158. package/src/common/interfaces/execution-context.interface.js.map +1 -0
  159. package/src/common/interfaces/flow.interface.d.ts +1 -1
  160. package/src/common/interfaces/flow.interface.js.map +1 -1
  161. package/src/common/interfaces/index.d.ts +1 -0
  162. package/src/common/interfaces/index.js +1 -0
  163. package/src/common/interfaces/index.js.map +1 -1
  164. package/src/common/interfaces/internal/primary-auth-provider.interface.d.ts +17 -2
  165. package/src/common/interfaces/internal/primary-auth-provider.interface.js +52 -4
  166. package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +1 -1
  167. package/src/common/interfaces/internal/registry.interface.d.ts +16 -2
  168. package/src/common/interfaces/internal/registry.interface.js.map +1 -1
  169. package/src/common/interfaces/plugin.interface.js.map +1 -1
  170. package/src/common/interfaces/prompt.interface.d.ts +53 -4
  171. package/src/common/interfaces/prompt.interface.js +78 -0
  172. package/src/common/interfaces/prompt.interface.js.map +1 -1
  173. package/src/common/interfaces/resource.interface.d.ts +47 -17
  174. package/src/common/interfaces/resource.interface.js +53 -0
  175. package/src/common/interfaces/resource.interface.js.map +1 -1
  176. package/src/common/interfaces/tool.interface.d.ts +39 -22
  177. package/src/common/interfaces/tool.interface.js +61 -34
  178. package/src/common/interfaces/tool.interface.js.map +1 -1
  179. package/src/common/metadata/adapter.metadata.d.ts +1 -9
  180. package/src/common/metadata/app.metadata.d.ts +425 -730
  181. package/src/common/metadata/auth-provider.metadata.d.ts +2 -12
  182. package/src/common/metadata/flow.metadata.d.ts +10 -25
  183. package/src/common/metadata/front-mcp.metadata.d.ts +602 -1023
  184. package/src/common/metadata/front-mcp.metadata.js +6 -4
  185. package/src/common/metadata/front-mcp.metadata.js.map +1 -1
  186. package/src/common/metadata/hook.metadata.d.ts +1 -1
  187. package/src/common/metadata/hook.metadata.js.map +1 -1
  188. package/src/common/metadata/index.d.ts +1 -0
  189. package/src/common/metadata/index.js +1 -0
  190. package/src/common/metadata/index.js.map +1 -1
  191. package/src/common/metadata/logger.metadata.d.ts +1 -9
  192. package/src/common/metadata/plugin.metadata.d.ts +8 -30
  193. package/src/common/metadata/prompt.metadata.d.ts +4 -161
  194. package/src/common/metadata/provider.metadata.d.ts +2 -12
  195. package/src/common/metadata/resource.metadata.d.ts +6 -98
  196. package/src/common/metadata/resource.metadata.js +15 -6
  197. package/src/common/metadata/resource.metadata.js.map +1 -1
  198. package/src/common/metadata/tool-ui.metadata.d.ts +10 -0
  199. package/src/common/metadata/tool-ui.metadata.js +12 -0
  200. package/src/common/metadata/tool-ui.metadata.js.map +1 -0
  201. package/src/common/metadata/tool.metadata.d.ts +110 -199
  202. package/src/common/metadata/tool.metadata.js +11 -14
  203. package/src/common/metadata/tool.metadata.js.map +1 -1
  204. package/src/common/providers/base-config.provider.d.ts +84 -0
  205. package/src/common/providers/base-config.provider.js +128 -0
  206. package/src/common/providers/base-config.provider.js.map +1 -0
  207. package/src/common/records/plugin.record.d.ts +5 -6
  208. package/src/common/records/plugin.record.js.map +1 -1
  209. package/src/common/records/prompt.record.js.map +1 -1
  210. package/src/common/records/resource.record.d.ts +17 -1
  211. package/src/common/records/resource.record.js +12 -6
  212. package/src/common/records/resource.record.js.map +1 -1
  213. package/src/common/records/tool.record.js.map +1 -1
  214. package/src/common/schemas/annotated-class.schema.d.ts +9 -9
  215. package/src/common/schemas/annotated-class.schema.js +92 -27
  216. package/src/common/schemas/annotated-class.schema.js.map +1 -1
  217. package/src/common/schemas/http-input.schema.d.ts +6 -30
  218. package/src/common/schemas/http-output.schema.d.ts +336 -1632
  219. package/src/common/schemas/http-output.schema.js +39 -1
  220. package/src/common/schemas/http-output.schema.js.map +1 -1
  221. package/src/common/tokens/front-mcp.tokens.js +4 -1
  222. package/src/common/tokens/front-mcp.tokens.js.map +1 -1
  223. package/src/common/tokens/resource.tokens.d.ts +2 -0
  224. package/src/common/tokens/resource.tokens.js +4 -1
  225. package/src/common/tokens/resource.tokens.js.map +1 -1
  226. package/src/common/tokens/tool.tokens.d.ts +2 -0
  227. package/src/common/tokens/tool.tokens.js +2 -0
  228. package/src/common/tokens/tool.tokens.js.map +1 -1
  229. package/src/common/types/auth/jwt.types.d.ts +5 -31
  230. package/src/common/types/auth/session.types.d.ts +97 -192
  231. package/src/common/types/auth/session.types.js +24 -11
  232. package/src/common/types/auth/session.types.js.map +1 -1
  233. package/src/common/types/options/auth.options.d.ts +1013 -490
  234. package/src/common/types/options/auth.options.js +554 -36
  235. package/src/common/types/options/auth.options.js.map +1 -1
  236. package/src/common/types/options/http.options.d.ts +1 -9
  237. package/src/common/types/options/logging.options.d.ts +7 -13
  238. package/src/common/types/options/logging.options.js +4 -0
  239. package/src/common/types/options/logging.options.js.map +1 -1
  240. package/src/common/types/options/server-info.options.d.ts +3 -31
  241. package/src/common/types/options/session.options.d.ts +90 -10
  242. package/src/common/types/options/session.options.js +26 -3
  243. package/src/common/types/options/session.options.js.map +1 -1
  244. package/src/common/utils/decide-request-intent.utils.d.ts +8 -46
  245. package/src/common/utils/decide-request-intent.utils.js +88 -23
  246. package/src/common/utils/decide-request-intent.utils.js.map +1 -1
  247. package/src/completion/flows/complete.flow.d.ts +89 -0
  248. package/src/completion/flows/complete.flow.js +199 -0
  249. package/src/completion/flows/complete.flow.js.map +1 -0
  250. package/src/errors/authorization-required.error.d.ts +189 -0
  251. package/src/errors/authorization-required.error.js +274 -0
  252. package/src/errors/authorization-required.error.js.map +1 -0
  253. package/src/errors/index.d.ts +2 -1
  254. package/src/errors/index.js +17 -1
  255. package/src/errors/index.js.map +1 -1
  256. package/src/errors/mcp.error.d.ts +101 -1
  257. package/src/errors/mcp.error.js +147 -2
  258. package/src/errors/mcp.error.js.map +1 -1
  259. package/src/flows/flow.instance.js +4 -3
  260. package/src/flows/flow.instance.js.map +1 -1
  261. package/src/flows/flow.registry.js.map +1 -1
  262. package/src/flows/flow.stages.js +14 -11
  263. package/src/flows/flow.stages.js.map +1 -1
  264. package/src/front-mcp/front-mcp.providers.d.ts +464 -102
  265. package/src/front-mcp/front-mcp.providers.js +3 -5
  266. package/src/front-mcp/front-mcp.providers.js.map +1 -1
  267. package/src/hooks/hook.instance.d.ts +1 -1
  268. package/src/hooks/hook.instance.js +5 -2
  269. package/src/hooks/hook.instance.js.map +1 -1
  270. package/src/hooks/hook.registry.js +7 -5
  271. package/src/hooks/hook.registry.js.map +1 -1
  272. package/src/index.d.ts +28 -9
  273. package/src/index.js +5 -1
  274. package/src/index.js.map +1 -1
  275. package/src/logger/instances/instance.logger.js +3 -2
  276. package/src/logger/instances/instance.logger.js.map +1 -1
  277. package/src/logger/logger.registry.js +7 -2
  278. package/src/logger/logger.registry.js.map +1 -1
  279. package/src/logging/flows/set-level.flow.d.ts +77 -0
  280. package/src/logging/flows/set-level.flow.js +108 -0
  281. package/src/logging/flows/set-level.flow.js.map +1 -0
  282. package/src/mcp-apps/csp.d.ts +111 -0
  283. package/src/mcp-apps/csp.js +267 -0
  284. package/src/mcp-apps/csp.js.map +1 -0
  285. package/src/mcp-apps/index.d.ts +23 -0
  286. package/src/mcp-apps/index.js +91 -0
  287. package/src/mcp-apps/index.js.map +1 -0
  288. package/src/mcp-apps/schemas.d.ts +403 -0
  289. package/src/mcp-apps/schemas.js +345 -0
  290. package/src/mcp-apps/schemas.js.map +1 -0
  291. package/src/mcp-apps/template.d.ts +94 -0
  292. package/src/mcp-apps/template.js +419 -0
  293. package/src/mcp-apps/template.js.map +1 -0
  294. package/src/mcp-apps/types.d.ts +323 -0
  295. package/src/mcp-apps/types.js +59 -0
  296. package/src/mcp-apps/types.js.map +1 -0
  297. package/src/notification/index.d.ts +1 -0
  298. package/src/notification/index.js +13 -0
  299. package/src/notification/index.js.map +1 -0
  300. package/src/notification/notification.service.d.ts +378 -0
  301. package/src/notification/notification.service.js +727 -0
  302. package/src/notification/notification.service.js.map +1 -0
  303. package/src/plugin/plugin.registry.js +12 -9
  304. package/src/plugin/plugin.registry.js.map +1 -1
  305. package/src/prompt/flows/get-prompt.flow.d.ts +248 -0
  306. package/src/prompt/flows/get-prompt.flow.js +214 -0
  307. package/src/prompt/flows/get-prompt.flow.js.map +1 -0
  308. package/src/prompt/flows/prompts-list.flow.d.ts +78 -0
  309. package/src/prompt/flows/prompts-list.flow.js +176 -0
  310. package/src/prompt/flows/prompts-list.flow.js.map +1 -0
  311. package/src/prompt/index.d.ts +7 -0
  312. package/src/prompt/index.js +17 -0
  313. package/src/prompt/index.js.map +1 -0
  314. package/src/prompt/prompt.events.d.ts +17 -0
  315. package/src/prompt/prompt.events.js +25 -0
  316. package/src/prompt/prompt.events.js.map +1 -0
  317. package/src/prompt/prompt.instance.d.ts +30 -0
  318. package/src/prompt/prompt.instance.js +120 -0
  319. package/src/prompt/prompt.instance.js.map +1 -0
  320. package/src/prompt/prompt.registry.d.ts +79 -12
  321. package/src/prompt/prompt.registry.js +360 -15
  322. package/src/prompt/prompt.registry.js.map +1 -1
  323. package/src/prompt/prompt.types.d.ts +26 -0
  324. package/src/prompt/prompt.types.js +11 -0
  325. package/src/prompt/prompt.types.js.map +1 -0
  326. package/src/prompt/prompt.utils.d.ts +26 -0
  327. package/src/prompt/prompt.utils.js +136 -0
  328. package/src/prompt/prompt.utils.js.map +1 -0
  329. package/src/provider/provider.registry.d.ts +12 -5
  330. package/src/provider/provider.registry.js +30 -138
  331. package/src/provider/provider.registry.js.map +1 -1
  332. package/src/regsitry/registry.base.d.ts +1 -1
  333. package/src/regsitry/registry.base.js.map +1 -1
  334. package/src/resource/flows/read-resource.flow.d.ts +110 -0
  335. package/src/resource/flows/read-resource.flow.js +270 -0
  336. package/src/resource/flows/read-resource.flow.js.map +1 -0
  337. package/src/resource/flows/resource-templates-list.flow.d.ts +83 -0
  338. package/src/resource/flows/resource-templates-list.flow.js +191 -0
  339. package/src/resource/flows/resource-templates-list.flow.js.map +1 -0
  340. package/src/resource/flows/resources-list.flow.d.ts +83 -0
  341. package/src/resource/flows/resources-list.flow.js +196 -0
  342. package/src/resource/flows/resources-list.flow.js.map +1 -0
  343. package/src/resource/flows/subscribe-resource.flow.d.ts +60 -0
  344. package/src/resource/flows/subscribe-resource.flow.js +123 -0
  345. package/src/resource/flows/subscribe-resource.flow.js.map +1 -0
  346. package/src/resource/flows/unsubscribe-resource.flow.d.ts +59 -0
  347. package/src/resource/flows/unsubscribe-resource.flow.js +107 -0
  348. package/src/resource/flows/unsubscribe-resource.flow.js.map +1 -0
  349. package/src/resource/index.d.ts +8 -0
  350. package/src/resource/index.js +20 -0
  351. package/src/resource/index.js.map +1 -0
  352. package/src/resource/resource.events.d.ts +24 -0
  353. package/src/resource/resource.events.js +17 -0
  354. package/src/resource/resource.events.js.map +1 -0
  355. package/src/resource/resource.instance.d.ts +35 -0
  356. package/src/resource/resource.instance.js +163 -0
  357. package/src/resource/resource.instance.js.map +1 -0
  358. package/src/resource/resource.registry.d.ts +106 -12
  359. package/src/resource/resource.registry.js +449 -13
  360. package/src/resource/resource.registry.js.map +1 -1
  361. package/src/resource/resource.types.d.ts +35 -0
  362. package/src/resource/resource.types.js +11 -0
  363. package/src/resource/resource.types.js.map +1 -0
  364. package/src/resource/resource.utils.d.ts +30 -0
  365. package/src/resource/resource.utils.js +151 -0
  366. package/src/resource/resource.utils.js.map +1 -0
  367. package/src/scope/flows/http.request.flow.d.ts +48 -330
  368. package/src/scope/flows/http.request.flow.js +306 -78
  369. package/src/scope/flows/http.request.flow.js.map +1 -1
  370. package/src/scope/scope.instance.d.ts +12 -0
  371. package/src/scope/scope.instance.js +145 -15
  372. package/src/scope/scope.instance.js.map +1 -1
  373. package/src/tool/flows/call-tool.flow.d.ts +161 -1112
  374. package/src/tool/flows/call-tool.flow.js +303 -15
  375. package/src/tool/flows/call-tool.flow.js.map +1 -1
  376. package/src/tool/flows/tools-list.flow.d.ts +51 -474
  377. package/src/tool/flows/tools-list.flow.js +121 -40
  378. package/src/tool/flows/tools-list.flow.js.map +1 -1
  379. package/src/tool/tool.events.d.ts +8 -1
  380. package/src/tool/tool.events.js.map +1 -1
  381. package/src/tool/tool.instance.d.ts +3 -1
  382. package/src/tool/tool.instance.js +17 -3
  383. package/src/tool/tool.instance.js.map +1 -1
  384. package/src/tool/tool.registry.d.ts +7 -1
  385. package/src/tool/tool.registry.js +26 -10
  386. package/src/tool/tool.registry.js.map +1 -1
  387. package/src/tool/tool.types.d.ts +4 -4
  388. package/src/tool/tool.types.js.map +1 -1
  389. package/src/tool/tool.utils.d.ts +3 -12
  390. package/src/tool/tool.utils.js +39 -193
  391. package/src/tool/tool.utils.js.map +1 -1
  392. package/src/tool/ui/index.d.ts +22 -0
  393. package/src/tool/ui/index.js +63 -0
  394. package/src/tool/ui/index.js.map +1 -0
  395. package/src/tool/ui/platform-adapters.d.ts +10 -0
  396. package/src/tool/ui/platform-adapters.js +18 -0
  397. package/src/tool/ui/platform-adapters.js.map +1 -0
  398. package/src/tool/ui/template-helpers.d.ts +46 -0
  399. package/src/tool/ui/template-helpers.js +112 -0
  400. package/src/tool/ui/template-helpers.js.map +1 -0
  401. package/src/tool/ui/ui-resource-template.d.ts +34 -0
  402. package/src/tool/ui/ui-resource-template.js +64 -0
  403. package/src/tool/ui/ui-resource-template.js.map +1 -0
  404. package/src/tool/ui/ui-resource.handler.d.ts +74 -0
  405. package/src/tool/ui/ui-resource.handler.js +129 -0
  406. package/src/tool/ui/ui-resource.handler.js.map +1 -0
  407. package/src/transport/adapters/transport.local.adapter.d.ts +2 -2
  408. package/src/transport/adapters/transport.local.adapter.js +28 -7
  409. package/src/transport/adapters/transport.local.adapter.js.map +1 -1
  410. package/src/transport/adapters/transport.sse.adapter.d.ts +2 -2
  411. package/src/transport/adapters/transport.sse.adapter.js +4 -3
  412. package/src/transport/adapters/transport.sse.adapter.js.map +1 -1
  413. package/src/transport/adapters/transport.streamable-http.adapter.d.ts +10 -3
  414. package/src/transport/adapters/transport.streamable-http.adapter.js +54 -8
  415. package/src/transport/adapters/transport.streamable-http.adapter.js.map +1 -1
  416. package/src/transport/flows/handle.sse.flow.d.ts +29 -63
  417. package/src/transport/flows/handle.sse.flow.js +78 -10
  418. package/src/transport/flows/handle.sse.flow.js.map +1 -1
  419. package/src/transport/flows/handle.stateless-http.flow.d.ts +29 -0
  420. package/src/transport/flows/handle.stateless-http.flow.js +102 -0
  421. package/src/transport/flows/handle.stateless-http.flow.js.map +1 -0
  422. package/src/transport/flows/handle.streamable-http.flow.d.ts +32 -64
  423. package/src/transport/flows/handle.streamable-http.flow.js +158 -26
  424. package/src/transport/flows/handle.streamable-http.flow.js.map +1 -1
  425. package/src/transport/legacy/legacy.sse.tranporter.d.ts +9 -0
  426. package/src/transport/legacy/legacy.sse.tranporter.js +17 -2
  427. package/src/transport/legacy/legacy.sse.tranporter.js.map +1 -1
  428. package/src/transport/mcp-handlers/call-tool-request.handler.js +27 -1
  429. package/src/transport/mcp-handlers/call-tool-request.handler.js.map +1 -1
  430. package/src/transport/mcp-handlers/complete-request.handler.d.ts +95 -0
  431. package/src/transport/mcp-handlers/complete-request.handler.js +11 -0
  432. package/src/transport/mcp-handlers/complete-request.handler.js.map +1 -0
  433. package/src/transport/mcp-handlers/get-prompt-request.handler.d.ts +138 -0
  434. package/src/transport/mcp-handlers/get-prompt-request.handler.js +11 -0
  435. package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +1 -0
  436. package/src/transport/mcp-handlers/index.d.ts +922 -207
  437. package/src/transport/mcp-handlers/index.js +39 -2
  438. package/src/transport/mcp-handlers/index.js.map +1 -1
  439. package/src/transport/mcp-handlers/initialize-request.handler.d.ts +1 -1
  440. package/src/transport/mcp-handlers/initialize-request.handler.js +73 -7
  441. package/src/transport/mcp-handlers/initialize-request.handler.js.map +1 -1
  442. package/src/transport/mcp-handlers/list-prompts-request.handler.d.ts +80 -0
  443. package/src/transport/mcp-handlers/list-prompts-request.handler.js +11 -0
  444. package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +1 -0
  445. package/src/transport/mcp-handlers/list-resource-templates-request.handler.d.ts +82 -0
  446. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +12 -0
  447. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +1 -0
  448. package/src/transport/mcp-handlers/list-resources-request.handler.d.ts +82 -0
  449. package/src/transport/mcp-handlers/list-resources-request.handler.js +12 -0
  450. package/src/transport/mcp-handlers/list-resources-request.handler.js.map +1 -0
  451. package/src/transport/mcp-handlers/list-tools-request.handler.d.ts +47 -145
  452. package/src/transport/mcp-handlers/logging-set-level-request.handler.d.ts +66 -0
  453. package/src/transport/mcp-handlers/logging-set-level-request.handler.js +34 -0
  454. package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +1 -0
  455. package/src/transport/mcp-handlers/mcp-handlers.types.d.ts +3 -7
  456. package/src/transport/mcp-handlers/mcp-handlers.types.js.map +1 -1
  457. package/src/transport/mcp-handlers/read-resource-request.handler.d.ts +72 -0
  458. package/src/transport/mcp-handlers/read-resource-request.handler.js +12 -0
  459. package/src/transport/mcp-handlers/read-resource-request.handler.js.map +1 -0
  460. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.d.ts +11 -0
  461. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +26 -0
  462. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +1 -0
  463. package/src/transport/mcp-handlers/subscribe-request.handler.d.ts +57 -0
  464. package/src/transport/mcp-handlers/subscribe-request.handler.js +34 -0
  465. package/src/transport/mcp-handlers/subscribe-request.handler.js.map +1 -0
  466. package/src/transport/mcp-handlers/unsubscribe-request.handler.d.ts +57 -0
  467. package/src/transport/mcp-handlers/unsubscribe-request.handler.js +34 -0
  468. package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +1 -0
  469. package/src/transport/transport.local.js +7 -2
  470. package/src/transport/transport.local.js.map +1 -1
  471. package/src/transport/transport.registry.d.ts +30 -0
  472. package/src/transport/transport.registry.js +84 -1
  473. package/src/transport/transport.registry.js.map +1 -1
  474. package/src/transport/transport.types.d.ts +3 -3
  475. package/src/transport/transport.types.js.map +1 -1
  476. package/src/utils/content.utils.d.ts +48 -0
  477. package/src/utils/content.utils.js +194 -0
  478. package/src/utils/content.utils.js.map +1 -0
  479. package/src/utils/index.d.ts +8 -0
  480. package/src/utils/index.js +55 -0
  481. package/src/utils/index.js.map +1 -0
  482. package/src/utils/lineage.utils.d.ts +40 -0
  483. package/src/utils/lineage.utils.js +82 -0
  484. package/src/utils/lineage.utils.js.map +1 -0
  485. package/src/utils/naming.utils.d.ts +46 -0
  486. package/src/utils/naming.utils.js +136 -0
  487. package/src/utils/naming.utils.js.map +1 -0
  488. package/src/utils/types.utils.d.ts +2 -2
  489. package/src/utils/types.utils.js.map +1 -1
  490. package/src/utils/uri-template.utils.d.ts +57 -0
  491. package/src/utils/uri-template.utils.js +113 -0
  492. package/src/utils/uri-template.utils.js.map +1 -0
  493. package/src/utils/uri-validation.utils.d.ts +40 -0
  494. package/src/utils/uri-validation.utils.js +76 -0
  495. package/src/utils/uri-validation.utils.js.map +1 -0
  496. package/src/__test-utils__/fixtures/hook.fixtures.d.ts +0 -46
  497. package/src/__test-utils__/fixtures/hook.fixtures.js +0 -114
  498. package/src/__test-utils__/fixtures/hook.fixtures.js.map +0 -1
  499. package/src/__test-utils__/fixtures/index.d.ts +0 -7
  500. package/src/__test-utils__/fixtures/index.js +0 -11
  501. package/src/__test-utils__/fixtures/index.js.map +0 -1
  502. package/src/__test-utils__/fixtures/plugin.fixtures.d.ts +0 -46
  503. package/src/__test-utils__/fixtures/plugin.fixtures.js +0 -127
  504. package/src/__test-utils__/fixtures/plugin.fixtures.js.map +0 -1
  505. package/src/__test-utils__/fixtures/provider.fixtures.d.ts +0 -69
  506. package/src/__test-utils__/fixtures/provider.fixtures.js +0 -131
  507. package/src/__test-utils__/fixtures/provider.fixtures.js.map +0 -1
  508. package/src/__test-utils__/fixtures/scope.fixtures.d.ts +0 -14
  509. package/src/__test-utils__/fixtures/scope.fixtures.js +0 -59
  510. package/src/__test-utils__/fixtures/scope.fixtures.js.map +0 -1
  511. package/src/__test-utils__/fixtures/tool.fixtures.d.ts +0 -36
  512. package/src/__test-utils__/fixtures/tool.fixtures.js +0 -91
  513. package/src/__test-utils__/fixtures/tool.fixtures.js.map +0 -1
  514. package/src/__test-utils__/helpers/assertion.helpers.d.ts +0 -45
  515. package/src/__test-utils__/helpers/assertion.helpers.js +0 -153
  516. package/src/__test-utils__/helpers/assertion.helpers.js.map +0 -1
  517. package/src/__test-utils__/helpers/async.helpers.d.ts +0 -48
  518. package/src/__test-utils__/helpers/async.helpers.js +0 -112
  519. package/src/__test-utils__/helpers/async.helpers.js.map +0 -1
  520. package/src/__test-utils__/helpers/index.d.ts +0 -6
  521. package/src/__test-utils__/helpers/index.js +0 -10
  522. package/src/__test-utils__/helpers/index.js.map +0 -1
  523. package/src/__test-utils__/helpers/setup.helpers.d.ts +0 -54
  524. package/src/__test-utils__/helpers/setup.helpers.js +0 -106
  525. package/src/__test-utils__/helpers/setup.helpers.js.map +0 -1
  526. package/src/__test-utils__/index.d.ts +0 -9
  527. package/src/__test-utils__/index.js +0 -14
  528. package/src/__test-utils__/index.js.map +0 -1
  529. package/src/__test-utils__/mocks/flow-instance.mock.d.ts +0 -50
  530. package/src/__test-utils__/mocks/flow-instance.mock.js +0 -72
  531. package/src/__test-utils__/mocks/flow-instance.mock.js.map +0 -1
  532. package/src/__test-utils__/mocks/hook-registry.mock.d.ts +0 -25
  533. package/src/__test-utils__/mocks/hook-registry.mock.js +0 -65
  534. package/src/__test-utils__/mocks/hook-registry.mock.js.map +0 -1
  535. package/src/__test-utils__/mocks/index.d.ts +0 -8
  536. package/src/__test-utils__/mocks/index.js +0 -12
  537. package/src/__test-utils__/mocks/index.js.map +0 -1
  538. package/src/__test-utils__/mocks/plugin-registry.mock.d.ts +0 -43
  539. package/src/__test-utils__/mocks/plugin-registry.mock.js +0 -70
  540. package/src/__test-utils__/mocks/plugin-registry.mock.js.map +0 -1
  541. package/src/__test-utils__/mocks/provider-registry.mock.d.ts +0 -39
  542. package/src/__test-utils__/mocks/provider-registry.mock.js +0 -72
  543. package/src/__test-utils__/mocks/provider-registry.mock.js.map +0 -1
  544. package/src/__test-utils__/mocks/tool-registry.mock.d.ts +0 -43
  545. package/src/__test-utils__/mocks/tool-registry.mock.js +0 -79
  546. package/src/__test-utils__/mocks/tool-registry.mock.js.map +0 -1
  547. package/src/auth/path.utils.d.ts +0 -20
  548. package/src/auth/path.utils.js +0 -71
  549. package/src/auth/path.utils.js.map +0 -1
  550. package/src/common/decorators-old/async-with.decorator.d.ts +0 -10
  551. package/src/common/decorators-old/async-with.decorator.js +0 -24
  552. package/src/common/decorators-old/async-with.decorator.js.map +0 -1
  553. package/src/common/decorators-old/auth-hook.decorator.d.ts +0 -14
  554. package/src/common/decorators-old/auth-hook.decorator.js +0 -27
  555. package/src/common/decorators-old/auth-hook.decorator.js.map +0 -1
  556. package/src/common/decorators-old/session-hook.decorator.d.ts +0 -14
  557. package/src/common/decorators-old/session-hook.decorator.js +0 -27
  558. package/src/common/decorators-old/session-hook.decorator.js.map +0 -1
package/src/auth/flows/well-known.oauth-authorization-server.flow.d.ts CHANGED
@@ -2,27 +2,11 @@ import 'reflect-metadata';
2
2
  import { z } from 'zod';
3
3
  import { FlowBase, FlowRunOptions, ScopeEntry, ServerRequest } from '../../common';
4
4
  declare const inputSchema: z.ZodObject<{
5
- request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
6
- response: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
7
- next: z.ZodOptional<z.ZodFunction<z.ZodTuple<[], z.ZodUnknown>, z.ZodUnknown>>;
8
- }, "strip", z.ZodTypeAny, {
9
- request: {} & {
10
- [k: string]: unknown;
11
- };
12
- response: {} & {
13
- [k: string]: unknown;
14
- };
15
- next?: ((...args: unknown[]) => unknown) | undefined;
16
- }, {
17
- request: {} & {
18
- [k: string]: unknown;
19
- };
20
- response: {} & {
21
- [k: string]: unknown;
22
- };
23
- next?: ((...args: unknown[]) => unknown) | undefined;
24
- }>;
25
- export declare const outputSchema: z.ZodUnion<[z.ZodObject<{
5
+ request: z.ZodObject<{}, z.core.$loose>;
6
+ response: z.ZodObject<{}, z.core.$loose>;
7
+ next: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
8
+ }, z.core.$strip>;
9
+ export declare const outputSchema: z.ZodUnion<readonly [z.ZodObject<{
26
10
  kind: z.ZodLiteral<"json">;
27
11
  status: z.ZodLiteral<200>;
28
12
  contentType: z.ZodLiteral<"application/json; charset=utf-8">;
@@ -33,80 +17,28 @@ export declare const outputSchema: z.ZodUnion<[z.ZodObject<{
33
17
  userinfo_endpoint: z.ZodOptional<z.ZodString>;
34
18
  jwks_uri: z.ZodString;
35
19
  registration_endpoint: z.ZodOptional<z.ZodString>;
36
- token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<["client_secret_basic", "client_secret_post", "private_key_jwt"]>, "many">>;
37
- response_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
38
- grant_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token"]>, "many">>;
39
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
40
- code_challenge_methods_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["S256"]>, "many">>;
41
- }, "passthrough", z.ZodTypeAny, z.objectOutputType<{
42
- issuer: z.ZodString;
43
- authorization_endpoint: z.ZodString;
44
- token_endpoint: z.ZodString;
45
- userinfo_endpoint: z.ZodOptional<z.ZodString>;
46
- jwks_uri: z.ZodString;
47
- registration_endpoint: z.ZodOptional<z.ZodString>;
48
- token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<["client_secret_basic", "client_secret_post", "private_key_jwt"]>, "many">>;
49
- response_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
50
- grant_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token"]>, "many">>;
51
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
52
- code_challenge_methods_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["S256"]>, "many">>;
53
- }, z.ZodTypeAny, "passthrough">, z.objectInputType<{
54
- issuer: z.ZodString;
55
- authorization_endpoint: z.ZodString;
56
- token_endpoint: z.ZodString;
57
- userinfo_endpoint: z.ZodOptional<z.ZodString>;
58
- jwks_uri: z.ZodString;
59
- registration_endpoint: z.ZodOptional<z.ZodString>;
60
- token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<["client_secret_basic", "client_secret_post", "private_key_jwt"]>, "many">>;
61
- response_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["code"]>, "many">>;
62
- grant_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["authorization_code", "refresh_token"]>, "many">>;
63
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
64
- code_challenge_methods_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<["S256"]>, "many">>;
65
- }, z.ZodTypeAny, "passthrough">>;
66
- }, "strip", z.ZodTypeAny, {
67
- status: 200;
68
- kind: "json";
69
- body: {
70
- scopes_supported: string[];
71
- issuer: string;
72
- authorization_endpoint: string;
73
- token_endpoint: string;
74
- jwks_uri: string;
75
- response_types_supported: "code"[];
76
- grant_types_supported: ("authorization_code" | "refresh_token")[];
77
- code_challenge_methods_supported: "S256"[];
78
- userinfo_endpoint?: string | undefined;
79
- registration_endpoint?: string | undefined;
80
- token_endpoint_auth_methods_supported?: ("client_secret_basic" | "client_secret_post" | "private_key_jwt")[] | undefined;
81
- } & {
82
- [k: string]: unknown;
83
- };
84
- contentType: "application/json; charset=utf-8";
85
- }, {
86
- status: 200;
87
- kind: "json";
88
- body: {
89
- issuer: string;
90
- authorization_endpoint: string;
91
- token_endpoint: string;
92
- jwks_uri: string;
93
- scopes_supported?: string[] | undefined;
94
- userinfo_endpoint?: string | undefined;
95
- registration_endpoint?: string | undefined;
96
- token_endpoint_auth_methods_supported?: ("client_secret_basic" | "client_secret_post" | "private_key_jwt")[] | undefined;
97
- response_types_supported?: "code"[] | undefined;
98
- grant_types_supported?: ("authorization_code" | "refresh_token")[] | undefined;
99
- code_challenge_methods_supported?: "S256"[] | undefined;
100
- } & {
101
- [k: string]: unknown;
102
- };
103
- contentType: "application/json; charset=utf-8";
104
- }>, z.ZodObject<{
20
+ token_endpoint_auth_methods_supported: z.ZodOptional<z.ZodArray<z.ZodEnum<{
21
+ client_secret_basic: "client_secret_basic";
22
+ client_secret_post: "client_secret_post";
23
+ private_key_jwt: "private_key_jwt";
24
+ }>>>;
25
+ response_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<{
26
+ code: "code";
27
+ }>>>;
28
+ grant_types_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<{
29
+ authorization_code: "authorization_code";
30
+ refresh_token: "refresh_token";
31
+ }>>>;
32
+ scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString>>;
33
+ code_challenge_methods_supported: z.ZodDefault<z.ZodArray<z.ZodEnum<{
34
+ S256: "S256";
35
+ }>>>;
36
+ }, z.core.$loose>;
37
+ }, z.core.$strip>, z.ZodObject<{
105
38
  kind: z.ZodLiteral<"redirect">;
106
- status: z.ZodDefault<z.ZodType<301 | 302 | 303 | 307 | 308, z.ZodTypeDef, 301 | 302 | 303 | 307 | 308>>;
39
+ status: z.ZodDefault<z.ZodType<301 | 302 | 303 | 307 | 308, unknown, z.core.$ZodTypeInternals<301 | 302 | 303 | 307 | 308, unknown>>>;
107
40
  location: z.ZodString;
108
- } & {
109
- headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
41
+ headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>]>>>>;
110
42
  cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
111
43
  name: z.ZodString;
112
44
  value: z.ZodString;
@@ -114,69 +46,20 @@ export declare const outputSchema: z.ZodUnion<[z.ZodObject<{
114
46
  domain: z.ZodOptional<z.ZodString>;
115
47
  httpOnly: z.ZodDefault<z.ZodBoolean>;
116
48
  secure: z.ZodOptional<z.ZodBoolean>;
117
- sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
49
+ sameSite: z.ZodOptional<z.ZodEnum<{
50
+ lax: "lax";
51
+ strict: "strict";
52
+ none: "none";
53
+ }>>;
118
54
  maxAge: z.ZodOptional<z.ZodNumber>;
119
55
  expires: z.ZodOptional<z.ZodDate>;
120
- }, "strip", z.ZodTypeAny, {
121
- value: string;
122
- path: string;
123
- name: string;
124
- httpOnly: boolean;
125
- domain?: string | undefined;
126
- secure?: boolean | undefined;
127
- sameSite?: "strict" | "lax" | "none" | undefined;
128
- maxAge?: number | undefined;
129
- expires?: Date | undefined;
130
- }, {
131
- value: string;
132
- name: string;
133
- path?: string | undefined;
134
- domain?: string | undefined;
135
- httpOnly?: boolean | undefined;
136
- secure?: boolean | undefined;
137
- sameSite?: "strict" | "lax" | "none" | undefined;
138
- maxAge?: number | undefined;
139
- expires?: Date | undefined;
140
- }>, "many">>>;
141
- }, "strip", z.ZodTypeAny, {
142
- status: 301 | 302 | 303 | 307 | 308;
143
- kind: "redirect";
144
- location: string;
145
- headers?: Record<string, string | string[]> | undefined;
146
- cookies?: {
147
- value: string;
148
- path: string;
149
- name: string;
150
- httpOnly: boolean;
151
- domain?: string | undefined;
152
- secure?: boolean | undefined;
153
- sameSite?: "strict" | "lax" | "none" | undefined;
154
- maxAge?: number | undefined;
155
- expires?: Date | undefined;
156
- }[] | undefined;
157
- }, {
158
- kind: "redirect";
159
- location: string;
160
- status?: 301 | 302 | 303 | 307 | 308 | undefined;
161
- headers?: Record<string, string | string[]> | undefined;
162
- cookies?: {
163
- value: string;
164
- name: string;
165
- path?: string | undefined;
166
- domain?: string | undefined;
167
- httpOnly?: boolean | undefined;
168
- secure?: boolean | undefined;
169
- sameSite?: "strict" | "lax" | "none" | undefined;
170
- maxAge?: number | undefined;
171
- expires?: Date | undefined;
172
- }[] | undefined;
173
- }>, z.ZodObject<{
56
+ }, z.core.$strip>>>>;
57
+ }, z.core.$strip>, z.ZodObject<{
174
58
  kind: z.ZodLiteral<"text">;
175
- status: z.ZodEffects<z.ZodNumber, number, number>;
59
+ status: z.ZodNumber;
176
60
  body: z.ZodString;
177
61
  contentType: z.ZodDefault<z.ZodString>;
178
- } & {
179
- headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
62
+ headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>]>>>>;
180
63
  cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
181
64
  name: z.ZodString;
182
65
  value: z.ZodString;
@@ -184,84 +67,26 @@ export declare const outputSchema: z.ZodUnion<[z.ZodObject<{
184
67
  domain: z.ZodOptional<z.ZodString>;
185
68
  httpOnly: z.ZodDefault<z.ZodBoolean>;
186
69
  secure: z.ZodOptional<z.ZodBoolean>;
187
- sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
70
+ sameSite: z.ZodOptional<z.ZodEnum<{
71
+ lax: "lax";
72
+ strict: "strict";
73
+ none: "none";
74
+ }>>;
188
75
  maxAge: z.ZodOptional<z.ZodNumber>;
189
76
  expires: z.ZodOptional<z.ZodDate>;
190
- }, "strip", z.ZodTypeAny, {
191
- value: string;
192
- path: string;
193
- name: string;
194
- httpOnly: boolean;
195
- domain?: string | undefined;
196
- secure?: boolean | undefined;
197
- sameSite?: "strict" | "lax" | "none" | undefined;
198
- maxAge?: number | undefined;
199
- expires?: Date | undefined;
200
- }, {
201
- value: string;
202
- name: string;
203
- path?: string | undefined;
204
- domain?: string | undefined;
205
- httpOnly?: boolean | undefined;
206
- secure?: boolean | undefined;
207
- sameSite?: "strict" | "lax" | "none" | undefined;
208
- maxAge?: number | undefined;
209
- expires?: Date | undefined;
210
- }>, "many">>>;
211
- }, "strip", z.ZodTypeAny, {
212
- status: number;
213
- kind: "text";
214
- body: string;
215
- contentType: string;
216
- headers?: Record<string, string | string[]> | undefined;
217
- cookies?: {
218
- value: string;
219
- path: string;
220
- name: string;
221
- httpOnly: boolean;
222
- domain?: string | undefined;
223
- secure?: boolean | undefined;
224
- sameSite?: "strict" | "lax" | "none" | undefined;
225
- maxAge?: number | undefined;
226
- expires?: Date | undefined;
227
- }[] | undefined;
228
- }, {
229
- status: number;
230
- kind: "text";
231
- body: string;
232
- headers?: Record<string, string | string[]> | undefined;
233
- cookies?: {
234
- value: string;
235
- name: string;
236
- path?: string | undefined;
237
- domain?: string | undefined;
238
- httpOnly?: boolean | undefined;
239
- secure?: boolean | undefined;
240
- sameSite?: "strict" | "lax" | "none" | undefined;
241
- maxAge?: number | undefined;
242
- expires?: Date | undefined;
243
- }[] | undefined;
244
- contentType?: string | undefined;
245
- }>]>;
77
+ }, z.core.$strip>>>>;
78
+ }, z.core.$strip>]>;
246
79
  export declare const wellKnownAsStateSchema: z.ZodObject<{
247
80
  baseUrl: z.ZodString;
248
- scopesSupported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
249
- tokenEndpointAuthMethods: z.ZodDefault<z.ZodArray<z.ZodEnum<["client_secret_basic", "client_secret_post", "private_key_jwt"]>, "many">>;
81
+ scopesSupported: z.ZodDefault<z.ZodArray<z.ZodString>>;
82
+ tokenEndpointAuthMethods: z.ZodDefault<z.ZodArray<z.ZodEnum<{
83
+ client_secret_basic: "client_secret_basic";
84
+ client_secret_post: "client_secret_post";
85
+ private_key_jwt: "private_key_jwt";
86
+ }>>>;
250
87
  dcrEnabled: z.ZodDefault<z.ZodBoolean>;
251
88
  isOrchestrated: z.ZodBoolean;
252
- }, "strip", z.ZodTypeAny, {
253
- baseUrl: string;
254
- dcrEnabled: boolean;
255
- scopesSupported: string[];
256
- isOrchestrated: boolean;
257
- tokenEndpointAuthMethods: ("client_secret_basic" | "client_secret_post" | "private_key_jwt")[];
258
- }, {
259
- baseUrl: string;
260
- isOrchestrated: boolean;
261
- dcrEnabled?: boolean | undefined;
262
- scopesSupported?: string[] | undefined;
263
- tokenEndpointAuthMethods?: ("client_secret_basic" | "client_secret_post" | "private_key_jwt")[] | undefined;
264
- }>;
89
+ }, z.core.$strip>;
265
90
  declare const wellKnownAsPlan: {
266
91
  readonly pre: ["parseInput"];
267
92
  readonly execute: ["collectData"];
package/src/auth/flows/well-known.oauth-authorization-server.flow.js CHANGED
@@ -6,7 +6,6 @@ const tslib_1 = require("tslib");
6
6
  require("reflect-metadata");
7
7
  const zod_1 = require("zod");
8
8
  const common_1 = require("../../common");
9
- const path_utils_1 = require("../path.utils");
10
9
  const inputSchema = common_1.httpInputSchema;
11
10
  // ===== Result =====
12
11
  const AuthServerMetadataSchema = zod_1.z.object({
@@ -51,13 +50,13 @@ const name = 'well-known.oauth-authorization-server';
51
50
  const Stage = (0, common_1.StageHookOf)(name);
52
51
  let WellKnownAsFlow = class WellKnownAsFlow extends common_1.FlowBase {
53
52
  static canActivate(request, scope) {
54
- return (0, path_utils_1.makeWellKnownPaths)('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);
53
+ return (0, common_1.makeWellKnownPaths)('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);
55
54
  }
56
55
  async parseInput() {
57
56
  const { request } = this.rawInput;
58
57
  if (!request)
59
58
  throw new Error('Request is undefined');
60
- const baseUrl = (0, path_utils_1.getRequestBaseUrl)(request, this.scope.entryPath);
59
+ const baseUrl = (0, common_1.getRequestBaseUrl)(request, this.scope.entryPath);
61
60
  this.state.set(exports.wellKnownAsStateSchema.parse({
62
61
  baseUrl,
63
62
  scopesSupported: [],
package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"well-known.oauth-authorization-server.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.oauth-authorization-server.flow.ts"],"names":[],"mappings":";;;;AAAA,2DAA2D;AAC3D,4BAA0B;AAC1B,6BAAsB;AACtB,yCAUsB;AACtB,8CAAoE;AAGpE,MAAM,WAAW,GAAG,wBAAe,CAAC;AAGpC,qBAAqB;AACrB,MAAM,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACvB,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACtB,WAAW,EAAE,OAAC,CAAC,OAAO,CAAC,iCAAiC,CAAC;IACzD,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzB,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzC,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QAC/C,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACnD,qCAAqC,EAAE,OAAC;aACrC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;aAC/E,QAAQ,EAAE;QACb,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;QACrE,qBAAqB,EAAE,OAAC;aACrB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC,CAAC;aACtD,OAAO,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;QACnD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,gCAAgC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;KAC9E,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEU,QAAA,YAAY,GAAG,OAAC,CAAC,KAAK,CAAC,CAAC,wBAAwB,EAAE,2BAAkB,EAAE,uBAAc,CAAC,CAAC,CAAC;AAEvF,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,qCAAqC;IACjE,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,wBAAwB,EAAE,OAAC;SACxB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;SAC/E,OAAO,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,CAAC,CAAC;IACzD,UAAU,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAGH,MAAM,eAAe,GAAG;IACtB,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;CACW,CAAC;AAiBtC,MAAM,IAAI,GAAG,uCAAgD,CAAC;AAC9D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAajB,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,iBAAqB;IAChE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,+BAAkB,EAAC,4BAA4B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAC,OAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,OAAO,GAAG,IAAA,8BAAiB,EAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,8BAAsB,CAAC,KAAK,CAAC;YAC1C,OAAO;YACP,eAAe,EAAE,EAAE;YACnB,wBAAwB,EAAE,EAAE;YAC5B,UAAU,EAAE,KAAK,EAAE,yBAAyB;YAC5C,cAAc,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,sBAAsB;SAClE,CAAC,CAAC,CAAC;IACN,CAAC;IAGK,AAAN,KAAK,CAAC,WAAW;QACf,MAAM,EAAC,OAAO,EAAE,eAAe,EAAE,wBAAwB,EAAE,UAAU,EAAE,cAAc,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC7G,oCAAoC;QACpC,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,GAAG,OAAO,EAAE,CAAC;YAChC,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,MAAM,EAAE,UAAU;oBAClB,sBAAsB,EAAE,GAAG,UAAU,kBAAkB;oBACvD,cAAc,EAAE,GAAG,UAAU,cAAc;oBAC3C,iBAAiB,EAAE,GAAG,UAAU,iBAAiB;oBACjD,QAAQ,EAAE,GAAG,UAAU,wBAAwB;oBAC/C,qBAAqB,EAAE,GAAG,UAAU,iBAAiB;oBACrD,qCAAqC,EAAE,wBAAwB;oBAC/D,wBAAwB,EAAE,CAAC,MAAM,CAAC;oBAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;oBAC9D,gBAAgB,EAAE,eAAe;oBACjC,gCAAgC,EAAE,CAAC,MAAM,CAAC;iBAC3C;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QAChC,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,MAAM,yCAAyC,CAAC,CAAC,CAAC;IACjG,CAAC;CACF,CAAA;AA3CO;IADL,KAAK,CAAC,YAAY,CAAC;;;;iDAanB;AAGK;IADL,KAAK,CAAC,aAAa,CAAC;;;;kDA4BpB;AAhDkB,eAAe;IAVnC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI,EAAE,eAAe;QACrB,WAAW;QACX,YAAY,EAAZ,oBAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,eAAe,CAiDnC;kBAjDoB,eAAe","sourcesContent":["// auth/flows/well-known.oauth-authorization-server.flow.ts\nimport 'reflect-metadata';\nimport {z} from 'zod';\nimport {\n HttpRedirectSchema,\n httpRespond,\n HttpTextSchema,\n Flow,\n FlowBase,\n FlowRunOptions,\n ScopeEntry,\n ServerRequest,\n StageHookOf, httpInputSchema, FlowPlan,\n} from '../../common';\nimport {getRequestBaseUrl, makeWellKnownPaths} from '../path.utils';\n\n\nconst inputSchema = httpInputSchema;\n\n\n// ===== Result =====\nconst AuthServerMetadataSchema = z.object({\n kind: z.literal('json'),\n status: z.literal(200),\n contentType: z.literal('application/json; charset=utf-8'),\n body: z\n .object({\n issuer: z.string().min(1),\n authorization_endpoint: z.string().min(1),\n token_endpoint: z.string().min(1),\n userinfo_endpoint: z.string().min(1).optional(),\n jwks_uri: z.string().min(1),\n registration_endpoint: z.string().min(1).optional(),\n token_endpoint_auth_methods_supported: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .optional(),\n response_types_supported: z.array(z.enum(['code'])).default(['code']),\n grant_types_supported: z\n .array(z.enum(['authorization_code', 'refresh_token']))\n .default(['authorization_code', 'refresh_token']),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n code_challenge_methods_supported: z.array(z.enum(['S256'])).default(['S256']),\n })\n .passthrough(),\n});\n\nexport const outputSchema = z.union([AuthServerMetadataSchema, HttpRedirectSchema, HttpTextSchema]);\n\nexport const wellKnownAsStateSchema = z.object({\n baseUrl: z.string().min(1), // baseUrl + entryPrefix (unsuffixed)\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n tokenEndpointAuthMethods: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .default(['client_secret_basic', 'client_secret_post']),\n dcrEnabled: z.boolean().default(true),\n isOrchestrated: z.boolean(),\n});\n\n\nconst wellKnownAsPlan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n} as const satisfies FlowPlan<string>;\n\ntype WellKnownAsPlan = typeof wellKnownAsPlan;\ntype WellKnownAsFlowOptions = FlowRunOptions<\n WellKnownAsFlow,\n WellKnownAsPlan,\n typeof inputSchema,\n typeof outputSchema,\n typeof wellKnownAsStateSchema\n>\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-authorization-server': WellKnownAsFlowOptions;\n }\n}\n\nconst name = 'well-known.oauth-authorization-server' as const;\nconst Stage = StageHookOf(name);\n\n\n@Flow({\n name,\n plan: wellKnownAsPlan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownAsFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const {request} = this.rawInput;\n if (!request) throw new Error('Request is undefined');\n\n const baseUrl = getRequestBaseUrl(request, this.scope.entryPath);\n this.state.set(wellKnownAsStateSchema.parse({\n baseUrl,\n scopesSupported: [],\n tokenEndpointAuthMethods: [],\n dcrEnabled: false, //scope.oauth.dcrEnabled,\n isOrchestrated: !this.scope.metadata.auth, // scope.orchestrated,\n }));\n }\n\n @Stage('collectData')\n async collectData() {\n const {baseUrl, scopesSupported, tokenEndpointAuthMethods, dcrEnabled, isOrchestrated} = this.state.required;\n // Orchestrated => gateway is the AS\n if (isOrchestrated) {\n const baseIssuer = `${baseUrl}`;\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n issuer: baseIssuer,\n authorization_endpoint: `${baseIssuer}/oauth/authorize`,\n token_endpoint: `${baseIssuer}/oauth/token`,\n userinfo_endpoint: `${baseIssuer}/oauth/userinfo`,\n jwks_uri: `${baseIssuer}/.well-known/jwks.json`,\n registration_endpoint: `${baseIssuer}/oauth/register`,\n token_endpoint_auth_methods_supported: tokenEndpointAuthMethods,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n scopes_supported: scopesSupported,\n code_challenge_methods_supported: ['S256'],\n },\n });\n return;\n }\n const primary = this.scope.auth;\n this.respond(httpRespond.redirect(`${primary.issuer}/.well-known/oauth-authorization-server`));\n }\n}\n"]}
1
+ {"version":3,"file":"well-known.oauth-authorization-server.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.oauth-authorization-server.flow.ts"],"names":[],"mappings":";;;;AAAA,2DAA2D;AAC3D,4BAA0B;AAC1B,6BAAwB;AACxB,yCAcsB;AAEtB,MAAM,WAAW,GAAG,wBAAe,CAAC;AAEpC,qBAAqB;AACrB,MAAM,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,OAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACvB,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACtB,WAAW,EAAE,OAAC,CAAC,OAAO,CAAC,iCAAiC,CAAC;IACzD,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzB,sBAAsB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACzC,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,iBAAiB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QAC/C,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACnD,qCAAqC,EAAE,OAAC;aACrC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;aAC/E,QAAQ,EAAE;QACb,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;QACrE,qBAAqB,EAAE,OAAC;aACrB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC,CAAC;aACtD,OAAO,CAAC,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;QACnD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,gCAAgC,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;KAC9E,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEU,QAAA,YAAY,GAAG,OAAC,CAAC,KAAK,CAAC,CAAC,wBAAwB,EAAE,2BAAkB,EAAE,uBAAc,CAAC,CAAC,CAAC;AAEvF,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,qCAAqC;IACjE,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,wBAAwB,EAAE,OAAC;SACxB,KAAK,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,EAAE,iBAAiB,CAAC,CAAC,CAAC;SAC/E,OAAO,CAAC,CAAC,qBAAqB,EAAE,oBAAoB,CAAC,CAAC;IACzD,UAAU,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG;IACtB,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;CACW,CAAC;AAiBtC,MAAM,IAAI,GAAG,uCAAgD,CAAC;AAC9D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAYjB,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,iBAAqB;IAChE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,2BAAkB,EAAC,4BAA4B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAClC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,OAAO,GAAG,IAAA,0BAAiB,EAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,KAAK,CAAC,GAAG,CACZ,8BAAsB,CAAC,KAAK,CAAC;YAC3B,OAAO;YACP,eAAe,EAAE,EAAE;YACnB,wBAAwB,EAAE,EAAE;YAC5B,UAAU,EAAE,KAAK,EAAE,yBAAyB;YAC5C,cAAc,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,sBAAsB;SAClE,CAAC,CACH,CAAC;IACJ,CAAC;IAGK,AAAN,KAAK,CAAC,WAAW;QACf,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,wBAAwB,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC/G,oCAAoC;QACpC,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,GAAG,OAAO,EAAE,CAAC;YAChC,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,MAAM,EAAE,UAAU;oBAClB,sBAAsB,EAAE,GAAG,UAAU,kBAAkB;oBACvD,cAAc,EAAE,GAAG,UAAU,cAAc;oBAC3C,iBAAiB,EAAE,GAAG,UAAU,iBAAiB;oBACjD,QAAQ,EAAE,GAAG,UAAU,wBAAwB;oBAC/C,qBAAqB,EAAE,GAAG,UAAU,iBAAiB;oBACrD,qCAAqC,EAAE,wBAAwB;oBAC/D,wBAAwB,EAAE,CAAC,MAAM,CAAC;oBAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;oBAC9D,gBAAgB,EAAE,eAAe;oBACjC,gCAAgC,EAAE,CAAC,MAAM,CAAC;iBAC3C;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QAChC,IAAI,CAAC,OAAO,CAAC,oBAAW,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,MAAM,yCAAyC,CAAC,CAAC,CAAC;IACjG,CAAC;CACF,CAAA;AA7CO;IADL,KAAK,CAAC,YAAY,CAAC;;;;iDAenB;AAGK;IADL,KAAK,CAAC,aAAa,CAAC;;;;kDA4BpB;AAlDkB,eAAe;IAVnC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI,EAAE,eAAe;QACrB,WAAW;QACX,YAAY,EAAZ,oBAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,eAAe,CAmDnC;kBAnDoB,eAAe","sourcesContent":["// auth/flows/well-known.oauth-authorization-server.flow.ts\nimport 'reflect-metadata';\nimport { z } from 'zod';\nimport {\n HttpRedirectSchema,\n httpRespond,\n HttpTextSchema,\n Flow,\n FlowBase,\n FlowRunOptions,\n ScopeEntry,\n ServerRequest,\n StageHookOf,\n httpInputSchema,\n FlowPlan,\n getRequestBaseUrl,\n makeWellKnownPaths,\n} from '../../common';\n\nconst inputSchema = httpInputSchema;\n\n// ===== Result =====\nconst AuthServerMetadataSchema = z.object({\n kind: z.literal('json'),\n status: z.literal(200),\n contentType: z.literal('application/json; charset=utf-8'),\n body: z\n .object({\n issuer: z.string().min(1),\n authorization_endpoint: z.string().min(1),\n token_endpoint: z.string().min(1),\n userinfo_endpoint: z.string().min(1).optional(),\n jwks_uri: z.string().min(1),\n registration_endpoint: z.string().min(1).optional(),\n token_endpoint_auth_methods_supported: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .optional(),\n response_types_supported: z.array(z.enum(['code'])).default(['code']),\n grant_types_supported: z\n .array(z.enum(['authorization_code', 'refresh_token']))\n .default(['authorization_code', 'refresh_token']),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n code_challenge_methods_supported: z.array(z.enum(['S256'])).default(['S256']),\n })\n .passthrough(),\n});\n\nexport const outputSchema = z.union([AuthServerMetadataSchema, HttpRedirectSchema, HttpTextSchema]);\n\nexport const wellKnownAsStateSchema = z.object({\n baseUrl: z.string().min(1), // baseUrl + entryPrefix (unsuffixed)\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n tokenEndpointAuthMethods: z\n .array(z.enum(['client_secret_basic', 'client_secret_post', 'private_key_jwt']))\n .default(['client_secret_basic', 'client_secret_post']),\n dcrEnabled: z.boolean().default(true),\n isOrchestrated: z.boolean(),\n});\n\nconst wellKnownAsPlan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n} as const satisfies FlowPlan<string>;\n\ntype WellKnownAsPlan = typeof wellKnownAsPlan;\ntype WellKnownAsFlowOptions = FlowRunOptions<\n WellKnownAsFlow,\n WellKnownAsPlan,\n typeof inputSchema,\n typeof outputSchema,\n typeof wellKnownAsStateSchema\n>;\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-authorization-server': WellKnownAsFlowOptions;\n }\n}\n\nconst name = 'well-known.oauth-authorization-server' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan: wellKnownAsPlan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownAsFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-authorization-server', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const { request } = this.rawInput;\n if (!request) throw new Error('Request is undefined');\n\n const baseUrl = getRequestBaseUrl(request, this.scope.entryPath);\n this.state.set(\n wellKnownAsStateSchema.parse({\n baseUrl,\n scopesSupported: [],\n tokenEndpointAuthMethods: [],\n dcrEnabled: false, //scope.oauth.dcrEnabled,\n isOrchestrated: !this.scope.metadata.auth, // scope.orchestrated,\n }),\n );\n }\n\n @Stage('collectData')\n async collectData() {\n const { baseUrl, scopesSupported, tokenEndpointAuthMethods, dcrEnabled, isOrchestrated } = this.state.required;\n // Orchestrated => gateway is the AS\n if (isOrchestrated) {\n const baseIssuer = `${baseUrl}`;\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n issuer: baseIssuer,\n authorization_endpoint: `${baseIssuer}/oauth/authorize`,\n token_endpoint: `${baseIssuer}/oauth/token`,\n userinfo_endpoint: `${baseIssuer}/oauth/userinfo`,\n jwks_uri: `${baseIssuer}/.well-known/jwks.json`,\n registration_endpoint: `${baseIssuer}/oauth/register`,\n token_endpoint_auth_methods_supported: tokenEndpointAuthMethods,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n scopes_supported: scopesSupported,\n code_challenge_methods_supported: ['S256'],\n },\n });\n return;\n }\n const primary = this.scope.auth;\n this.respond(httpRespond.redirect(`${primary.issuer}/.well-known/oauth-authorization-server`));\n }\n}\n"]}
package/src/auth/flows/well-known.prm.flow.d.ts CHANGED
@@ -2,47 +2,21 @@ import 'reflect-metadata';
2
2
  import { z } from 'zod';
3
3
  import { FlowBase, FlowRunOptions, ScopeEntry, ServerRequest } from '../../common';
4
4
  declare const inputSchema: z.ZodObject<{
5
- request: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
6
- response: z.ZodObject<{}, "passthrough", z.ZodTypeAny, z.objectOutputType<{}, z.ZodTypeAny, "passthrough">, z.objectInputType<{}, z.ZodTypeAny, "passthrough">>;
7
- next: z.ZodOptional<z.ZodFunction<z.ZodTuple<[], z.ZodUnknown>, z.ZodUnknown>>;
8
- }, "strip", z.ZodTypeAny, {
9
- request: {} & {
10
- [k: string]: unknown;
11
- };
12
- response: {} & {
13
- [k: string]: unknown;
14
- };
15
- next?: ((...args: unknown[]) => unknown) | undefined;
16
- }, {
17
- request: {} & {
18
- [k: string]: unknown;
19
- };
20
- response: {} & {
21
- [k: string]: unknown;
22
- };
23
- next?: ((...args: unknown[]) => unknown) | undefined;
24
- }>;
5
+ request: z.ZodObject<{}, z.core.$loose>;
6
+ response: z.ZodObject<{}, z.core.$loose>;
7
+ next: z.ZodOptional<z.ZodFunction<z.core.$ZodFunctionArgs, z.core.$ZodFunctionOut>>;
8
+ }, z.core.$strip>;
25
9
  declare const stateSchema: z.ZodObject<{
26
10
  resource: z.ZodString;
27
11
  baseUrl: z.ZodString;
28
- scopesSupported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
12
+ scopesSupported: z.ZodDefault<z.ZodArray<z.ZodString>>;
29
13
  isOrchestrated: z.ZodBoolean;
30
- }, "strip", z.ZodTypeAny, {
31
- resource: string;
32
- baseUrl: string;
33
- scopesSupported: string[];
34
- isOrchestrated: boolean;
35
- }, {
36
- resource: string;
37
- baseUrl: string;
38
- isOrchestrated: boolean;
39
- scopesSupported?: string[] | undefined;
40
- }>;
14
+ }, z.core.$strip>;
41
15
  declare const outputSchema: z.ZodObject<{
42
16
  kind: z.ZodLiteral<"json">;
43
- status: z.ZodEffects<z.ZodNumber, number, number>;
17
+ status: z.ZodNumber;
44
18
  contentType: z.ZodDefault<z.ZodString>;
45
- headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>]>>>>;
19
+ headers: z.ZodOptional<z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>]>>>>;
46
20
  cookies: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodObject<{
47
21
  name: z.ZodString;
48
22
  value: z.ZodString;
@@ -50,96 +24,21 @@ declare const outputSchema: z.ZodObject<{
50
24
  domain: z.ZodOptional<z.ZodString>;
51
25
  httpOnly: z.ZodDefault<z.ZodBoolean>;
52
26
  secure: z.ZodOptional<z.ZodBoolean>;
53
- sameSite: z.ZodOptional<z.ZodEnum<["lax", "strict", "none"]>>;
27
+ sameSite: z.ZodOptional<z.ZodEnum<{
28
+ lax: "lax";
29
+ strict: "strict";
30
+ none: "none";
31
+ }>>;
54
32
  maxAge: z.ZodOptional<z.ZodNumber>;
55
33
  expires: z.ZodOptional<z.ZodDate>;
56
- }, "strip", z.ZodTypeAny, {
57
- value: string;
58
- path: string;
59
- name: string;
60
- httpOnly: boolean;
61
- domain?: string | undefined;
62
- secure?: boolean | undefined;
63
- sameSite?: "strict" | "lax" | "none" | undefined;
64
- maxAge?: number | undefined;
65
- expires?: Date | undefined;
66
- }, {
67
- value: string;
68
- name: string;
69
- path?: string | undefined;
70
- domain?: string | undefined;
71
- httpOnly?: boolean | undefined;
72
- secure?: boolean | undefined;
73
- sameSite?: "strict" | "lax" | "none" | undefined;
74
- maxAge?: number | undefined;
75
- expires?: Date | undefined;
76
- }>, "many">>>;
77
- } & {
34
+ }, z.core.$strip>>>>;
78
35
  body: z.ZodObject<{
79
36
  resource: z.ZodString;
80
- authorization_servers: z.ZodArray<z.ZodString, "many">;
81
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
82
- bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
83
- }, "passthrough", z.ZodTypeAny, z.objectOutputType<{
84
- resource: z.ZodString;
85
- authorization_servers: z.ZodArray<z.ZodString, "many">;
86
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
87
- bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
88
- }, z.ZodTypeAny, "passthrough">, z.objectInputType<{
89
- resource: z.ZodString;
90
- authorization_servers: z.ZodArray<z.ZodString, "many">;
91
- scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
92
- bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
93
- }, z.ZodTypeAny, "passthrough">>;
94
- }, "strip", z.ZodTypeAny, {
95
- status: number;
96
- kind: "json";
97
- body: {
98
- resource: string;
99
- authorization_servers: string[];
100
- scopes_supported: string[];
101
- bearer_methods_supported: string[];
102
- } & {
103
- [k: string]: unknown;
104
- };
105
- contentType: string;
106
- headers?: Record<string, string | string[]> | undefined;
107
- cookies?: {
108
- value: string;
109
- path: string;
110
- name: string;
111
- httpOnly: boolean;
112
- domain?: string | undefined;
113
- secure?: boolean | undefined;
114
- sameSite?: "strict" | "lax" | "none" | undefined;
115
- maxAge?: number | undefined;
116
- expires?: Date | undefined;
117
- }[] | undefined;
118
- }, {
119
- status: number;
120
- kind: "json";
121
- body: {
122
- resource: string;
123
- authorization_servers: string[];
124
- scopes_supported?: string[] | undefined;
125
- bearer_methods_supported?: string[] | undefined;
126
- } & {
127
- [k: string]: unknown;
128
- };
129
- headers?: Record<string, string | string[]> | undefined;
130
- cookies?: {
131
- value: string;
132
- name: string;
133
- path?: string | undefined;
134
- domain?: string | undefined;
135
- httpOnly?: boolean | undefined;
136
- secure?: boolean | undefined;
137
- sameSite?: "strict" | "lax" | "none" | undefined;
138
- maxAge?: number | undefined;
139
- expires?: Date | undefined;
140
- }[] | undefined;
141
- contentType?: string | undefined;
142
- }>;
37
+ authorization_servers: z.ZodArray<z.ZodString>;
38
+ scopes_supported: z.ZodDefault<z.ZodArray<z.ZodString>>;
39
+ bearer_methods_supported: z.ZodDefault<z.ZodArray<z.ZodString>>;
40
+ }, z.core.$loose>;
41
+ }, z.core.$strip>;
143
42
  declare const plan: {
144
43
  readonly pre: ["parseInput"];
145
44
  readonly execute: ["collectData"];
package/src/auth/flows/well-known.prm.flow.js CHANGED
@@ -5,7 +5,6 @@ const tslib_1 = require("tslib");
5
5
  require("reflect-metadata");
6
6
  const zod_1 = require("zod");
7
7
  const common_1 = require("../../common");
8
- const path_utils_1 = require("../path.utils");
9
8
  const inputSchema = common_1.httpInputSchema;
10
9
  const stateSchema = zod_1.z.object({
11
10
  resource: zod_1.z.string().min(1),
@@ -32,15 +31,15 @@ const name = 'well-known.oauth-protected-resource';
32
31
  const Stage = (0, common_1.StageHookOf)(name);
33
32
  let WellKnownPrmFlow = class WellKnownPrmFlow extends common_1.FlowBase {
34
33
  static canActivate(request, scope) {
35
- return (0, path_utils_1.makeWellKnownPaths)('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);
34
+ return (0, common_1.makeWellKnownPaths)('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);
36
35
  }
37
36
  async parseInput() {
38
37
  const { request } = this.rawInput;
39
38
  const scope = this.scope;
40
39
  if (!request)
41
40
  throw new Error('Request is undefined');
42
- const resource = (0, path_utils_1.computeResource)(request, scope.entryPath, scope.routeBase);
43
- const baseUrl = (0, path_utils_1.getRequestBaseUrl)(request, scope.entryPath);
41
+ const resource = (0, common_1.computeResource)(request, scope.entryPath, scope.routeBase);
42
+ const baseUrl = (0, common_1.getRequestBaseUrl)(request, scope.entryPath);
44
43
  this.state.set(stateSchema.parse({
45
44
  resource,
46
45
  baseUrl,
package/src/auth/flows/well-known.prm.flow.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"well-known.prm.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.prm.flow.ts"],"names":[],"mappings":";;;AAAA,oCAAoC;AACpC,4BAA0B;AAC1B,6BAAsB;AACtB,yCASsB;AACtB,8CAAqF;AAErF,MAAM,WAAW,GAAG,wBAAe,CAAC;AAEpC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,uBAAc,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC;KAClE,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEH,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;IACxB,IAAI,EAAE,CAAC,gBAAgB,CAAC;CACW,CAAC;AActC,MAAM,IAAI,GAAG,qCAA8C,CAAC;AAC5D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAYjB,IAAM,gBAAgB,GAAtB,MAAM,gBAAiB,SAAQ,iBAAqB;IACjE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,+BAAkB,EAAC,0BAA0B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAC,OAAO,EAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,QAAQ,GAAG,IAAA,4BAAe,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,IAAA,8BAAiB,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC;YAC/B,QAAQ;YACR,OAAO;YACP,eAAe,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YAC/C,cAAc,EAAE,KAAK,EAAC,iCAAiC;SACxD,CAAC,CAAC,CAAC;IACN,CAAC;IAE2B,AAAN,KAAK,CAAC,WAAW;QACrC,MAAM,EAAC,QAAQ,EAAE,OAAO,EAAE,eAAe,EAAE,cAAc,EAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAEjF,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,QAAQ;oBACR,qBAAqB,EAAE,CAAC,OAAO,CAAC;oBAChC,gBAAgB,EAAE,eAAe;oBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;iBACrC;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;QACtC,oBAAoB;QACpB,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,iCAAiC;YAC9C,IAAI,EAAE;gBACJ,QAAQ;gBACR,qBAAqB,EAAE,CAAC,MAAM,CAAC;gBAC/B,gBAAgB,EAAE,eAAe;gBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;aACrC;SACF,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AA9CO;IADL,KAAK,CAAC,YAAY,CAAC;;;;kDAcnB;AAE2B;IAA3B,KAAK,CAAC,aAAa,CAAC;;;;mDA8BpB;AAnDkB,gBAAgB;IAVpC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,gBAAgB,CAoDpC;kBApDoB,gBAAgB","sourcesContent":["// auth/flows/well-known.prm.flow.ts\nimport 'reflect-metadata';\nimport {z} from 'zod';\nimport {\n Flow,\n FlowBase, FlowPlan,\n FlowRunOptions,\n httpInputSchema,\n HttpJsonSchema,\n ScopeEntry,\n ServerRequest,\n StageHookOf,\n} from '../../common';\nimport {computeResource, getRequestBaseUrl, makeWellKnownPaths} from '../path.utils';\n\nconst inputSchema = httpInputSchema;\n\nconst stateSchema = z.object({\n resource: z.string().min(1),\n baseUrl: z.string().min(1),\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n isOrchestrated: z.boolean(),\n});\n\nconst outputSchema = HttpJsonSchema.extend({\n body: z\n .object({\n resource: z.string().min(1),\n authorization_servers: z.array(z.string().min(1)).min(1),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n bearer_methods_supported: z.array(z.string()).default(['header']),\n })\n .passthrough(),\n});\n\nconst plan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n post: ['validateOutput'],\n} as const satisfies FlowPlan<string>;\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-protected-resource': FlowRunOptions<\n WellKnownPrmFlow,\n typeof plan,\n typeof inputSchema,\n typeof outputSchema,\n typeof stateSchema\n >;\n }\n}\n\nconst name = 'well-known.oauth-protected-resource' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownPrmFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const {request} = this.rawInput;\n const scope = this.scope;\n if (!request) throw new Error('Request is undefined');\n\n const resource = computeResource(request, scope.entryPath, scope.routeBase);\n const baseUrl = getRequestBaseUrl(request, scope.entryPath);\n this.state.set(stateSchema.parse({\n resource,\n baseUrl,\n scopesSupported: ['openid', 'profile', 'email'],\n isOrchestrated: false,//scope.orchestrated,// TODO: fix\n }));\n }\n\n @Stage('collectData') async collectData() {\n const {resource, baseUrl, scopesSupported, isOrchestrated} = this.state.required;\n\n if (isOrchestrated) {\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n resource,\n authorization_servers: [baseUrl],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n return;\n }\n const issuer = this.scope.auth.issuer;\n // Transparent scope\n this.respond({\n kind: 'json',\n status: 200,\n contentType: 'application/json; charset=utf-8',\n body: {\n resource,\n authorization_servers: [issuer],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n }\n}\n"]}
1
+ {"version":3,"file":"well-known.prm.flow.js","sourceRoot":"","sources":["../../../../src/auth/flows/well-known.prm.flow.ts"],"names":[],"mappings":";;;AAAA,oCAAoC;AACpC,4BAA0B;AAC1B,6BAAwB;AACxB,yCAasB;AAEtB,MAAM,WAAW,GAAG,wBAAe,CAAC;AAEpC,MAAM,WAAW,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,eAAe,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC5E,cAAc,EAAE,OAAC,CAAC,OAAO,EAAE;CAC5B,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,uBAAc,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,OAAC;SACJ,MAAM,CAAC;QACN,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,qBAAqB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7E,wBAAwB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC;KAClE,CAAC;SACD,WAAW,EAAE;CACjB,CAAC,CAAC;AAEH,MAAM,IAAI,GAAG;IACX,GAAG,EAAE,CAAC,YAAY,CAAC;IACnB,OAAO,EAAE,CAAC,aAAa,CAAC;IACxB,IAAI,EAAE,CAAC,gBAAgB,CAAC;CACW,CAAC;AActC,MAAM,IAAI,GAAG,qCAA8C,CAAC;AAC5D,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;AAYjB,IAAM,gBAAgB,GAAtB,MAAM,gBAAiB,SAAQ,iBAAqB;IACjE,MAAM,CAAC,WAAW,CAAC,OAAsB,EAAE,KAAiB;QAC1D,OAAO,IAAA,2BAAkB,EAAC,0BAA0B,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5G,CAAC;IAGK,AAAN,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAClC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAEtD,MAAM,QAAQ,GAAG,IAAA,wBAAe,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,IAAA,0BAAiB,EAAC,OAAO,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,CAAC,GAAG,CACZ,WAAW,CAAC,KAAK,CAAC;YAChB,QAAQ;YACR,OAAO;YACP,eAAe,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YAC/C,cAAc,EAAE,KAAK,EAAE,iCAAiC;SACzD,CAAC,CACH,CAAC;IACJ,CAAC;IAE2B,AAAN,KAAK,CAAC,WAAW;QACrC,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;QAEnF,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,OAAO,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,iCAAiC;gBAC9C,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE;oBACJ,QAAQ;oBACR,qBAAqB,EAAE,CAAC,OAAO,CAAC;oBAChC,gBAAgB,EAAE,eAAe;oBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;iBACrC;aACF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;QACtC,oBAAoB;QACpB,IAAI,CAAC,OAAO,CAAC;YACX,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,GAAG;YACX,WAAW,EAAE,iCAAiC;YAC9C,IAAI,EAAE;gBACJ,QAAQ;gBACR,qBAAqB,EAAE,CAAC,MAAM,CAAC;gBAC/B,gBAAgB,EAAE,eAAe;gBACjC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;aACrC;SACF,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AAhDO;IADL,KAAK,CAAC,YAAY,CAAC;;;;kDAgBnB;AAE2B;IAA3B,KAAK,CAAC,aAAa,CAAC;;;;mDA8BpB;AArDkB,gBAAgB;IAVpC,IAAA,aAAI,EAAC;QACJ,IAAI;QACJ,IAAI;QACJ,WAAW;QACX,YAAY;QACZ,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE;YACV,MAAM,EAAE,KAAK;SACd;KACF,CAAC;GACmB,gBAAgB,CAsDpC;kBAtDoB,gBAAgB","sourcesContent":["// auth/flows/well-known.prm.flow.ts\nimport 'reflect-metadata';\nimport { z } from 'zod';\nimport {\n Flow,\n FlowBase,\n FlowPlan,\n FlowRunOptions,\n httpInputSchema,\n HttpJsonSchema,\n ScopeEntry,\n ServerRequest,\n StageHookOf,\n computeResource,\n getRequestBaseUrl,\n makeWellKnownPaths,\n} from '../../common';\n\nconst inputSchema = httpInputSchema;\n\nconst stateSchema = z.object({\n resource: z.string().min(1),\n baseUrl: z.string().min(1),\n scopesSupported: z.array(z.string()).default(['openid', 'profile', 'email']),\n isOrchestrated: z.boolean(),\n});\n\nconst outputSchema = HttpJsonSchema.extend({\n body: z\n .object({\n resource: z.string().min(1),\n authorization_servers: z.array(z.string().min(1)).min(1),\n scopes_supported: z.array(z.string()).default(['openid', 'profile', 'email']),\n bearer_methods_supported: z.array(z.string()).default(['header']),\n })\n .passthrough(),\n});\n\nconst plan = {\n pre: ['parseInput'],\n execute: ['collectData'],\n post: ['validateOutput'],\n} as const satisfies FlowPlan<string>;\n\ndeclare global {\n interface ExtendFlows {\n 'well-known.oauth-protected-resource': FlowRunOptions<\n WellKnownPrmFlow,\n typeof plan,\n typeof inputSchema,\n typeof outputSchema,\n typeof stateSchema\n >;\n }\n}\n\nconst name = 'well-known.oauth-protected-resource' as const;\nconst Stage = StageHookOf(name);\n\n@Flow({\n name,\n plan,\n inputSchema,\n outputSchema,\n access: 'public',\n middleware: {\n method: 'GET',\n },\n})\nexport default class WellKnownPrmFlow extends FlowBase<typeof name> {\n static canActivate(request: ServerRequest, scope: ScopeEntry) {\n return makeWellKnownPaths('oauth-protected-resource', scope.entryPath, scope.routeBase).has(request.path);\n }\n\n @Stage('parseInput')\n async parseInput() {\n const { request } = this.rawInput;\n const scope = this.scope;\n if (!request) throw new Error('Request is undefined');\n\n const resource = computeResource(request, scope.entryPath, scope.routeBase);\n const baseUrl = getRequestBaseUrl(request, scope.entryPath);\n this.state.set(\n stateSchema.parse({\n resource,\n baseUrl,\n scopesSupported: ['openid', 'profile', 'email'],\n isOrchestrated: false, //scope.orchestrated,// TODO: fix\n }),\n );\n }\n\n @Stage('collectData') async collectData() {\n const { resource, baseUrl, scopesSupported, isOrchestrated } = this.state.required;\n\n if (isOrchestrated) {\n this.respond({\n kind: 'json',\n contentType: 'application/json; charset=utf-8',\n status: 200,\n body: {\n resource,\n authorization_servers: [baseUrl],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n return;\n }\n const issuer = this.scope.auth.issuer;\n // Transparent scope\n this.respond({\n kind: 'json',\n status: 200,\n contentType: 'application/json; charset=utf-8',\n body: {\n resource,\n authorization_servers: [issuer],\n scopes_supported: scopesSupported,\n bearer_methods_supported: ['header'],\n },\n });\n }\n}\n"]}