@frontmcp/sdk 0.6.0 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1053) hide show
  1. package/{src/auth → auth}/instances/instance.local-primary-auth.d.ts +1 -1
  2. package/{src/auth → auth}/instances/instance.remote-primary-auth.d.ts +1 -1
  3. package/{src/auth → auth}/session/index.d.ts +1 -0
  4. package/auth/session/vercel-kv-session.store.d.ts +96 -0
  5. package/{src/common → common}/interfaces/internal/primary-auth-provider.interface.d.ts +1 -4
  6. package/{src/common → common}/metadata/front-mcp.metadata.d.ts +1779 -67
  7. package/{src/common → common}/metadata/prompt.metadata.d.ts +4 -0
  8. package/{src/common → common}/metadata/resource.metadata.d.ts +8 -0
  9. package/{src/common → common}/metadata/tool-ui.metadata.d.ts +2 -2
  10. package/{src/common → common}/metadata/tool.metadata.d.ts +4 -0
  11. package/{src/common → common}/schemas/http-output.schema.d.ts +24 -6
  12. package/common/types/options/auth/app-auth.schema.d.ts +275 -0
  13. package/common/types/options/auth/auth.interfaces.d.ts +461 -0
  14. package/common/types/options/auth/auth.schema.d.ts +284 -0
  15. package/common/types/options/auth/auth.utils.d.ts +32 -0
  16. package/common/types/options/auth/index.d.ts +16 -0
  17. package/common/types/options/auth/orchestrated.schema.d.ts +381 -0
  18. package/common/types/options/auth/public.schema.d.ts +42 -0
  19. package/common/types/options/auth/shared.schemas.d.ts +120 -0
  20. package/common/types/options/auth/transparent.schema.d.ts +56 -0
  21. package/common/types/options/auth/transport.deprecated.d.ts +63 -0
  22. package/{src/common → common}/types/options/index.d.ts +1 -1
  23. package/common/types/options/redis.options.d.ts +190 -0
  24. package/{src/common → common}/types/options/server-info.options.d.ts +4 -0
  25. package/{src/common → common}/types/options/transport.options.d.ts +74 -5
  26. package/{src/common → common}/utils/decide-request-intent.utils.d.ts +6 -7
  27. package/common/utils/global-config.utils.d.ts +36 -0
  28. package/{src/common → common}/utils/index.d.ts +1 -0
  29. package/{src/completion → completion}/flows/complete.flow.d.ts +6 -8
  30. package/{src/errors → errors}/index.d.ts +1 -1
  31. package/{src/errors → errors}/mcp.error.d.ts +9 -0
  32. package/esm/index.mjs +22664 -0
  33. package/esm/mcp-apps/index.mjs +723 -0
  34. package/esm/package.json +81 -0
  35. package/{src/front-mcp → front-mcp}/front-mcp.providers.d.ts +246 -38
  36. package/front-mcp/index.d.ts +2 -0
  37. package/{src/index.d.ts → index.d.ts} +1 -1
  38. package/index.js +22957 -0
  39. package/logger/logger.tokens.d.ts +1 -0
  40. package/{src/logging → logging}/flows/set-level.flow.d.ts +6 -8
  41. package/mcp-apps/index.js +799 -0
  42. package/package.json +37 -17
  43. package/{src/prompt → prompt}/flows/get-prompt.flow.d.ts +14 -8
  44. package/{src/prompt → prompt}/flows/prompts-list.flow.d.ts +8 -7
  45. package/{src/resource → resource}/flows/read-resource.flow.d.ts +8 -9
  46. package/{src/resource → resource}/flows/resource-templates-list.flow.d.ts +8 -7
  47. package/{src/resource → resource}/flows/resources-list.flow.d.ts +8 -7
  48. package/{src/resource → resource}/flows/subscribe-resource.flow.d.ts +6 -8
  49. package/{src/resource → resource}/flows/unsubscribe-resource.flow.d.ts +6 -8
  50. package/store/adapters/store.vercel-kv.adapter.d.ts +86 -0
  51. package/{src/store → store}/index.d.ts +2 -0
  52. package/store/store.factory.d.ts +86 -0
  53. package/{src/tool → tool}/flows/call-tool.flow.d.ts +18 -9
  54. package/{src/tool → tool}/flows/tools-list.flow.d.ts +9 -8
  55. package/{src/tool → tool}/ui/index.d.ts +4 -4
  56. package/{src/tool → tool}/ui/platform-adapters.d.ts +2 -2
  57. package/{src/tool → tool}/ui/template-helpers.d.ts +5 -7
  58. package/{src/tool → tool}/ui/ui-resource.handler.d.ts +1 -1
  59. package/{src/transport → transport}/mcp-handlers/complete-request.handler.d.ts +4 -15
  60. package/{src/transport → transport}/mcp-handlers/get-prompt-request.handler.d.ts +5 -15
  61. package/{src/transport → transport}/mcp-handlers/index.d.ts +67 -195
  62. package/{src/transport → transport}/mcp-handlers/list-prompts-request.handler.d.ts +5 -15
  63. package/{src/transport → transport}/mcp-handlers/list-resource-templates-request.handler.d.ts +5 -15
  64. package/{src/transport → transport}/mcp-handlers/list-resources-request.handler.d.ts +5 -15
  65. package/{src/transport → transport}/mcp-handlers/list-tools-request.handler.d.ts +5 -15
  66. package/{src/transport → transport}/mcp-handlers/logging-set-level-request.handler.d.ts +3 -14
  67. package/{src/transport → transport}/mcp-handlers/read-resource-request.handler.d.ts +4 -15
  68. package/{src/transport → transport}/mcp-handlers/subscribe-request.handler.d.ts +3 -14
  69. package/{src/transport → transport}/mcp-handlers/unsubscribe-request.handler.d.ts +3 -14
  70. package/{src/transport → transport}/transport.registry.d.ts +5 -1
  71. package/README.md +0 -460
  72. package/src/adapter/adapter.instance.js +0 -70
  73. package/src/adapter/adapter.instance.js.map +0 -1
  74. package/src/adapter/adapter.regsitry.js +0 -54
  75. package/src/adapter/adapter.regsitry.js.map +0 -1
  76. package/src/adapter/adapter.utils.js +0 -83
  77. package/src/adapter/adapter.utils.js.map +0 -1
  78. package/src/app/app.registry.js +0 -66
  79. package/src/app/app.registry.js.map +0 -1
  80. package/src/app/app.utils.js +0 -58
  81. package/src/app/app.utils.js.map +0 -1
  82. package/src/app/instances/app.local.instance.js +0 -67
  83. package/src/app/instances/app.local.instance.js.map +0 -1
  84. package/src/app/instances/app.remote.instance.js +0 -36
  85. package/src/app/instances/app.remote.instance.js.map +0 -1
  86. package/src/app/instances/index.js +0 -6
  87. package/src/app/instances/index.js.map +0 -1
  88. package/src/auth/auth.registry.js +0 -219
  89. package/src/auth/auth.registry.js.map +0 -1
  90. package/src/auth/auth.utils.js +0 -84
  91. package/src/auth/auth.utils.js.map +0 -1
  92. package/src/auth/authorization/authorization.class.js +0 -217
  93. package/src/auth/authorization/authorization.class.js.map +0 -1
  94. package/src/auth/authorization/authorization.types.js +0 -79
  95. package/src/auth/authorization/authorization.types.js.map +0 -1
  96. package/src/auth/authorization/index.js +0 -19
  97. package/src/auth/authorization/index.js.map +0 -1
  98. package/src/auth/authorization/orchestrated.authorization.js +0 -306
  99. package/src/auth/authorization/orchestrated.authorization.js.map +0 -1
  100. package/src/auth/authorization/public.authorization.js +0 -132
  101. package/src/auth/authorization/public.authorization.js.map +0 -1
  102. package/src/auth/authorization/transparent.authorization.js +0 -147
  103. package/src/auth/authorization/transparent.authorization.js.map +0 -1
  104. package/src/auth/consent/consent.types.js +0 -119
  105. package/src/auth/consent/consent.types.js.map +0 -1
  106. package/src/auth/consent/index.js +0 -13
  107. package/src/auth/consent/index.js.map +0 -1
  108. package/src/auth/detection/auth-provider-detection.js +0 -230
  109. package/src/auth/detection/auth-provider-detection.js.map +0 -1
  110. package/src/auth/detection/index.js +0 -15
  111. package/src/auth/detection/index.js.map +0 -1
  112. package/src/auth/flows/auth.verify.flow.js +0 -379
  113. package/src/auth/flows/auth.verify.flow.js.map +0 -1
  114. package/src/auth/flows/oauth.authorize.flow.js +0 -822
  115. package/src/auth/flows/oauth.authorize.flow.js.map +0 -1
  116. package/src/auth/flows/oauth.callback.flow.js +0 -357
  117. package/src/auth/flows/oauth.callback.flow.js.map +0 -1
  118. package/src/auth/flows/oauth.register.flow.js +0 -201
  119. package/src/auth/flows/oauth.register.flow.js.map +0 -1
  120. package/src/auth/flows/oauth.token.flow.js +0 -319
  121. package/src/auth/flows/oauth.token.flow.js.map +0 -1
  122. package/src/auth/flows/session.verify.flow.js +0 -304
  123. package/src/auth/flows/session.verify.flow.js.map +0 -1
  124. package/src/auth/flows/well-known.jwks.flow.js +0 -89
  125. package/src/auth/flows/well-known.jwks.flow.js.map +0 -1
  126. package/src/auth/flows/well-known.oauth-authorization-server.flow.js +0 -122
  127. package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +0 -1
  128. package/src/auth/flows/well-known.prm.flow.js +0 -106
  129. package/src/auth/flows/well-known.prm.flow.js.map +0 -1
  130. package/src/auth/instances/instance.local-primary-auth.js +0 -308
  131. package/src/auth/instances/instance.local-primary-auth.js.map +0 -1
  132. package/src/auth/instances/instance.remote-primary-auth.js +0 -49
  133. package/src/auth/instances/instance.remote-primary-auth.js.map +0 -1
  134. package/src/auth/jwks/dev-key-persistence.js +0 -219
  135. package/src/auth/jwks/dev-key-persistence.js.map +0 -1
  136. package/src/auth/jwks/index.js +0 -7
  137. package/src/auth/jwks/index.js.map +0 -1
  138. package/src/auth/jwks/jwks.service.js +0 -303
  139. package/src/auth/jwks/jwks.service.js.map +0 -1
  140. package/src/auth/jwks/jwks.types.js +0 -3
  141. package/src/auth/jwks/jwks.types.js.map +0 -1
  142. package/src/auth/jwks/jwks.utils.js +0 -32
  143. package/src/auth/jwks/jwks.utils.js.map +0 -1
  144. package/src/auth/machine-id.js +0 -32
  145. package/src/auth/machine-id.js.map +0 -1
  146. package/src/auth/oauth/flows/oauth.authorize.flow.js +0 -33
  147. package/src/auth/oauth/flows/oauth.authorize.flow.js.map +0 -1
  148. package/src/auth/oauth/flows/oauth.device-authorization.flow.js +0 -48
  149. package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +0 -1
  150. package/src/auth/oauth/flows/oauth.introspect.flow.js +0 -28
  151. package/src/auth/oauth/flows/oauth.introspect.flow.js.map +0 -1
  152. package/src/auth/oauth/flows/oauth.par.flow.js +0 -29
  153. package/src/auth/oauth/flows/oauth.par.flow.js.map +0 -1
  154. package/src/auth/oauth/flows/oauth.revoke.flow.js +0 -27
  155. package/src/auth/oauth/flows/oauth.revoke.flow.js.map +0 -1
  156. package/src/auth/oauth/flows/oauth.token.flow.js +0 -59
  157. package/src/auth/oauth/flows/oauth.token.flow.js.map +0 -1
  158. package/src/auth/oauth/flows/oauth.userinfo.flow.js +0 -24
  159. package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +0 -1
  160. package/src/auth/oauth/flows/oidc.logout.flow.js +0 -20
  161. package/src/auth/oauth/flows/oidc.logout.flow.js.map +0 -1
  162. package/src/auth/session/authorization-vault.js +0 -817
  163. package/src/auth/session/authorization-vault.js.map +0 -1
  164. package/src/auth/session/authorization.store.js +0 -323
  165. package/src/auth/session/authorization.store.js.map +0 -1
  166. package/src/auth/session/encrypted-authorization-vault.js +0 -493
  167. package/src/auth/session/encrypted-authorization-vault.js.map +0 -1
  168. package/src/auth/session/index.js +0 -16
  169. package/src/auth/session/index.js.map +0 -1
  170. package/src/auth/session/record/session.base.js +0 -125
  171. package/src/auth/session/record/session.base.js.map +0 -1
  172. package/src/auth/session/record/session.stateful.js +0 -55
  173. package/src/auth/session/record/session.stateful.js.map +0 -1
  174. package/src/auth/session/record/session.stateless.js +0 -32
  175. package/src/auth/session/record/session.stateless.js.map +0 -1
  176. package/src/auth/session/record/session.transparent.js +0 -22
  177. package/src/auth/session/record/session.transparent.js.map +0 -1
  178. package/src/auth/session/redis-session.store.js +0 -204
  179. package/src/auth/session/redis-session.store.js.map +0 -1
  180. package/src/auth/session/session.crypto.js +0 -47
  181. package/src/auth/session/session.crypto.js.map +0 -1
  182. package/src/auth/session/session.schema.js +0 -13
  183. package/src/auth/session/session.schema.js.map +0 -1
  184. package/src/auth/session/session.service.js +0 -105
  185. package/src/auth/session/session.service.js.map +0 -1
  186. package/src/auth/session/session.transport.js +0 -20
  187. package/src/auth/session/session.transport.js.map +0 -1
  188. package/src/auth/session/session.types.js +0 -4
  189. package/src/auth/session/session.types.js.map +0 -1
  190. package/src/auth/session/token.refresh.js +0 -63
  191. package/src/auth/session/token.refresh.js.map +0 -1
  192. package/src/auth/session/token.store.js +0 -53
  193. package/src/auth/session/token.store.js.map +0 -1
  194. package/src/auth/session/token.vault.js +0 -54
  195. package/src/auth/session/token.vault.js.map +0 -1
  196. package/src/auth/session/transport-session.manager.js +0 -298
  197. package/src/auth/session/transport-session.manager.js.map +0 -1
  198. package/src/auth/session/transport-session.types.js +0 -111
  199. package/src/auth/session/transport-session.types.js.map +0 -1
  200. package/src/auth/session/utils/auth-token.utils.js +0 -57
  201. package/src/auth/session/utils/auth-token.utils.js.map +0 -1
  202. package/src/auth/session/utils/session-id.utils.js +0 -217
  203. package/src/auth/session/utils/session-id.utils.js.map +0 -1
  204. package/src/auth/session/utils/tiny-ttl-cache.js +0 -26
  205. package/src/auth/session/utils/tiny-ttl-cache.js.map +0 -1
  206. package/src/auth/session/vault-encryption.js +0 -263
  207. package/src/auth/session/vault-encryption.js.map +0 -1
  208. package/src/auth/ui/base-layout.js +0 -279
  209. package/src/auth/ui/base-layout.js.map +0 -1
  210. package/src/auth/ui/index.js +0 -34
  211. package/src/auth/ui/index.js.map +0 -1
  212. package/src/auth/ui/templates.js +0 -426
  213. package/src/auth/ui/templates.js.map +0 -1
  214. package/src/auth/utils/audience.validator.js +0 -196
  215. package/src/auth/utils/audience.validator.js.map +0 -1
  216. package/src/auth/utils/index.js +0 -7
  217. package/src/auth/utils/index.js.map +0 -1
  218. package/src/auth/utils/www-authenticate.utils.js +0 -183
  219. package/src/auth/utils/www-authenticate.utils.js.map +0 -1
  220. package/src/common/common.schema.js +0 -35
  221. package/src/common/common.schema.js.map +0 -1
  222. package/src/common/constants.js +0 -13
  223. package/src/common/constants.js.map +0 -1
  224. package/src/common/decorators/adapter.decorator.js +0 -20
  225. package/src/common/decorators/adapter.decorator.js.map +0 -1
  226. package/src/common/decorators/app.decorator.js +0 -44
  227. package/src/common/decorators/app.decorator.js.map +0 -1
  228. package/src/common/decorators/auth-provider.decorator.js +0 -20
  229. package/src/common/decorators/auth-provider.decorator.js.map +0 -1
  230. package/src/common/decorators/decorator-utils.js +0 -195
  231. package/src/common/decorators/decorator-utils.js.map +0 -1
  232. package/src/common/decorators/flow.decorator.js +0 -19
  233. package/src/common/decorators/flow.decorator.js.map +0 -1
  234. package/src/common/decorators/front-mcp.decorator.js +0 -67
  235. package/src/common/decorators/front-mcp.decorator.js.map +0 -1
  236. package/src/common/decorators/hook.decorator.js +0 -178
  237. package/src/common/decorators/hook.decorator.js.map +0 -1
  238. package/src/common/decorators/index.js +0 -16
  239. package/src/common/decorators/index.js.map +0 -1
  240. package/src/common/decorators/logger.decorator.js +0 -20
  241. package/src/common/decorators/logger.decorator.js.map +0 -1
  242. package/src/common/decorators/plugin.decorator.js +0 -39
  243. package/src/common/decorators/plugin.decorator.js.map +0 -1
  244. package/src/common/decorators/prompt.decorator.js +0 -38
  245. package/src/common/decorators/prompt.decorator.js.map +0 -1
  246. package/src/common/decorators/provider.decorator.js +0 -20
  247. package/src/common/decorators/provider.decorator.js.map +0 -1
  248. package/src/common/decorators/resource.decorator.js +0 -94
  249. package/src/common/decorators/resource.decorator.js.map +0 -1
  250. package/src/common/decorators/tool.decorator.js +0 -45
  251. package/src/common/decorators/tool.decorator.js.map +0 -1
  252. package/src/common/dynamic/dynamic.adapter.js +0 -28
  253. package/src/common/dynamic/dynamic.adapter.js.map +0 -1
  254. package/src/common/dynamic/dynamic.plugin.js +0 -42
  255. package/src/common/dynamic/dynamic.plugin.js.map +0 -1
  256. package/src/common/dynamic/dynamic.utils.js +0 -27
  257. package/src/common/dynamic/dynamic.utils.js.map +0 -1
  258. package/src/common/dynamic/index.js +0 -6
  259. package/src/common/dynamic/index.js.map +0 -1
  260. package/src/common/entries/adapter.entry.js +0 -8
  261. package/src/common/entries/adapter.entry.js.map +0 -1
  262. package/src/common/entries/app.entry.js +0 -9
  263. package/src/common/entries/app.entry.js.map +0 -1
  264. package/src/common/entries/auth-provider.entry.js +0 -8
  265. package/src/common/entries/auth-provider.entry.js.map +0 -1
  266. package/src/common/entries/base.entry.js +0 -17
  267. package/src/common/entries/base.entry.js.map +0 -1
  268. package/src/common/entries/flow.entry.js +0 -21
  269. package/src/common/entries/flow.entry.js.map +0 -1
  270. package/src/common/entries/hook.entry.js +0 -20
  271. package/src/common/entries/hook.entry.js.map +0 -1
  272. package/src/common/entries/index.js +0 -17
  273. package/src/common/entries/index.js.map +0 -1
  274. package/src/common/entries/logger.entry.js +0 -8
  275. package/src/common/entries/logger.entry.js.map +0 -1
  276. package/src/common/entries/plugin.entry.js +0 -8
  277. package/src/common/entries/plugin.entry.js.map +0 -1
  278. package/src/common/entries/prompt.entry.js +0 -18
  279. package/src/common/entries/prompt.entry.js.map +0 -1
  280. package/src/common/entries/provider.entry.js +0 -8
  281. package/src/common/entries/provider.entry.js.map +0 -1
  282. package/src/common/entries/resource.entry.js +0 -35
  283. package/src/common/entries/resource.entry.js.map +0 -1
  284. package/src/common/entries/scope.entry.js +0 -14
  285. package/src/common/entries/scope.entry.js.map +0 -1
  286. package/src/common/entries/tool.entry.js +0 -31
  287. package/src/common/entries/tool.entry.js.map +0 -1
  288. package/src/common/flow/flow.utils.js +0 -96
  289. package/src/common/flow/flow.utils.js.map +0 -1
  290. package/src/common/index.js +0 -20
  291. package/src/common/index.js.map +0 -1
  292. package/src/common/interfaces/adapter.interface.js +0 -3
  293. package/src/common/interfaces/adapter.interface.js.map +0 -1
  294. package/src/common/interfaces/app.interface.js +0 -3
  295. package/src/common/interfaces/app.interface.js.map +0 -1
  296. package/src/common/interfaces/auth-hook.interface.js +0 -135
  297. package/src/common/interfaces/auth-hook.interface.js.map +0 -1
  298. package/src/common/interfaces/auth-provider.interface.js +0 -18
  299. package/src/common/interfaces/auth-provider.interface.js.map +0 -1
  300. package/src/common/interfaces/base.interface.js +0 -3
  301. package/src/common/interfaces/base.interface.js.map +0 -1
  302. package/src/common/interfaces/execution-context.interface.js +0 -166
  303. package/src/common/interfaces/execution-context.interface.js.map +0 -1
  304. package/src/common/interfaces/flow.interface.js +0 -95
  305. package/src/common/interfaces/flow.interface.js.map +0 -1
  306. package/src/common/interfaces/front-mcp.interface.js +0 -3
  307. package/src/common/interfaces/front-mcp.interface.js.map +0 -1
  308. package/src/common/interfaces/hook.interface.js +0 -3
  309. package/src/common/interfaces/hook.interface.js.map +0 -1
  310. package/src/common/interfaces/index.js +0 -21
  311. package/src/common/interfaces/index.js.map +0 -1
  312. package/src/common/interfaces/internal/flow.utils.js +0 -83
  313. package/src/common/interfaces/internal/flow.utils.js.map +0 -1
  314. package/src/common/interfaces/internal/index.js +0 -7
  315. package/src/common/interfaces/internal/index.js.map +0 -1
  316. package/src/common/interfaces/internal/primary-auth-provider.interface.js +0 -81
  317. package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
  318. package/src/common/interfaces/internal/registry.interface.js +0 -3
  319. package/src/common/interfaces/internal/registry.interface.js.map +0 -1
  320. package/src/common/interfaces/logger.interface.js +0 -10
  321. package/src/common/interfaces/logger.interface.js.map +0 -1
  322. package/src/common/interfaces/plugin.interface.js +0 -3
  323. package/src/common/interfaces/plugin.interface.js.map +0 -1
  324. package/src/common/interfaces/prompt.interface.js +0 -81
  325. package/src/common/interfaces/prompt.interface.js.map +0 -1
  326. package/src/common/interfaces/provider.interface.js +0 -18
  327. package/src/common/interfaces/provider.interface.js.map +0 -1
  328. package/src/common/interfaces/resource.interface.js +0 -56
  329. package/src/common/interfaces/resource.interface.js.map +0 -1
  330. package/src/common/interfaces/scope.interface.js +0 -3
  331. package/src/common/interfaces/scope.interface.js.map +0 -1
  332. package/src/common/interfaces/server.interface.js +0 -18
  333. package/src/common/interfaces/server.interface.js.map +0 -1
  334. package/src/common/interfaces/session-hook.interface.js +0 -140
  335. package/src/common/interfaces/session-hook.interface.js.map +0 -1
  336. package/src/common/interfaces/tool-hook.interface.js +0 -92
  337. package/src/common/interfaces/tool-hook.interface.js.map +0 -1
  338. package/src/common/interfaces/tool.interface.js +0 -117
  339. package/src/common/interfaces/tool.interface.js.map +0 -1
  340. package/src/common/metadata/adapter.metadata.js +0 -10
  341. package/src/common/metadata/adapter.metadata.js.map +0 -1
  342. package/src/common/metadata/app.metadata.js +0 -30
  343. package/src/common/metadata/app.metadata.js.map +0 -1
  344. package/src/common/metadata/auth-provider.metadata.js +0 -19
  345. package/src/common/metadata/auth-provider.metadata.js.map +0 -1
  346. package/src/common/metadata/flow.metadata.js +0 -15
  347. package/src/common/metadata/flow.metadata.js.map +0 -1
  348. package/src/common/metadata/front-mcp.metadata.js +0 -29
  349. package/src/common/metadata/front-mcp.metadata.js.map +0 -1
  350. package/src/common/metadata/hook.metadata.js +0 -3
  351. package/src/common/metadata/hook.metadata.js.map +0 -1
  352. package/src/common/metadata/index.js +0 -17
  353. package/src/common/metadata/index.js.map +0 -1
  354. package/src/common/metadata/logger.metadata.js +0 -10
  355. package/src/common/metadata/logger.metadata.js.map +0 -1
  356. package/src/common/metadata/plugin.metadata.js +0 -18
  357. package/src/common/metadata/plugin.metadata.js.map +0 -1
  358. package/src/common/metadata/prompt.metadata.js +0 -27
  359. package/src/common/metadata/prompt.metadata.js.map +0 -1
  360. package/src/common/metadata/provider.metadata.js +0 -36
  361. package/src/common/metadata/provider.metadata.js.map +0 -1
  362. package/src/common/metadata/resource.metadata.js +0 -31
  363. package/src/common/metadata/resource.metadata.js.map +0 -1
  364. package/src/common/metadata/tool-ui.metadata.js +0 -12
  365. package/src/common/metadata/tool-ui.metadata.js.map +0 -1
  366. package/src/common/metadata/tool.metadata.js +0 -55
  367. package/src/common/metadata/tool.metadata.js.map +0 -1
  368. package/src/common/migrate/auth-transport.migrate.js +0 -140
  369. package/src/common/migrate/auth-transport.migrate.js.map +0 -1
  370. package/src/common/migrate/index.js +0 -6
  371. package/src/common/migrate/index.js.map +0 -1
  372. package/src/common/providers/base-config.provider.js +0 -128
  373. package/src/common/providers/base-config.provider.js.map +0 -1
  374. package/src/common/records/adapter.record.js +0 -11
  375. package/src/common/records/adapter.record.js.map +0 -1
  376. package/src/common/records/app.record.js +0 -9
  377. package/src/common/records/app.record.js.map +0 -1
  378. package/src/common/records/auth-provider.record.js +0 -12
  379. package/src/common/records/auth-provider.record.js.map +0 -1
  380. package/src/common/records/flow.record.js +0 -8
  381. package/src/common/records/flow.record.js.map +0 -1
  382. package/src/common/records/hook.record.js +0 -8
  383. package/src/common/records/hook.record.js.map +0 -1
  384. package/src/common/records/index.js +0 -16
  385. package/src/common/records/index.js.map +0 -1
  386. package/src/common/records/logger.record.js +0 -8
  387. package/src/common/records/logger.record.js.map +0 -1
  388. package/src/common/records/plugin.record.js +0 -11
  389. package/src/common/records/plugin.record.js.map +0 -1
  390. package/src/common/records/prompt.record.js +0 -9
  391. package/src/common/records/prompt.record.js.map +0 -1
  392. package/src/common/records/provider.record.js +0 -14
  393. package/src/common/records/provider.record.js.map +0 -1
  394. package/src/common/records/resource.record.js +0 -20
  395. package/src/common/records/resource.record.js.map +0 -1
  396. package/src/common/records/scope.record.js +0 -9
  397. package/src/common/records/scope.record.js.map +0 -1
  398. package/src/common/records/tool.record.js +0 -9
  399. package/src/common/records/tool.record.js.map +0 -1
  400. package/src/common/schemas/annotated-class.schema.js +0 -109
  401. package/src/common/schemas/annotated-class.schema.js.map +0 -1
  402. package/src/common/schemas/http-input.schema.js +0 -13
  403. package/src/common/schemas/http-input.schema.js.map +0 -1
  404. package/src/common/schemas/http-output.schema.js +0 -321
  405. package/src/common/schemas/http-output.schema.js.map +0 -1
  406. package/src/common/schemas/index.js +0 -8
  407. package/src/common/schemas/index.js.map +0 -1
  408. package/src/common/schemas/session-header.schema.js +0 -42
  409. package/src/common/schemas/session-header.schema.js.map +0 -1
  410. package/src/common/tokens/adapter.tokens.js +0 -11
  411. package/src/common/tokens/adapter.tokens.js.map +0 -1
  412. package/src/common/tokens/app.tokens.js +0 -30
  413. package/src/common/tokens/app.tokens.js.map +0 -1
  414. package/src/common/tokens/auth-provider.tokens.js +0 -12
  415. package/src/common/tokens/auth-provider.tokens.js.map +0 -1
  416. package/src/common/tokens/base.tokens.js +0 -9
  417. package/src/common/tokens/base.tokens.js.map +0 -1
  418. package/src/common/tokens/flow-hook.tokens.js +0 -9
  419. package/src/common/tokens/flow-hook.tokens.js.map +0 -1
  420. package/src/common/tokens/flow.tokens.js +0 -16
  421. package/src/common/tokens/flow.tokens.js.map +0 -1
  422. package/src/common/tokens/front-mcp.tokens.js +0 -24
  423. package/src/common/tokens/front-mcp.tokens.js.map +0 -1
  424. package/src/common/tokens/index.js +0 -17
  425. package/src/common/tokens/index.js.map +0 -1
  426. package/src/common/tokens/logger.tokens.js +0 -11
  427. package/src/common/tokens/logger.tokens.js.map +0 -1
  428. package/src/common/tokens/plugin.tokens.js +0 -18
  429. package/src/common/tokens/plugin.tokens.js.map +0 -1
  430. package/src/common/tokens/prompt.tokens.js +0 -14
  431. package/src/common/tokens/prompt.tokens.js.map +0 -1
  432. package/src/common/tokens/provider.tokens.js +0 -12
  433. package/src/common/tokens/provider.tokens.js.map +0 -1
  434. package/src/common/tokens/resource.tokens.js +0 -28
  435. package/src/common/tokens/resource.tokens.js.map +0 -1
  436. package/src/common/tokens/server.tokens.js +0 -11
  437. package/src/common/tokens/server.tokens.js.map +0 -1
  438. package/src/common/tokens/tool.tokens.js +0 -21
  439. package/src/common/tokens/tool.tokens.js.map +0 -1
  440. package/src/common/types/auth/index.js +0 -6
  441. package/src/common/types/auth/index.js.map +0 -1
  442. package/src/common/types/auth/jwt.types.js +0 -36
  443. package/src/common/types/auth/jwt.types.js.map +0 -1
  444. package/src/common/types/auth/session.types.js +0 -53
  445. package/src/common/types/auth/session.types.js.map +0 -1
  446. package/src/common/types/common.types.js +0 -3
  447. package/src/common/types/common.types.js.map +0 -1
  448. package/src/common/types/index.js +0 -7
  449. package/src/common/types/index.js.map +0 -1
  450. package/src/common/types/options/auth.options.d.ts +0 -1266
  451. package/src/common/types/options/auth.options.js +0 -560
  452. package/src/common/types/options/auth.options.js.map +0 -1
  453. package/src/common/types/options/http.options.js +0 -10
  454. package/src/common/types/options/http.options.js.map +0 -1
  455. package/src/common/types/options/index.js +0 -11
  456. package/src/common/types/options/index.js.map +0 -1
  457. package/src/common/types/options/logging.options.js +0 -33
  458. package/src/common/types/options/logging.options.js.map +0 -1
  459. package/src/common/types/options/redis.options.d.ts +0 -22
  460. package/src/common/types/options/redis.options.js +0 -45
  461. package/src/common/types/options/redis.options.js.map +0 -1
  462. package/src/common/types/options/server-info.options.js +0 -13
  463. package/src/common/types/options/server-info.options.js.map +0 -1
  464. package/src/common/types/options/session.options.js +0 -32
  465. package/src/common/types/options/session.options.js.map +0 -1
  466. package/src/common/types/options/transport.options.js +0 -121
  467. package/src/common/types/options/transport.options.js.map +0 -1
  468. package/src/common/utils/decide-request-intent.utils.js +0 -391
  469. package/src/common/utils/decide-request-intent.utils.js.map +0 -1
  470. package/src/common/utils/index.js +0 -6
  471. package/src/common/utils/index.js.map +0 -1
  472. package/src/common/utils/path.utils.js +0 -66
  473. package/src/common/utils/path.utils.js.map +0 -1
  474. package/src/completion/flows/complete.flow.js +0 -199
  475. package/src/completion/flows/complete.flow.js.map +0 -1
  476. package/src/context/frontmcp-context-storage.js +0 -183
  477. package/src/context/frontmcp-context-storage.js.map +0 -1
  478. package/src/context/frontmcp-context.js +0 -360
  479. package/src/context/frontmcp-context.js.map +0 -1
  480. package/src/context/frontmcp-context.provider.js +0 -61
  481. package/src/context/frontmcp-context.provider.js.map +0 -1
  482. package/src/context/index.js +0 -64
  483. package/src/context/index.js.map +0 -1
  484. package/src/context/request-context-storage.js +0 -183
  485. package/src/context/request-context-storage.js.map +0 -1
  486. package/src/context/request-context.js +0 -209
  487. package/src/context/request-context.js.map +0 -1
  488. package/src/context/request-context.provider.js +0 -51
  489. package/src/context/request-context.provider.js.map +0 -1
  490. package/src/context/session-key.provider.js +0 -65
  491. package/src/context/session-key.provider.js.map +0 -1
  492. package/src/context/trace-context.js +0 -142
  493. package/src/context/trace-context.js.map +0 -1
  494. package/src/errors/authorization-required.error.js +0 -274
  495. package/src/errors/authorization-required.error.js.map +0 -1
  496. package/src/errors/error-handler.js +0 -107
  497. package/src/errors/error-handler.js.map +0 -1
  498. package/src/errors/index.js +0 -44
  499. package/src/errors/index.js.map +0 -1
  500. package/src/errors/mcp.error.js +0 -398
  501. package/src/errors/mcp.error.js.map +0 -1
  502. package/src/exceptions/mcp-exceptions/session-missing.exception.js +0 -11
  503. package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +0 -1
  504. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +0 -15
  505. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +0 -1
  506. package/src/flows/flow.instance.js +0 -420
  507. package/src/flows/flow.instance.js.map +0 -1
  508. package/src/flows/flow.registry.js +0 -121
  509. package/src/flows/flow.registry.js.map +0 -1
  510. package/src/flows/flow.stages.js +0 -113
  511. package/src/flows/flow.stages.js.map +0 -1
  512. package/src/flows/flow.utils.js +0 -36
  513. package/src/flows/flow.utils.js.map +0 -1
  514. package/src/front-mcp/front-mcp.js +0 -63
  515. package/src/front-mcp/front-mcp.js.map +0 -1
  516. package/src/front-mcp/front-mcp.providers.js +0 -29
  517. package/src/front-mcp/front-mcp.providers.js.map +0 -1
  518. package/src/front-mcp/front-mcp.tokens.js +0 -5
  519. package/src/front-mcp/front-mcp.tokens.js.map +0 -1
  520. package/src/front-mcp/index.d.ts +0 -1
  521. package/src/front-mcp/index.js +0 -5
  522. package/src/front-mcp/index.js.map +0 -1
  523. package/src/front-mcp/serverless-handler.js +0 -61
  524. package/src/front-mcp/serverless-handler.js.map +0 -1
  525. package/src/hooks/hook.instance.js +0 -26
  526. package/src/hooks/hook.instance.js.map +0 -1
  527. package/src/hooks/hook.registry.js +0 -152
  528. package/src/hooks/hook.registry.js.map +0 -1
  529. package/src/hooks/hooks.utils.js +0 -34
  530. package/src/hooks/hooks.utils.js.map +0 -1
  531. package/src/index.js +0 -36
  532. package/src/index.js.map +0 -1
  533. package/src/logger/instances/instance.console-logger.js +0 -75
  534. package/src/logger/instances/instance.console-logger.js.map +0 -1
  535. package/src/logger/instances/instance.logger.js +0 -77
  536. package/src/logger/instances/instance.logger.js.map +0 -1
  537. package/src/logger/logger.registry.js +0 -96
  538. package/src/logger/logger.registry.js.map +0 -1
  539. package/src/logger/logger.tokens.js +0 -3
  540. package/src/logger/logger.tokens.js.map +0 -1
  541. package/src/logger/logger.types.js +0 -8
  542. package/src/logger/logger.types.js.map +0 -1
  543. package/src/logger/logger.utils.js +0 -42
  544. package/src/logger/logger.utils.js.map +0 -1
  545. package/src/logging/flows/set-level.flow.js +0 -108
  546. package/src/logging/flows/set-level.flow.js.map +0 -1
  547. package/src/mcp-apps/csp.js +0 -267
  548. package/src/mcp-apps/csp.js.map +0 -1
  549. package/src/mcp-apps/index.js +0 -91
  550. package/src/mcp-apps/index.js.map +0 -1
  551. package/src/mcp-apps/schemas.js +0 -345
  552. package/src/mcp-apps/schemas.js.map +0 -1
  553. package/src/mcp-apps/template.js +0 -419
  554. package/src/mcp-apps/template.js.map +0 -1
  555. package/src/mcp-apps/types.js +0 -59
  556. package/src/mcp-apps/types.js.map +0 -1
  557. package/src/notification/index.js +0 -13
  558. package/src/notification/index.js.map +0 -1
  559. package/src/notification/notification.service.js +0 -731
  560. package/src/notification/notification.service.js.map +0 -1
  561. package/src/plugin/plugin.registry.js +0 -152
  562. package/src/plugin/plugin.registry.js.map +0 -1
  563. package/src/plugin/plugin.utils.js +0 -88
  564. package/src/plugin/plugin.utils.js.map +0 -1
  565. package/src/prompt/flows/get-prompt.flow.js +0 -214
  566. package/src/prompt/flows/get-prompt.flow.js.map +0 -1
  567. package/src/prompt/flows/prompts-list.flow.js +0 -176
  568. package/src/prompt/flows/prompts-list.flow.js.map +0 -1
  569. package/src/prompt/index.js +0 -17
  570. package/src/prompt/index.js.map +0 -1
  571. package/src/prompt/prompt.events.js +0 -25
  572. package/src/prompt/prompt.events.js.map +0 -1
  573. package/src/prompt/prompt.instance.js +0 -120
  574. package/src/prompt/prompt.instance.js.map +0 -1
  575. package/src/prompt/prompt.registry.js +0 -380
  576. package/src/prompt/prompt.registry.js.map +0 -1
  577. package/src/prompt/prompt.types.js +0 -11
  578. package/src/prompt/prompt.types.js.map +0 -1
  579. package/src/prompt/prompt.utils.js +0 -136
  580. package/src/prompt/prompt.utils.js.map +0 -1
  581. package/src/provider/provider.registry.js +0 -868
  582. package/src/provider/provider.registry.js.map +0 -1
  583. package/src/provider/provider.types.js +0 -3
  584. package/src/provider/provider.types.js.map +0 -1
  585. package/src/provider/provider.utils.js +0 -103
  586. package/src/provider/provider.utils.js.map +0 -1
  587. package/src/regsitry/index.js +0 -5
  588. package/src/regsitry/index.js.map +0 -1
  589. package/src/regsitry/registry.base.js +0 -32
  590. package/src/regsitry/registry.base.js.map +0 -1
  591. package/src/resource/flows/read-resource.flow.js +0 -270
  592. package/src/resource/flows/read-resource.flow.js.map +0 -1
  593. package/src/resource/flows/resource-templates-list.flow.js +0 -191
  594. package/src/resource/flows/resource-templates-list.flow.js.map +0 -1
  595. package/src/resource/flows/resources-list.flow.js +0 -196
  596. package/src/resource/flows/resources-list.flow.js.map +0 -1
  597. package/src/resource/flows/subscribe-resource.flow.js +0 -123
  598. package/src/resource/flows/subscribe-resource.flow.js.map +0 -1
  599. package/src/resource/flows/unsubscribe-resource.flow.js +0 -107
  600. package/src/resource/flows/unsubscribe-resource.flow.js.map +0 -1
  601. package/src/resource/index.js +0 -20
  602. package/src/resource/index.js.map +0 -1
  603. package/src/resource/resource.events.js +0 -17
  604. package/src/resource/resource.events.js.map +0 -1
  605. package/src/resource/resource.instance.js +0 -163
  606. package/src/resource/resource.instance.js.map +0 -1
  607. package/src/resource/resource.registry.js +0 -468
  608. package/src/resource/resource.registry.js.map +0 -1
  609. package/src/resource/resource.types.js +0 -11
  610. package/src/resource/resource.types.js.map +0 -1
  611. package/src/resource/resource.utils.js +0 -151
  612. package/src/resource/resource.utils.js.map +0 -1
  613. package/src/scope/flows/http.request.flow.js +0 -474
  614. package/src/scope/flows/http.request.flow.js.map +0 -1
  615. package/src/scope/index.js +0 -6
  616. package/src/scope/index.js.map +0 -1
  617. package/src/scope/scope.instance.js +0 -263
  618. package/src/scope/scope.instance.js.map +0 -1
  619. package/src/scope/scope.registry.js +0 -94
  620. package/src/scope/scope.registry.js.map +0 -1
  621. package/src/scope/scope.utils.js +0 -61
  622. package/src/scope/scope.utils.js.map +0 -1
  623. package/src/server/adapters/base.host.adapter.js +0 -8
  624. package/src/server/adapters/base.host.adapter.js.map +0 -1
  625. package/src/server/adapters/express.host.adapter.js +0 -70
  626. package/src/server/adapters/express.host.adapter.js.map +0 -1
  627. package/src/server/server.instance.js +0 -54
  628. package/src/server/server.instance.js.map +0 -1
  629. package/src/server/server.types.js +0 -3
  630. package/src/server/server.types.js.map +0 -1
  631. package/src/server/server.validation.js +0 -192
  632. package/src/server/server.validation.js.map +0 -1
  633. package/src/store/adapters/store.base.adapter.js +0 -16
  634. package/src/store/adapters/store.base.adapter.js.map +0 -1
  635. package/src/store/adapters/store.memory.adapter.js +0 -89
  636. package/src/store/adapters/store.memory.adapter.js.map +0 -1
  637. package/src/store/adapters/store.redis.adapter.js +0 -104
  638. package/src/store/adapters/store.redis.adapter.js.map +0 -1
  639. package/src/store/index.js +0 -12
  640. package/src/store/index.js.map +0 -1
  641. package/src/store/store.helpers.js +0 -67
  642. package/src/store/store.helpers.js.map +0 -1
  643. package/src/store/store.registry.js +0 -37
  644. package/src/store/store.registry.js.map +0 -1
  645. package/src/store/store.tokens.js +0 -7
  646. package/src/store/store.tokens.js.map +0 -1
  647. package/src/store/store.types.js +0 -11
  648. package/src/store/store.types.js.map +0 -1
  649. package/src/store/store.utils.js +0 -18
  650. package/src/store/store.utils.js.map +0 -1
  651. package/src/tool/flows/call-tool.flow.js +0 -616
  652. package/src/tool/flows/call-tool.flow.js.map +0 -1
  653. package/src/tool/flows/tools-list.flow.js +0 -328
  654. package/src/tool/flows/tools-list.flow.js.map +0 -1
  655. package/src/tool/tool.events.js +0 -16
  656. package/src/tool/tool.events.js.map +0 -1
  657. package/src/tool/tool.instance.js +0 -117
  658. package/src/tool/tool.instance.js.map +0 -1
  659. package/src/tool/tool.registry.js +0 -353
  660. package/src/tool/tool.registry.js.map +0 -1
  661. package/src/tool/tool.types.js +0 -10
  662. package/src/tool/tool.types.js.map +0 -1
  663. package/src/tool/tool.utils.js +0 -366
  664. package/src/tool/tool.utils.js.map +0 -1
  665. package/src/tool/ui/index.js +0 -63
  666. package/src/tool/ui/index.js.map +0 -1
  667. package/src/tool/ui/platform-adapters.js +0 -18
  668. package/src/tool/ui/platform-adapters.js.map +0 -1
  669. package/src/tool/ui/template-helpers.js +0 -112
  670. package/src/tool/ui/template-helpers.js.map +0 -1
  671. package/src/tool/ui/ui-resource-template.js +0 -64
  672. package/src/tool/ui/ui-resource-template.js.map +0 -1
  673. package/src/tool/ui/ui-resource.handler.js +0 -129
  674. package/src/tool/ui/ui-resource.handler.js.map +0 -1
  675. package/src/transport/adapters/transport.local.adapter.js +0 -148
  676. package/src/transport/adapters/transport.local.adapter.js.map +0 -1
  677. package/src/transport/adapters/transport.sse.adapter.js +0 -65
  678. package/src/transport/adapters/transport.sse.adapter.js.map +0 -1
  679. package/src/transport/adapters/transport.streamable-http.adapter.js +0 -112
  680. package/src/transport/adapters/transport.streamable-http.adapter.js.map +0 -1
  681. package/src/transport/flows/handle.sse.flow.js +0 -197
  682. package/src/transport/flows/handle.sse.flow.js.map +0 -1
  683. package/src/transport/flows/handle.stateless-http.flow.js +0 -102
  684. package/src/transport/flows/handle.stateless-http.flow.js.map +0 -1
  685. package/src/transport/flows/handle.streamable-http.flow.js +0 -315
  686. package/src/transport/flows/handle.streamable-http.flow.js.map +0 -1
  687. package/src/transport/legacy/legacy.sse.tranporter.js +0 -185
  688. package/src/transport/legacy/legacy.sse.tranporter.js.map +0 -1
  689. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +0 -14
  690. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +0 -1
  691. package/src/transport/mcp-handlers/call-tool-request.handler.js +0 -46
  692. package/src/transport/mcp-handlers/call-tool-request.handler.js.map +0 -1
  693. package/src/transport/mcp-handlers/complete-request.handler.js +0 -11
  694. package/src/transport/mcp-handlers/complete-request.handler.js.map +0 -1
  695. package/src/transport/mcp-handlers/get-prompt-request.handler.js +0 -11
  696. package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +0 -1
  697. package/src/transport/mcp-handlers/index.js +0 -57
  698. package/src/transport/mcp-handlers/index.js.map +0 -1
  699. package/src/transport/mcp-handlers/initialize-request.handler.js +0 -109
  700. package/src/transport/mcp-handlers/initialize-request.handler.js.map +0 -1
  701. package/src/transport/mcp-handlers/list-prompts-request.handler.js +0 -11
  702. package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +0 -1
  703. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +0 -12
  704. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +0 -1
  705. package/src/transport/mcp-handlers/list-resources-request.handler.js +0 -12
  706. package/src/transport/mcp-handlers/list-resources-request.handler.js.map +0 -1
  707. package/src/transport/mcp-handlers/list-tools-request.handler.js +0 -11
  708. package/src/transport/mcp-handlers/list-tools-request.handler.js.map +0 -1
  709. package/src/transport/mcp-handlers/logging-set-level-request.handler.js +0 -34
  710. package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +0 -1
  711. package/src/transport/mcp-handlers/mcp-handlers.types.js +0 -3
  712. package/src/transport/mcp-handlers/mcp-handlers.types.js.map +0 -1
  713. package/src/transport/mcp-handlers/read-resource-request.handler.js +0 -12
  714. package/src/transport/mcp-handlers/read-resource-request.handler.js.map +0 -1
  715. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +0 -26
  716. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +0 -1
  717. package/src/transport/mcp-handlers/subscribe-request.handler.js +0 -34
  718. package/src/transport/mcp-handlers/subscribe-request.handler.js.map +0 -1
  719. package/src/transport/mcp-handlers/unsubscribe-request.handler.js +0 -34
  720. package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +0 -1
  721. package/src/transport/transport.error.js +0 -25
  722. package/src/transport/transport.error.js.map +0 -1
  723. package/src/transport/transport.event-store.js +0 -36
  724. package/src/transport/transport.event-store.js.map +0 -1
  725. package/src/transport/transport.local.js +0 -71
  726. package/src/transport/transport.local.js.map +0 -1
  727. package/src/transport/transport.registry.js +0 -523
  728. package/src/transport/transport.registry.js.map +0 -1
  729. package/src/transport/transport.remote.js +0 -31
  730. package/src/transport/transport.remote.js.map +0 -1
  731. package/src/transport/transport.types.js +0 -3
  732. package/src/transport/transport.types.js.map +0 -1
  733. package/src/types/drinen-hooks.types.js +0 -3
  734. package/src/types/drinen-hooks.types.js.map +0 -1
  735. package/src/types/invoke.type.js +0 -34
  736. package/src/types/invoke.type.js.map +0 -1
  737. package/src/types/token.types.js +0 -3
  738. package/src/types/token.types.js.map +0 -1
  739. package/src/utils/content.utils.js +0 -194
  740. package/src/utils/content.utils.js.map +0 -1
  741. package/src/utils/index.js +0 -55
  742. package/src/utils/index.js.map +0 -1
  743. package/src/utils/lineage.utils.js +0 -82
  744. package/src/utils/lineage.utils.js.map +0 -1
  745. package/src/utils/metadata.utils.js +0 -26
  746. package/src/utils/metadata.utils.js.map +0 -1
  747. package/src/utils/naming.utils.js +0 -136
  748. package/src/utils/naming.utils.js.map +0 -1
  749. package/src/utils/server.utils.js +0 -59
  750. package/src/utils/server.utils.js.map +0 -1
  751. package/src/utils/string.utils.js +0 -10
  752. package/src/utils/string.utils.js.map +0 -1
  753. package/src/utils/token.utils.js +0 -65
  754. package/src/utils/token.utils.js.map +0 -1
  755. package/src/utils/types.utils.js +0 -3
  756. package/src/utils/types.utils.js.map +0 -1
  757. package/src/utils/uri-template.utils.js +0 -113
  758. package/src/utils/uri-template.utils.js.map +0 -1
  759. package/src/utils/uri-validation.utils.js +0 -76
  760. package/src/utils/uri-validation.utils.js.map +0 -1
  761. package/{src/adapter → adapter}/adapter.instance.d.ts +0 -0
  762. package/{src/adapter → adapter}/adapter.regsitry.d.ts +0 -0
  763. package/{src/adapter → adapter}/adapter.utils.d.ts +0 -0
  764. package/{src/app → app}/app.registry.d.ts +0 -0
  765. package/{src/app → app}/app.utils.d.ts +0 -0
  766. package/{src/app → app}/instances/app.local.instance.d.ts +0 -0
  767. package/{src/app → app}/instances/app.remote.instance.d.ts +0 -0
  768. package/{src/app → app}/instances/index.d.ts +0 -0
  769. package/{src/auth → auth}/auth.registry.d.ts +0 -0
  770. package/{src/auth → auth}/auth.utils.d.ts +0 -0
  771. package/{src/auth → auth}/authorization/authorization.class.d.ts +0 -0
  772. package/{src/auth → auth}/authorization/authorization.types.d.ts +0 -0
  773. package/{src/auth → auth}/authorization/index.d.ts +0 -0
  774. package/{src/auth → auth}/authorization/orchestrated.authorization.d.ts +0 -0
  775. package/{src/auth → auth}/authorization/public.authorization.d.ts +0 -0
  776. package/{src/auth → auth}/authorization/transparent.authorization.d.ts +0 -0
  777. package/{src/auth → auth}/consent/consent.types.d.ts +0 -0
  778. package/{src/auth → auth}/consent/index.d.ts +0 -0
  779. package/{src/auth → auth}/detection/auth-provider-detection.d.ts +0 -0
  780. package/{src/auth → auth}/detection/index.d.ts +0 -0
  781. package/{src/auth → auth}/flows/auth.verify.flow.d.ts +0 -0
  782. package/{src/auth → auth}/flows/oauth.authorize.flow.d.ts +0 -0
  783. package/{src/auth → auth}/flows/oauth.callback.flow.d.ts +0 -0
  784. package/{src/auth → auth}/flows/oauth.register.flow.d.ts +0 -0
  785. package/{src/auth → auth}/flows/oauth.token.flow.d.ts +0 -0
  786. package/{src/auth → auth}/flows/session.verify.flow.d.ts +0 -0
  787. package/{src/auth → auth}/flows/well-known.jwks.flow.d.ts +0 -0
  788. package/{src/auth → auth}/flows/well-known.oauth-authorization-server.flow.d.ts +0 -0
  789. package/{src/auth → auth}/flows/well-known.prm.flow.d.ts +0 -0
  790. package/{src/auth → auth}/jwks/dev-key-persistence.d.ts +0 -0
  791. package/{src/auth → auth}/jwks/index.d.ts +0 -0
  792. package/{src/auth → auth}/jwks/jwks.service.d.ts +0 -0
  793. package/{src/auth → auth}/jwks/jwks.types.d.ts +0 -0
  794. package/{src/auth → auth}/jwks/jwks.utils.d.ts +0 -0
  795. package/{src/auth → auth}/machine-id.d.ts +0 -0
  796. package/{src/auth → auth}/oauth/flows/oauth.authorize.flow.d.ts +0 -0
  797. package/{src/auth → auth}/oauth/flows/oauth.device-authorization.flow.d.ts +0 -0
  798. package/{src/auth → auth}/oauth/flows/oauth.introspect.flow.d.ts +0 -0
  799. package/{src/auth → auth}/oauth/flows/oauth.par.flow.d.ts +0 -0
  800. package/{src/auth → auth}/oauth/flows/oauth.revoke.flow.d.ts +0 -0
  801. package/{src/auth → auth}/oauth/flows/oauth.token.flow.d.ts +0 -0
  802. package/{src/auth → auth}/oauth/flows/oauth.userinfo.flow.d.ts +0 -0
  803. package/{src/auth → auth}/oauth/flows/oidc.logout.flow.d.ts +0 -0
  804. package/{src/auth → auth}/session/authorization-vault.d.ts +0 -0
  805. package/{src/auth → auth}/session/authorization.store.d.ts +0 -0
  806. package/{src/auth → auth}/session/encrypted-authorization-vault.d.ts +0 -0
  807. package/{src/auth → auth}/session/record/session.base.d.ts +0 -0
  808. package/{src/auth → auth}/session/record/session.stateful.d.ts +0 -0
  809. package/{src/auth → auth}/session/record/session.stateless.d.ts +0 -0
  810. package/{src/auth → auth}/session/record/session.transparent.d.ts +0 -0
  811. package/{src/auth → auth}/session/redis-session.store.d.ts +0 -0
  812. package/{src/auth → auth}/session/session.crypto.d.ts +0 -0
  813. package/{src/auth → auth}/session/session.schema.d.ts +0 -0
  814. package/{src/auth → auth}/session/session.service.d.ts +0 -0
  815. package/{src/auth → auth}/session/session.transport.d.ts +0 -0
  816. package/{src/auth → auth}/session/session.types.d.ts +0 -0
  817. package/{src/auth → auth}/session/token.refresh.d.ts +0 -0
  818. package/{src/auth → auth}/session/token.store.d.ts +0 -0
  819. package/{src/auth → auth}/session/token.vault.d.ts +0 -0
  820. package/{src/auth → auth}/session/transport-session.manager.d.ts +0 -0
  821. package/{src/auth → auth}/session/transport-session.types.d.ts +0 -0
  822. package/{src/auth → auth}/session/utils/auth-token.utils.d.ts +0 -0
  823. package/{src/auth → auth}/session/utils/session-id.utils.d.ts +0 -0
  824. package/{src/auth → auth}/session/utils/tiny-ttl-cache.d.ts +0 -0
  825. package/{src/auth → auth}/session/vault-encryption.d.ts +0 -0
  826. package/{src/auth → auth}/ui/base-layout.d.ts +0 -0
  827. package/{src/auth → auth}/ui/index.d.ts +0 -0
  828. package/{src/auth → auth}/ui/templates.d.ts +0 -0
  829. package/{src/auth → auth}/utils/audience.validator.d.ts +0 -0
  830. package/{src/auth → auth}/utils/index.d.ts +0 -0
  831. package/{src/auth → auth}/utils/www-authenticate.utils.d.ts +0 -0
  832. package/{src/common → common}/common.schema.d.ts +0 -0
  833. package/{src/common → common}/constants.d.ts +0 -0
  834. package/{src/common → common}/decorators/adapter.decorator.d.ts +0 -0
  835. package/{src/common → common}/decorators/app.decorator.d.ts +0 -0
  836. package/{src/common → common}/decorators/auth-provider.decorator.d.ts +0 -0
  837. package/{src/common → common}/decorators/decorator-utils.d.ts +0 -0
  838. package/{src/common → common}/decorators/flow.decorator.d.ts +0 -0
  839. package/{src/common → common}/decorators/front-mcp.decorator.d.ts +0 -0
  840. package/{src/common → common}/decorators/hook.decorator.d.ts +0 -0
  841. package/{src/common → common}/decorators/index.d.ts +0 -0
  842. package/{src/common → common}/decorators/logger.decorator.d.ts +0 -0
  843. package/{src/common → common}/decorators/plugin.decorator.d.ts +0 -0
  844. package/{src/common → common}/decorators/prompt.decorator.d.ts +0 -0
  845. package/{src/common → common}/decorators/provider.decorator.d.ts +0 -0
  846. package/{src/common → common}/decorators/resource.decorator.d.ts +0 -0
  847. package/{src/common → common}/decorators/tool.decorator.d.ts +0 -0
  848. package/{src/common → common}/dynamic/dynamic.adapter.d.ts +0 -0
  849. package/{src/common → common}/dynamic/dynamic.plugin.d.ts +0 -0
  850. package/{src/common → common}/dynamic/dynamic.utils.d.ts +0 -0
  851. package/{src/common → common}/dynamic/index.d.ts +0 -0
  852. package/{src/common → common}/entries/adapter.entry.d.ts +0 -0
  853. package/{src/common → common}/entries/app.entry.d.ts +0 -0
  854. package/{src/common → common}/entries/auth-provider.entry.d.ts +0 -0
  855. package/{src/common → common}/entries/base.entry.d.ts +0 -0
  856. package/{src/common → common}/entries/flow.entry.d.ts +0 -0
  857. package/{src/common → common}/entries/hook.entry.d.ts +0 -0
  858. package/{src/common → common}/entries/index.d.ts +0 -0
  859. package/{src/common → common}/entries/logger.entry.d.ts +0 -0
  860. package/{src/common → common}/entries/plugin.entry.d.ts +0 -0
  861. package/{src/common → common}/entries/prompt.entry.d.ts +0 -0
  862. package/{src/common → common}/entries/provider.entry.d.ts +0 -0
  863. package/{src/common → common}/entries/resource.entry.d.ts +0 -0
  864. package/{src/common → common}/entries/scope.entry.d.ts +0 -0
  865. package/{src/common → common}/entries/tool.entry.d.ts +0 -0
  866. package/{src/common → common}/flow/flow.utils.d.ts +0 -0
  867. package/{src/common → common}/index.d.ts +0 -0
  868. package/{src/common → common}/interfaces/adapter.interface.d.ts +0 -0
  869. package/{src/common → common}/interfaces/app.interface.d.ts +0 -0
  870. package/{src/common → common}/interfaces/auth-hook.interface.d.ts +0 -0
  871. package/{src/common → common}/interfaces/auth-provider.interface.d.ts +0 -0
  872. package/{src/common → common}/interfaces/base.interface.d.ts +0 -0
  873. package/{src/common → common}/interfaces/execution-context.interface.d.ts +0 -0
  874. package/{src/common → common}/interfaces/flow.interface.d.ts +0 -0
  875. package/{src/common → common}/interfaces/front-mcp.interface.d.ts +0 -0
  876. package/{src/common → common}/interfaces/hook.interface.d.ts +0 -0
  877. package/{src/common → common}/interfaces/index.d.ts +0 -0
  878. package/{src/common → common}/interfaces/internal/flow.utils.d.ts +0 -0
  879. package/{src/common → common}/interfaces/internal/index.d.ts +0 -0
  880. package/{src/common → common}/interfaces/internal/registry.interface.d.ts +0 -0
  881. package/{src/common → common}/interfaces/logger.interface.d.ts +0 -0
  882. package/{src/common → common}/interfaces/plugin.interface.d.ts +0 -0
  883. package/{src/common → common}/interfaces/prompt.interface.d.ts +0 -0
  884. package/{src/common → common}/interfaces/provider.interface.d.ts +0 -0
  885. package/{src/common → common}/interfaces/resource.interface.d.ts +0 -0
  886. package/{src/common → common}/interfaces/scope.interface.d.ts +0 -0
  887. package/{src/common → common}/interfaces/server.interface.d.ts +0 -0
  888. package/{src/common → common}/interfaces/session-hook.interface.d.ts +0 -0
  889. package/{src/common → common}/interfaces/tool-hook.interface.d.ts +0 -0
  890. package/{src/common → common}/interfaces/tool.interface.d.ts +0 -0
  891. package/{src/common → common}/metadata/adapter.metadata.d.ts +0 -0
  892. package/{src/common → common}/metadata/app.metadata.d.ts +42 -42
  893. /package/{src/common → common}/metadata/auth-provider.metadata.d.ts +0 -0
  894. /package/{src/common → common}/metadata/flow.metadata.d.ts +0 -0
  895. /package/{src/common → common}/metadata/hook.metadata.d.ts +0 -0
  896. /package/{src/common → common}/metadata/index.d.ts +0 -0
  897. /package/{src/common → common}/metadata/logger.metadata.d.ts +0 -0
  898. /package/{src/common → common}/metadata/plugin.metadata.d.ts +0 -0
  899. /package/{src/common → common}/metadata/provider.metadata.d.ts +0 -0
  900. /package/{src/common → common}/migrate/auth-transport.migrate.d.ts +0 -0
  901. /package/{src/common → common}/migrate/index.d.ts +0 -0
  902. /package/{src/common → common}/providers/base-config.provider.d.ts +0 -0
  903. /package/{src/common → common}/records/adapter.record.d.ts +0 -0
  904. /package/{src/common → common}/records/app.record.d.ts +0 -0
  905. /package/{src/common → common}/records/auth-provider.record.d.ts +0 -0
  906. /package/{src/common → common}/records/flow.record.d.ts +0 -0
  907. /package/{src/common → common}/records/hook.record.d.ts +0 -0
  908. /package/{src/common → common}/records/index.d.ts +0 -0
  909. /package/{src/common → common}/records/logger.record.d.ts +0 -0
  910. /package/{src/common → common}/records/plugin.record.d.ts +0 -0
  911. /package/{src/common → common}/records/prompt.record.d.ts +0 -0
  912. /package/{src/common → common}/records/provider.record.d.ts +0 -0
  913. /package/{src/common → common}/records/resource.record.d.ts +0 -0
  914. /package/{src/common → common}/records/scope.record.d.ts +0 -0
  915. /package/{src/common → common}/records/tool.record.d.ts +0 -0
  916. /package/{src/common → common}/schemas/annotated-class.schema.d.ts +0 -0
  917. /package/{src/common → common}/schemas/http-input.schema.d.ts +0 -0
  918. /package/{src/common → common}/schemas/index.d.ts +0 -0
  919. /package/{src/common → common}/schemas/session-header.schema.d.ts +0 -0
  920. /package/{src/common → common}/tokens/adapter.tokens.d.ts +0 -0
  921. /package/{src/common → common}/tokens/app.tokens.d.ts +0 -0
  922. /package/{src/common → common}/tokens/auth-provider.tokens.d.ts +0 -0
  923. /package/{src/common → common}/tokens/base.tokens.d.ts +0 -0
  924. /package/{src/common → common}/tokens/flow-hook.tokens.d.ts +0 -0
  925. /package/{src/common → common}/tokens/flow.tokens.d.ts +0 -0
  926. /package/{src/common → common}/tokens/front-mcp.tokens.d.ts +0 -0
  927. /package/{src/common → common}/tokens/index.d.ts +0 -0
  928. /package/{src/common → common}/tokens/logger.tokens.d.ts +0 -0
  929. /package/{src/common → common}/tokens/plugin.tokens.d.ts +0 -0
  930. /package/{src/common → common}/tokens/prompt.tokens.d.ts +0 -0
  931. /package/{src/common → common}/tokens/provider.tokens.d.ts +0 -0
  932. /package/{src/common → common}/tokens/resource.tokens.d.ts +0 -0
  933. /package/{src/common → common}/tokens/server.tokens.d.ts +0 -0
  934. /package/{src/common → common}/tokens/tool.tokens.d.ts +0 -0
  935. /package/{src/common → common}/types/auth/index.d.ts +0 -0
  936. /package/{src/common → common}/types/auth/jwt.types.d.ts +0 -0
  937. /package/{src/common → common}/types/auth/session.types.d.ts +0 -0
  938. /package/{src/common → common}/types/common.types.d.ts +0 -0
  939. /package/{src/common → common}/types/index.d.ts +0 -0
  940. /package/{src/logger/logger.tokens.d.ts → common/types/options/auth/auth.typecheck.d.ts} +0 -0
  941. /package/{src/common → common}/types/options/http.options.d.ts +0 -0
  942. /package/{src/common → common}/types/options/logging.options.d.ts +0 -0
  943. /package/{src/common → common}/types/options/session.options.d.ts +0 -0
  944. /package/{src/common → common}/utils/path.utils.d.ts +0 -0
  945. /package/{src/context → context}/frontmcp-context-storage.d.ts +0 -0
  946. /package/{src/context → context}/frontmcp-context.d.ts +0 -0
  947. /package/{src/context → context}/frontmcp-context.provider.d.ts +0 -0
  948. /package/{src/context → context}/index.d.ts +0 -0
  949. /package/{src/context → context}/request-context-storage.d.ts +0 -0
  950. /package/{src/context → context}/request-context.d.ts +0 -0
  951. /package/{src/context → context}/request-context.provider.d.ts +0 -0
  952. /package/{src/context → context}/session-key.provider.d.ts +0 -0
  953. /package/{src/context → context}/trace-context.d.ts +0 -0
  954. /package/{src/errors → errors}/authorization-required.error.d.ts +0 -0
  955. /package/{src/errors → errors}/error-handler.d.ts +0 -0
  956. /package/{src/exceptions → exceptions}/mcp-exceptions/session-missing.exception.d.ts +0 -0
  957. /package/{src/exceptions → exceptions}/mcp-exceptions/unsupported-client-version.exception.d.ts +0 -0
  958. /package/{src/flows → flows}/flow.instance.d.ts +0 -0
  959. /package/{src/flows → flows}/flow.registry.d.ts +0 -0
  960. /package/{src/flows → flows}/flow.stages.d.ts +0 -0
  961. /package/{src/flows → flows}/flow.utils.d.ts +0 -0
  962. /package/{src/front-mcp → front-mcp}/front-mcp.d.ts +0 -0
  963. /package/{src/front-mcp → front-mcp}/front-mcp.tokens.d.ts +0 -0
  964. /package/{src/front-mcp → front-mcp}/serverless-handler.d.ts +0 -0
  965. /package/{src/hooks → hooks}/hook.instance.d.ts +0 -0
  966. /package/{src/hooks → hooks}/hook.registry.d.ts +0 -0
  967. /package/{src/hooks → hooks}/hooks.utils.d.ts +0 -0
  968. /package/{src/logger → logger}/instances/instance.console-logger.d.ts +0 -0
  969. /package/{src/logger → logger}/instances/instance.logger.d.ts +0 -0
  970. /package/{src/logger → logger}/logger.registry.d.ts +0 -0
  971. /package/{src/logger → logger}/logger.types.d.ts +0 -0
  972. /package/{src/logger → logger}/logger.utils.d.ts +0 -0
  973. /package/{src/mcp-apps → mcp-apps}/csp.d.ts +0 -0
  974. /package/{src/mcp-apps → mcp-apps}/index.d.ts +0 -0
  975. /package/{src/mcp-apps → mcp-apps}/schemas.d.ts +0 -0
  976. /package/{src/mcp-apps → mcp-apps}/template.d.ts +0 -0
  977. /package/{src/mcp-apps → mcp-apps}/types.d.ts +0 -0
  978. /package/{src/notification → notification}/index.d.ts +0 -0
  979. /package/{src/notification → notification}/notification.service.d.ts +0 -0
  980. /package/{src/plugin → plugin}/plugin.registry.d.ts +0 -0
  981. /package/{src/plugin → plugin}/plugin.utils.d.ts +0 -0
  982. /package/{src/prompt → prompt}/index.d.ts +0 -0
  983. /package/{src/prompt → prompt}/prompt.events.d.ts +0 -0
  984. /package/{src/prompt → prompt}/prompt.instance.d.ts +0 -0
  985. /package/{src/prompt → prompt}/prompt.registry.d.ts +0 -0
  986. /package/{src/prompt → prompt}/prompt.types.d.ts +0 -0
  987. /package/{src/prompt → prompt}/prompt.utils.d.ts +0 -0
  988. /package/{src/provider → provider}/provider.registry.d.ts +0 -0
  989. /package/{src/provider → provider}/provider.types.d.ts +0 -0
  990. /package/{src/provider → provider}/provider.utils.d.ts +0 -0
  991. /package/{src/regsitry → regsitry}/index.d.ts +0 -0
  992. /package/{src/regsitry → regsitry}/registry.base.d.ts +0 -0
  993. /package/{src/resource → resource}/index.d.ts +0 -0
  994. /package/{src/resource → resource}/resource.events.d.ts +0 -0
  995. /package/{src/resource → resource}/resource.instance.d.ts +0 -0
  996. /package/{src/resource → resource}/resource.registry.d.ts +0 -0
  997. /package/{src/resource → resource}/resource.types.d.ts +0 -0
  998. /package/{src/resource → resource}/resource.utils.d.ts +0 -0
  999. /package/{src/scope → scope}/flows/http.request.flow.d.ts +0 -0
  1000. /package/{src/scope → scope}/index.d.ts +0 -0
  1001. /package/{src/scope → scope}/scope.instance.d.ts +0 -0
  1002. /package/{src/scope → scope}/scope.registry.d.ts +0 -0
  1003. /package/{src/scope → scope}/scope.utils.d.ts +0 -0
  1004. /package/{src/server → server}/adapters/base.host.adapter.d.ts +0 -0
  1005. /package/{src/server → server}/adapters/express.host.adapter.d.ts +0 -0
  1006. /package/{src/server → server}/server.instance.d.ts +0 -0
  1007. /package/{src/server → server}/server.types.d.ts +0 -0
  1008. /package/{src/server → server}/server.validation.d.ts +0 -0
  1009. /package/{src/store → store}/adapters/store.base.adapter.d.ts +0 -0
  1010. /package/{src/store → store}/adapters/store.memory.adapter.d.ts +0 -0
  1011. /package/{src/store → store}/adapters/store.redis.adapter.d.ts +0 -0
  1012. /package/{src/store → store}/store.helpers.d.ts +0 -0
  1013. /package/{src/store → store}/store.registry.d.ts +0 -0
  1014. /package/{src/store → store}/store.tokens.d.ts +0 -0
  1015. /package/{src/store → store}/store.types.d.ts +0 -0
  1016. /package/{src/store → store}/store.utils.d.ts +0 -0
  1017. /package/{src/tool → tool}/tool.events.d.ts +0 -0
  1018. /package/{src/tool → tool}/tool.instance.d.ts +0 -0
  1019. /package/{src/tool → tool}/tool.registry.d.ts +0 -0
  1020. /package/{src/tool → tool}/tool.types.d.ts +0 -0
  1021. /package/{src/tool → tool}/tool.utils.d.ts +0 -0
  1022. /package/{src/tool → tool}/ui/ui-resource-template.d.ts +0 -0
  1023. /package/{src/transport → transport}/adapters/transport.local.adapter.d.ts +0 -0
  1024. /package/{src/transport → transport}/adapters/transport.sse.adapter.d.ts +0 -0
  1025. /package/{src/transport → transport}/adapters/transport.streamable-http.adapter.d.ts +0 -0
  1026. /package/{src/transport → transport}/flows/handle.sse.flow.d.ts +0 -0
  1027. /package/{src/transport → transport}/flows/handle.stateless-http.flow.d.ts +0 -0
  1028. /package/{src/transport → transport}/flows/handle.streamable-http.flow.d.ts +0 -0
  1029. /package/{src/transport → transport}/legacy/legacy.sse.tranporter.d.ts +0 -0
  1030. /package/{src/transport → transport}/mcp-handlers/Initialized-notification.hanlder.d.ts +0 -0
  1031. /package/{src/transport → transport}/mcp-handlers/call-tool-request.handler.d.ts +0 -0
  1032. /package/{src/transport → transport}/mcp-handlers/initialize-request.handler.d.ts +0 -0
  1033. /package/{src/transport → transport}/mcp-handlers/mcp-handlers.types.d.ts +0 -0
  1034. /package/{src/transport → transport}/mcp-handlers/roots-list-changed-notification.handler.d.ts +0 -0
  1035. /package/{src/transport → transport}/transport.error.d.ts +0 -0
  1036. /package/{src/transport → transport}/transport.event-store.d.ts +0 -0
  1037. /package/{src/transport → transport}/transport.local.d.ts +0 -0
  1038. /package/{src/transport → transport}/transport.remote.d.ts +0 -0
  1039. /package/{src/transport → transport}/transport.types.d.ts +0 -0
  1040. /package/{src/types → types}/drinen-hooks.types.d.ts +0 -0
  1041. /package/{src/types → types}/invoke.type.d.ts +0 -0
  1042. /package/{src/types → types}/token.types.d.ts +0 -0
  1043. /package/{src/utils → utils}/content.utils.d.ts +0 -0
  1044. /package/{src/utils → utils}/index.d.ts +0 -0
  1045. /package/{src/utils → utils}/lineage.utils.d.ts +0 -0
  1046. /package/{src/utils → utils}/metadata.utils.d.ts +0 -0
  1047. /package/{src/utils → utils}/naming.utils.d.ts +0 -0
  1048. /package/{src/utils → utils}/server.utils.d.ts +0 -0
  1049. /package/{src/utils → utils}/string.utils.d.ts +0 -0
  1050. /package/{src/utils → utils}/token.utils.d.ts +0 -0
  1051. /package/{src/utils → utils}/types.utils.d.ts +0 -0
  1052. /package/{src/utils → utils}/uri-template.utils.d.ts +0 -0
  1053. /package/{src/utils → utils}/uri-validation.utils.d.ts +0 -0
package/src/auth/auth.utils.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth.utils.js","sourceRoot":"","sources":["../../../src/auth/auth.utils.ts"],"names":[],"mappings":";;AAWA,kDAMC;AAED,sCAoDC;AAQD,8CAeC;AA9FD,qBAAqB;AACrB,oCAAwE;AACxE,sCAOmB;AAEnB,SAAgB,mBAAmB,CAAC,GAAqB;IACvD,OAAO,MAAM,CAAC,OAAO,CAAC,mCAA0B,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAClF,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE;YAC7B,CAAC,GAAG,CAAC,EAAE,IAAA,mBAAW,EAAC,KAAK,EAAE,GAAG,CAAC;SAC/B,CAAC,CAAC;IACL,CAAC,EAAE,EAA0B,CAAC,CAAC;AACjC,CAAC;AAED,SAAgB,aAAa,CAAC,IAAsB;IAClD,IAAI,IAAA,eAAO,EAAC,IAAI,CAAC,EAAE,CAAC;QAClB,kCAAkC;QAClC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,OAAO,EAAE,IAAI,EAAE,yBAAgB,CAAC,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACzE,CAAC;IACD,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAW,CAAC;QAErF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,UAAU,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,SAAS,IAAI,yBAAyB,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,IAAA,eAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,IAAA,iBAAS,EAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACjF,CAAC;YACD,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAA,iBAAS,EAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;YACtF,CAAC;YACD,MAAM,GAAG,GAAG,OAAO,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAW,CAAC;YACtE,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,OAAO;gBAC9B,OAAO;gBACP,MAAM,EAAE,GAAG;gBACX,UAAU;gBACV,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;YACvB,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,uCAAuC,CAAC,CAAC;AAChF,CAAC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,GAAuB;IACvD,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,yBAAgB,CAAC,KAAK,CAAC;QAC5B,KAAK,yBAAgB,CAAC,OAAO;YAC3B,OAAO,EAAE,CAAC;QAEZ,KAAK,yBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9B,OAAO,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,KAAK,yBAAgB,CAAC,KAAK;YACzB,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAEhD,KAAK,yBAAgB,CAAC,WAAW;YAC/B,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IACjD,CAAC;AACH,CAAC","sourcesContent":["// auth/auth.utils.ts\nimport { depsOfClass, isClass, tokenName, getMetadata } from '../utils';\nimport {\n AuthProviderMetadata,\n FrontMcpAuthProviderTokens,\n AuthProviderType,\n Token,\n AuthProviderRecord,\n AuthProviderKind,\n} from '../common';\n\nexport function collectAuthMetadata(cls: AuthProviderType): AuthProviderMetadata {\n return Object.entries(FrontMcpAuthProviderTokens).reduce((metadata, [key, token]) => {\n return Object.assign(metadata, {\n [key]: getMetadata(token, cls),\n });\n }, {} as AuthProviderMetadata);\n}\n\nexport function normalizeAuth(item: AuthProviderType): AuthProviderRecord {\n if (isClass(item)) {\n // read McpAuthMetadata from class\n const metadata = collectAuthMetadata(item);\n return { kind: AuthProviderKind.CLASS_TOKEN, provide: item, metadata };\n }\n if (item && typeof item === 'object') {\n const { provide, useClass, useValue, useFactory, inject, ...metadata } = item as any;\n\n if (!provide) {\n const name = (item as any)?.name ?? '[object]';\n throw new Error(`Auth '${name}' is missing 'provide'.`);\n }\n\n if (useClass) {\n if (!isClass(useClass)) {\n throw new Error(`'useClass' on auth '${tokenName(provide)}' must be a class.`);\n }\n return {\n kind: AuthProviderKind.CLASS,\n provide,\n useClass,\n metadata,\n };\n }\n\n if (useFactory) {\n if (typeof useFactory !== 'function') {\n throw new Error(`'useFactory' on auth '${tokenName(provide)}' must be a function.`);\n }\n const inj = typeof inject === 'function' ? inject : () => [] as const;\n return {\n kind: AuthProviderKind.FACTORY,\n provide,\n inject: inj,\n useFactory,\n metadata,\n };\n }\n\n if ('useValue' in item) {\n return {\n kind: AuthProviderKind.VALUE,\n provide,\n useValue,\n metadata,\n };\n }\n }\n\n const name = (item as any)?.name ?? String(item);\n throw new Error(`Invalid auth '${name}'. Expected a class or a auth object.`);\n}\n\n/**\n * For graph/cycle detection. Returns dependency tokens that should be graphed.\n * - VALUE: no deps\n * - FACTORY: only includes deps that are registered (others will be resolved)\n * - CLASS / CLASS_TOKEN: deps come from the class constructor or static with(...)\n */\nexport function authDiscoveryDeps(rec: AuthProviderRecord): Token[] {\n switch (rec.kind) {\n case AuthProviderKind.VALUE:\n case AuthProviderKind.PRIMARY:\n return [];\n\n case AuthProviderKind.FACTORY: {\n return [...rec.inject()];\n }\n case AuthProviderKind.CLASS:\n return depsOfClass(rec.useClass, 'discovery');\n\n case AuthProviderKind.CLASS_TOKEN:\n return depsOfClass(rec.provide, 'discovery');\n }\n}\n"]}
package/src/auth/authorization/authorization.class.js DELETED
@@ -1,217 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.class.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.AuthorizationBase = exports.getMachineId = void 0;
5
- const crypto_1 = require("crypto");
6
- const session_id_utils_1 = require("../session/utils/session-id.utils");
7
- const machine_id_1 = require("../machine-id");
8
- // Re-export getMachineId for backwards compatibility
9
- var machine_id_2 = require("../machine-id");
10
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return machine_id_2.getMachineId; } });
11
- /**
12
- * Base Authorization class - represents authenticated user context
13
- * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)
14
- */
15
- class AuthorizationBase {
16
- id;
17
- isAnonymous;
18
- user;
19
- claims;
20
- expiresAt;
21
- scopes;
22
- authorizedProviders;
23
- authorizedProviderIds;
24
- authorizedApps;
25
- authorizedAppIds;
26
- authorizedTools;
27
- authorizedToolIds;
28
- authorizedPrompts;
29
- authorizedPromptIds;
30
- authorizedResources;
31
- /** The original bearer token (for transparent mode) */
32
- token;
33
- /** Active transport sessions for this authorization */
34
- #sessions = new Map();
35
- /** Creation timestamp */
36
- createdAt;
37
- constructor(ctx) {
38
- this.id = ctx.id;
39
- this.isAnonymous = ctx.isAnonymous;
40
- this.user = ctx.user;
41
- this.claims = ctx.claims;
42
- this.expiresAt = ctx.expiresAt;
43
- this.scopes = ctx.scopes ?? [];
44
- this.token = ctx.token;
45
- this.createdAt = Date.now();
46
- // Initialize authorization projections
47
- this.authorizedProviders = ctx.authorizedProviders ?? {};
48
- this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);
49
- this.authorizedApps = ctx.authorizedApps ?? {};
50
- this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);
51
- this.authorizedTools = ctx.authorizedTools ?? {};
52
- this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);
53
- this.authorizedPrompts = ctx.authorizedPrompts ?? {};
54
- this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);
55
- this.authorizedResources = ctx.authorizedResources ?? [];
56
- }
57
- /**
58
- * Create a new transport session for this authorization
59
- * @param protocol - Transport protocol (sse, streamable-http, etc.)
60
- * @param fingerprint - Optional client fingerprint for tracking
61
- */
62
- createTransportSession(protocol, fingerprint) {
63
- const sessionId = (0, crypto_1.randomUUID)();
64
- const session = {
65
- id: sessionId,
66
- authorizationId: this.id,
67
- protocol,
68
- createdAt: Date.now(),
69
- expiresAt: this.expiresAt,
70
- nodeId: (0, machine_id_1.getMachineId)(),
71
- clientFingerprint: fingerprint,
72
- };
73
- this.#sessions.set(session.id, session);
74
- return session;
75
- }
76
- /**
77
- * Get existing transport session by ID
78
- */
79
- getTransportSession(sessionId) {
80
- return this.#sessions.get(sessionId);
81
- }
82
- /**
83
- * Get all active transport sessions
84
- */
85
- getAllSessions() {
86
- return Array.from(this.#sessions.values());
87
- }
88
- /**
89
- * Remove a transport session
90
- */
91
- removeTransportSession(sessionId) {
92
- return this.#sessions.delete(sessionId);
93
- }
94
- /**
95
- * Get count of active sessions
96
- */
97
- get sessionCount() {
98
- return this.#sessions.size;
99
- }
100
- /**
101
- * Check if a scope is granted
102
- */
103
- hasScope(scope) {
104
- return this.scopes.includes(scope);
105
- }
106
- /**
107
- * Check if all scopes are granted
108
- */
109
- hasAllScopes(scopes) {
110
- return scopes.every((s) => this.scopes.includes(s));
111
- }
112
- /**
113
- * Check if any scope is granted
114
- */
115
- hasAnyScope(scopes) {
116
- return scopes.some((s) => this.scopes.includes(s));
117
- }
118
- /**
119
- * Check if a tool is authorized
120
- */
121
- canAccessTool(toolId) {
122
- return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);
123
- }
124
- /**
125
- * Check if a prompt is authorized
126
- */
127
- canAccessPrompt(promptId) {
128
- return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);
129
- }
130
- /**
131
- * Check if an app is authorized.
132
- * Used for progressive authorization to determine if tools from this app can be executed.
133
- * @param appId - App ID to check
134
- */
135
- isAppAuthorized(appId) {
136
- return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);
137
- }
138
- /**
139
- * Build URL for progressive/incremental authorization.
140
- * Used when a tool requires authorization for an app that was skipped during initial auth.
141
- * @param appId - App ID that requires authorization
142
- * @param baseUrl - Base URL of the server
143
- */
144
- getProgressiveAuthUrl(appId, baseUrl) {
145
- return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;
146
- }
147
- /**
148
- * Check if the authorization is expired
149
- */
150
- isExpired() {
151
- if (!this.expiresAt)
152
- return false;
153
- return Date.now() > this.expiresAt;
154
- }
155
- /**
156
- * Get time until expiration in milliseconds
157
- * Returns undefined if no expiration, negative if expired
158
- */
159
- getTimeToExpiry() {
160
- if (!this.expiresAt)
161
- return undefined;
162
- return this.expiresAt - Date.now();
163
- }
164
- /**
165
- * Convert a transport session to encrypted session JWT
166
- * This is what gets sent in the Mcp-Session-Id header
167
- */
168
- toSessionJwt(session) {
169
- const payload = {
170
- sid: session.id,
171
- aid: this.id,
172
- proto: session.protocol,
173
- nid: session.nodeId,
174
- iat: Math.floor(Date.now() / 1000),
175
- exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,
176
- };
177
- return (0, session_id_utils_1.encryptJson)(payload);
178
- }
179
- /**
180
- * Convert to LLM-safe context (no tokens exposed)
181
- */
182
- toLLMSafeContext(session) {
183
- return {
184
- authorizationId: this.id,
185
- sessionId: session.id,
186
- mode: this.mode,
187
- isAnonymous: this.isAnonymous,
188
- user: {
189
- sub: this.user.sub,
190
- name: this.user.name,
191
- },
192
- scopes: this.scopes,
193
- authorizedToolIds: this.authorizedToolIds,
194
- authorizedPromptIds: this.authorizedPromptIds,
195
- };
196
- }
197
- /**
198
- * Validate that no tokens are leaked in data
199
- * Throws if JWT pattern detected
200
- */
201
- static validateNoTokenLeakage(data) {
202
- const json = JSON.stringify(data);
203
- // Detect JWT pattern (header.payload.signature)
204
- if (/eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/.test(json)) {
205
- throw new Error('SECURITY: Token detected in data - potential LLM context leak');
206
- }
207
- // Detect sensitive field names
208
- const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];
209
- for (const field of sensitiveFields) {
210
- if (json.includes(`"${field}"`)) {
211
- throw new Error(`SECURITY: Sensitive field "${field}" detected - potential leak`);
212
- }
213
- }
214
- }
215
- }
216
- exports.AuthorizationBase = AuthorizationBase;
217
- //# sourceMappingURL=authorization.class.js.map
package/src/auth/authorization/authorization.class.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.class.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.class.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,mCAAoC;AAWpC,wEAAgE;AAEhE,8CAA6C;AAE7C,qDAAqD;AACrD,4CAA6C;AAApC,0GAAA,YAAY,OAAA;AAErB;;;GAGG;AACH,MAAsB,iBAAiB;IAC5B,EAAE,CAAS;IAEX,WAAW,CAAU;IACrB,IAAI,CAAW;IACf,MAAM,CAA2B;IACjC,SAAS,CAAU;IACnB,MAAM,CAAW;IACjB,mBAAmB,CAAmC;IACtD,qBAAqB,CAAW;IAChC,cAAc,CAAoD;IAClE,gBAAgB,CAAW;IAC3B,eAAe,CAAiC;IAChD,iBAAiB,CAAW;IAC5B,iBAAiB,CAAmC;IACpD,mBAAmB,CAAW;IAC9B,mBAAmB,CAAW;IAEvC,uDAAuD;IACpC,KAAK,CAAU;IAElC,uDAAuD;IAC9C,SAAS,GAAkC,IAAI,GAAG,EAAE,CAAC;IAE9D,yBAAyB;IAChB,SAAS,CAAS;IAE3B,YAAsB,GAA2B;QAC/C,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE5B,uCAAuC;QACvC,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;QACzD,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAChG,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC;QAC/C,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,gBAAgB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACjF,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACpF,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;QACrD,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC1F,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED;;;;OAIG;IACH,sBAAsB,CAAC,QAA2B,EAAE,WAAoB;QACtE,MAAM,SAAS,GAAG,IAAA,mBAAU,GAAE,CAAC;QAE/B,MAAM,OAAO,GAAqB;YAChC,EAAE,EAAE,SAAS;YACb,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,IAAA,yBAAY,GAAE;YACtB,iBAAiB,EAAE,WAAW;SAC/B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACxC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,SAAiB;QACnC,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,SAAiB;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC7B,CAAC;IAWD;;OAEG;IACH,QAAQ,CAAC,KAAa;QACpB,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAgB;QAC3B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,MAAgB;QAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,MAAc;QAC1B,OAAO,MAAM,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,QAAgB;QAC9B,OAAO,QAAQ,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3F,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAa;QAC3B,OAAO,KAAK,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACH,qBAAqB,CAAC,KAAa,EAAE,OAAe;QAClD,OAAO,GAAG,OAAO,wBAAwB,kBAAkB,CAAC,KAAK,CAAC,mBAAmB,CAAC;IACxF,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QAClC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,SAAS,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,OAAyB;QACpC,MAAM,OAAO,GAAsB;YACjC,GAAG,EAAE,OAAO,CAAC,EAAE;YACf,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,OAAO,CAAC,QAAQ;YACvB,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;QACF,OAAO,IAAA,8BAAW,EAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,OAAyB;QACxC,OAAO;YACL,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,SAAS,EAAE,OAAO,CAAC,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,IAAI,EAAE;gBACJ,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG;gBAClB,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI;aACrB;YACD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;SAC9C,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,sBAAsB,CAAC,IAAa;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,gDAAgD;QAChD,IAAI,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QACD,+BAA+B;QAC/B,MAAM,eAAe,GAAG,CAAC,cAAc,EAAE,eAAe,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;QACjG,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,6BAA6B,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAxOD,8CAwOC","sourcesContent":["// auth/authorization/authorization.class.ts\n\nimport { randomUUID } from 'crypto';\nimport {\n Authorization,\n AuthorizationCreateCtx,\n AuthorizedPrompt,\n AuthorizedTool,\n AuthUser,\n LLMSafeAuthContext,\n} from './authorization.types';\nimport { TransportSession, TransportProtocol, SessionJwtPayload } from '../session';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { encryptJson } from '../session/utils/session-id.utils';\nimport { AuthMode } from '../../common';\nimport { getMachineId } from '../machine-id';\n\n// Re-export getMachineId for backwards compatibility\nexport { getMachineId } from '../machine-id';\n\n/**\n * Base Authorization class - represents authenticated user context\n * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)\n */\nexport abstract class AuthorizationBase implements Authorization {\n readonly id: string;\n abstract readonly mode: AuthMode;\n readonly isAnonymous: boolean;\n readonly user: AuthUser;\n readonly claims?: Record<string, unknown>;\n readonly expiresAt?: number;\n readonly scopes: string[];\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n readonly authorizedProviderIds: string[];\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n readonly authorizedAppIds: string[];\n readonly authorizedTools: Record<string, AuthorizedTool>;\n readonly authorizedToolIds: string[];\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n readonly authorizedPromptIds: string[];\n readonly authorizedResources: string[];\n\n /** The original bearer token (for transparent mode) */\n protected readonly token?: string;\n\n /** Active transport sessions for this authorization */\n readonly #sessions: Map<string, TransportSession> = new Map();\n\n /** Creation timestamp */\n readonly createdAt: number;\n\n protected constructor(ctx: AuthorizationCreateCtx) {\n this.id = ctx.id;\n this.isAnonymous = ctx.isAnonymous;\n this.user = ctx.user;\n this.claims = ctx.claims;\n this.expiresAt = ctx.expiresAt;\n this.scopes = ctx.scopes ?? [];\n this.token = ctx.token;\n this.createdAt = Date.now();\n\n // Initialize authorization projections\n this.authorizedProviders = ctx.authorizedProviders ?? {};\n this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);\n this.authorizedApps = ctx.authorizedApps ?? {};\n this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);\n this.authorizedTools = ctx.authorizedTools ?? {};\n this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);\n this.authorizedPrompts = ctx.authorizedPrompts ?? {};\n this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);\n this.authorizedResources = ctx.authorizedResources ?? [];\n }\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession {\n const sessionId = randomUUID();\n\n const session: TransportSession = {\n id: sessionId,\n authorizationId: this.id,\n protocol,\n createdAt: Date.now(),\n expiresAt: this.expiresAt,\n nodeId: getMachineId(),\n clientFingerprint: fingerprint,\n };\n\n this.#sessions.set(session.id, session);\n return session;\n }\n\n /**\n * Get existing transport session by ID\n */\n getTransportSession(sessionId: string): TransportSession | undefined {\n return this.#sessions.get(sessionId);\n }\n\n /**\n * Get all active transport sessions\n */\n getAllSessions(): TransportSession[] {\n return Array.from(this.#sessions.values());\n }\n\n /**\n * Remove a transport session\n */\n removeTransportSession(sessionId: string): boolean {\n return this.#sessions.delete(sessionId);\n }\n\n /**\n * Get count of active sessions\n */\n get sessionCount(): number {\n return this.#sessions.size;\n }\n\n /**\n * Abstract: Get access token for a provider\n * Implementation varies by mode:\n * - Public: throws (no tokens)\n * - Transparent: returns the original bearer token\n * - Orchestrated: retrieves from vault/store\n */\n abstract getToken(providerId?: string): Promise<string>;\n\n /**\n * Check if a scope is granted\n */\n hasScope(scope: string): boolean {\n return this.scopes.includes(scope);\n }\n\n /**\n * Check if all scopes are granted\n */\n hasAllScopes(scopes: string[]): boolean {\n return scopes.every((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if any scope is granted\n */\n hasAnyScope(scopes: string[]): boolean {\n return scopes.some((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if a tool is authorized\n */\n canAccessTool(toolId: string): boolean {\n return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);\n }\n\n /**\n * Check if a prompt is authorized\n */\n canAccessPrompt(promptId: string): boolean {\n return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);\n }\n\n /**\n * Check if an app is authorized.\n * Used for progressive authorization to determine if tools from this app can be executed.\n * @param appId - App ID to check\n */\n isAppAuthorized(appId: string): boolean {\n return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);\n }\n\n /**\n * Build URL for progressive/incremental authorization.\n * Used when a tool requires authorization for an app that was skipped during initial auth.\n * @param appId - App ID that requires authorization\n * @param baseUrl - Base URL of the server\n */\n getProgressiveAuthUrl(appId: string, baseUrl: string): string {\n return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;\n }\n\n /**\n * Check if the authorization is expired\n */\n isExpired(): boolean {\n if (!this.expiresAt) return false;\n return Date.now() > this.expiresAt;\n }\n\n /**\n * Get time until expiration in milliseconds\n * Returns undefined if no expiration, negative if expired\n */\n getTimeToExpiry(): number | undefined {\n if (!this.expiresAt) return undefined;\n return this.expiresAt - Date.now();\n }\n\n /**\n * Convert a transport session to encrypted session JWT\n * This is what gets sent in the Mcp-Session-Id header\n */\n toSessionJwt(session: TransportSession): string {\n const payload: SessionJwtPayload = {\n sid: session.id,\n aid: this.id,\n proto: session.protocol,\n nid: session.nodeId,\n iat: Math.floor(Date.now() / 1000),\n exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,\n };\n return encryptJson(payload);\n }\n\n /**\n * Convert to LLM-safe context (no tokens exposed)\n */\n toLLMSafeContext(session: TransportSession): LLMSafeAuthContext {\n return {\n authorizationId: this.id,\n sessionId: session.id,\n mode: this.mode,\n isAnonymous: this.isAnonymous,\n user: {\n sub: this.user.sub,\n name: this.user.name,\n },\n scopes: this.scopes,\n authorizedToolIds: this.authorizedToolIds,\n authorizedPromptIds: this.authorizedPromptIds,\n };\n }\n\n /**\n * Validate that no tokens are leaked in data\n * Throws if JWT pattern detected\n */\n static validateNoTokenLeakage(data: unknown): void {\n const json = JSON.stringify(data);\n // Detect JWT pattern (header.payload.signature)\n if (/eyJ[A-Za-z0-9_-]+\\.eyJ[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+/.test(json)) {\n throw new Error('SECURITY: Token detected in data - potential LLM context leak');\n }\n // Detect sensitive field names\n const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];\n for (const field of sensitiveFields) {\n if (json.includes(`\"${field}\"`)) {\n throw new Error(`SECURITY: Sensitive field \"${field}\" detected - potential leak`);\n }\n }\n }\n}\n"]}
package/src/auth/authorization/authorization.types.js DELETED
@@ -1,79 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.types.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.progressiveAuthStateSchema = exports.appAuthorizationRecordSchema = exports.appAuthStateSchema = exports.AppAuthState = exports.llmSafeAuthContextSchema = exports.authModeSchema = exports.authorizedPromptSchema = exports.authorizedToolSchema = exports.authUserSchema = void 0;
5
- const zod_1 = require("zod");
6
- // ============================================
7
- // Zod Schemas
8
- // ============================================
9
- exports.authUserSchema = zod_1.z.object({
10
- sub: zod_1.z.string(),
11
- name: zod_1.z.string().optional(),
12
- email: zod_1.z.string().email().optional(),
13
- picture: zod_1.z.string().url().optional(),
14
- anonymous: zod_1.z.boolean().optional(),
15
- });
16
- exports.authorizedToolSchema = zod_1.z.object({
17
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
18
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
19
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
20
- });
21
- exports.authorizedPromptSchema = zod_1.z.object({
22
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
23
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
24
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
25
- });
26
- exports.authModeSchema = zod_1.z.enum(['public', 'transparent', 'orchestrated']);
27
- exports.llmSafeAuthContextSchema = zod_1.z.object({
28
- authorizationId: zod_1.z.string(),
29
- sessionId: zod_1.z.string(),
30
- mode: exports.authModeSchema,
31
- isAnonymous: zod_1.z.boolean(),
32
- user: zod_1.z.object({
33
- sub: zod_1.z.string(),
34
- name: zod_1.z.string().optional(),
35
- }),
36
- scopes: zod_1.z.array(zod_1.z.string()),
37
- authorizedToolIds: zod_1.z.array(zod_1.z.string()),
38
- authorizedPromptIds: zod_1.z.array(zod_1.z.string()),
39
- });
40
- // ============================================
41
- // Progressive/Incremental Authorization Types
42
- // ============================================
43
- /**
44
- * State of app authorization within a session.
45
- * Used for progressive authorization flow.
46
- */
47
- var AppAuthState;
48
- (function (AppAuthState) {
49
- /** App has been fully authorized with tokens stored */
50
- AppAuthState["AUTHORIZED"] = "authorized";
51
- /** User explicitly skipped this app during initial auth */
52
- AppAuthState["SKIPPED"] = "skipped";
53
- /** App authorization is pending (not yet presented to user) */
54
- AppAuthState["PENDING"] = "pending";
55
- })(AppAuthState || (exports.AppAuthState = AppAuthState = {}));
56
- /**
57
- * Zod schema for AppAuthState enum
58
- */
59
- exports.appAuthStateSchema = zod_1.z.nativeEnum(AppAuthState);
60
- /**
61
- * Zod schema for AppAuthorizationRecord
62
- */
63
- exports.appAuthorizationRecordSchema = zod_1.z.object({
64
- appId: zod_1.z.string(),
65
- state: exports.appAuthStateSchema,
66
- stateChangedAt: zod_1.z.number(),
67
- grantedScopes: zod_1.z.array(zod_1.z.string()).optional(),
68
- authProviderId: zod_1.z.string().optional(),
69
- toolIds: zod_1.z.array(zod_1.z.string()),
70
- });
71
- /**
72
- * Zod schema for ProgressiveAuthState
73
- */
74
- exports.progressiveAuthStateSchema = zod_1.z.object({
75
- apps: zod_1.z.record(zod_1.z.string(), exports.appAuthorizationRecordSchema),
76
- initiallyAuthorized: zod_1.z.array(zod_1.z.string()),
77
- initiallySkipped: zod_1.z.array(zod_1.z.string()),
78
- });
79
- //# sourceMappingURL=authorization.types.js.map
package/src/auth/authorization/authorization.types.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.types.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.types.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,6BAAwB;AAiNxB,+CAA+C;AAC/C,cAAc;AACd,+CAA+C;AAElC,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;IACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;IACpC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,SAAS,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAClC,CAAC,CAAC;AAEU,QAAA,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,cAAc,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC,CAAC;AAEnE,QAAA,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC/C,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE;IAC3B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE;IACrB,IAAI,EAAE,sBAAc;IACpB,WAAW,EAAE,OAAC,CAAC,OAAO,EAAE;IACxB,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC;QACb,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;QACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC5B,CAAC;IACF,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACtC,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACzC,CAAC,CAAC;AAEH,+CAA+C;AAC/C,8CAA8C;AAC9C,+CAA+C;AAE/C;;;GAGG;AACH,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,uDAAuD;IACvD,yCAAyB,CAAA;IACzB,2DAA2D;IAC3D,mCAAmB,CAAA;IACnB,+DAA+D;IAC/D,mCAAmB,CAAA;AACrB,CAAC,EAPW,YAAY,4BAAZ,YAAY,QAOvB;AAmCD;;GAEG;AACU,QAAA,kBAAkB,GAAG,OAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAE7D;;GAEG;AACU,QAAA,4BAA4B,GAAG,OAAC,CAAC,MAAM,CAAC;IACnD,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,KAAK,EAAE,0BAAkB;IACzB,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE;IAC1B,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC7C,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CAC7B,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IACjD,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,oCAA4B,CAAC;IACxD,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACxC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACtC,CAAC,CAAC","sourcesContent":["// auth/authorization/authorization.types.ts\n\nimport { z } from 'zod';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { TransportSession, TransportProtocol } from '../session';\nimport type { AuthMode } from '../../common';\n\n/**\n * User identity from authentication\n */\nexport interface AuthUser {\n /** Subject identifier */\n sub: string;\n /** Display name */\n name?: string;\n /** Email address */\n email?: string;\n /** Profile picture URL */\n picture?: string;\n /** Whether this is an anonymous user */\n anonymous?: boolean;\n}\n\n/**\n * Authorized tool entry\n */\nexport interface AuthorizedTool {\n /** Execution path: [appId, toolId] */\n executionPath: [appId: string, toolId: string];\n /** Required scopes for this tool */\n scopes?: string[];\n /** Additional tool metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorized prompt entry\n */\nexport interface AuthorizedPrompt {\n /** Execution path: [appId, promptId] */\n executionPath: [appId: string, promptId: string];\n /** Required scopes for this prompt */\n scopes?: string[];\n /** Additional prompt metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorization represents the authenticated user context.\n * Created from JWT verification, independent of transport.\n * One authorization can have multiple transport sessions.\n */\nexport interface Authorization {\n /** Unique authorization ID (derived from token signature) */\n readonly id: string;\n\n /** Auth mode that created this authorization */\n readonly mode: AuthMode;\n\n /** Whether this is an anonymous/public authorization */\n readonly isAnonymous: boolean;\n\n /** User identity */\n readonly user: AuthUser;\n\n /** JWT claims */\n readonly claims?: Record<string, unknown>;\n\n /** Token expiration (epoch ms) */\n readonly expiresAt?: number;\n\n /** Granted scopes */\n readonly scopes: string[];\n\n /** Authorized providers (for orchestrated mode) */\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n\n /** Authorized provider IDs */\n readonly authorizedProviderIds: string[];\n\n /** Authorized apps */\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n\n /** Authorized app IDs */\n readonly authorizedAppIds: string[];\n\n /** Authorized tools */\n readonly authorizedTools: Record<string, AuthorizedTool>;\n\n /** Authorized tool IDs */\n readonly authorizedToolIds: string[];\n\n /** Authorized prompts */\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n\n /** Authorized prompt IDs */\n readonly authorizedPromptIds: string[];\n\n /** Authorized resources */\n readonly authorizedResources: string[];\n\n /**\n * Get access token for a provider (orchestrated mode)\n * @param providerId - Provider ID, defaults to primary\n */\n getToken(providerId?: string): Promise<string>;\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession;\n\n /**\n * Get existing transport session by ID\n * @param sessionId - Session ID to retrieve\n */\n getTransportSession(sessionId: string): TransportSession | undefined;\n\n /**\n * Check if a scope is granted\n * @param scope - Scope to check\n */\n hasScope(scope: string): boolean;\n\n /**\n * Check if all scopes are granted\n * @param scopes - Scopes to check\n */\n hasAllScopes(scopes: string[]): boolean;\n\n /**\n * Check if any scope is granted\n * @param scopes - Scopes to check\n */\n hasAnyScope(scopes: string[]): boolean;\n\n /**\n * Check if a tool is authorized\n * @param toolId - Tool ID to check\n */\n canAccessTool(toolId: string): boolean;\n\n /**\n * Check if a prompt is authorized\n * @param promptId - Prompt ID to check\n */\n canAccessPrompt(promptId: string): boolean;\n}\n\n/**\n * Context for creating an authorization\n */\nexport interface AuthorizationCreateCtx {\n /** Unique ID (typically token signature fingerprint) */\n id: string;\n /** Whether this is anonymous */\n isAnonymous: boolean;\n /** User identity */\n user: AuthUser;\n /** JWT claims */\n claims?: Record<string, unknown>;\n /** Token expiration (epoch ms) */\n expiresAt?: number;\n /** Granted scopes */\n scopes?: string[];\n /** The original token (for transparent mode) */\n token?: string;\n /** Authorized providers */\n authorizedProviders?: Record<string, ProviderSnapshot>;\n /** Authorized provider IDs */\n authorizedProviderIds?: string[];\n /** Authorized apps */\n authorizedApps?: Record<string, { id: string; toolIds: string[] }>;\n /** Authorized app IDs */\n authorizedAppIds?: string[];\n /** Authorized tools */\n authorizedTools?: Record<string, AuthorizedTool>;\n /** Authorized tool IDs */\n authorizedToolIds?: string[];\n /** Authorized prompts */\n authorizedPrompts?: Record<string, AuthorizedPrompt>;\n /** Authorized prompt IDs */\n authorizedPromptIds?: string[];\n /** Authorized resources */\n authorizedResources?: string[];\n}\n\n/**\n * LLM-safe session context (no tokens exposed)\n */\nexport interface LLMSafeAuthContext {\n /** Authorization ID */\n authorizationId: string;\n /** Session ID */\n sessionId: string;\n /** Auth mode */\n mode: AuthMode;\n /** Whether anonymous */\n isAnonymous: boolean;\n /** User (sub and name only) */\n user: { sub: string; name?: string };\n /** Granted scopes */\n scopes: string[];\n /** Authorized tool IDs */\n authorizedToolIds: string[];\n /** Authorized prompt IDs */\n authorizedPromptIds: string[];\n}\n\n// ============================================\n// Zod Schemas\n// ============================================\n\nexport const authUserSchema = z.object({\n sub: z.string(),\n name: z.string().optional(),\n email: z.string().email().optional(),\n picture: z.string().url().optional(),\n anonymous: z.boolean().optional(),\n});\n\nexport const authorizedToolSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authorizedPromptSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authModeSchema = z.enum(['public', 'transparent', 'orchestrated']);\n\nexport const llmSafeAuthContextSchema = z.object({\n authorizationId: z.string(),\n sessionId: z.string(),\n mode: authModeSchema,\n isAnonymous: z.boolean(),\n user: z.object({\n sub: z.string(),\n name: z.string().optional(),\n }),\n scopes: z.array(z.string()),\n authorizedToolIds: z.array(z.string()),\n authorizedPromptIds: z.array(z.string()),\n});\n\n// ============================================\n// Progressive/Incremental Authorization Types\n// ============================================\n\n/**\n * State of app authorization within a session.\n * Used for progressive authorization flow.\n */\nexport enum AppAuthState {\n /** App has been fully authorized with tokens stored */\n AUTHORIZED = 'authorized',\n /** User explicitly skipped this app during initial auth */\n SKIPPED = 'skipped',\n /** App authorization is pending (not yet presented to user) */\n PENDING = 'pending',\n}\n\n/**\n * App authorization record with state tracking.\n * Stored server-side, NOT in JWT.\n */\nexport interface AppAuthorizationRecord {\n /** App ID */\n appId: string;\n /** Current authorization state */\n state: AppAuthState;\n /** When the state was last changed (epoch ms) */\n stateChangedAt: number;\n /** Scopes granted for this app */\n grantedScopes?: string[];\n /** Auth provider ID used for this app */\n authProviderId?: string;\n /** Tool IDs accessible through this app authorization */\n toolIds: string[];\n}\n\n/**\n * Progressive auth session state.\n * Tracks which apps are authorized, skipped, or pending.\n * Stored server-side for security.\n */\nexport interface ProgressiveAuthState {\n /** App authorization records by app ID */\n apps: Record<string, AppAuthorizationRecord>;\n /** Apps authorized during initial auth */\n initiallyAuthorized: string[];\n /** Apps skipped during initial auth */\n initiallySkipped: string[];\n}\n\n/**\n * Zod schema for AppAuthState enum\n */\nexport const appAuthStateSchema = z.nativeEnum(AppAuthState);\n\n/**\n * Zod schema for AppAuthorizationRecord\n */\nexport const appAuthorizationRecordSchema = z.object({\n appId: z.string(),\n state: appAuthStateSchema,\n stateChangedAt: z.number(),\n grantedScopes: z.array(z.string()).optional(),\n authProviderId: z.string().optional(),\n toolIds: z.array(z.string()),\n});\n\n/**\n * Zod schema for ProgressiveAuthState\n */\nexport const progressiveAuthStateSchema = z.object({\n apps: z.record(z.string(), appAuthorizationRecordSchema),\n initiallyAuthorized: z.array(z.string()),\n initiallySkipped: z.array(z.string()),\n});\n"]}
package/src/auth/authorization/index.js DELETED
@@ -1,19 +0,0 @@
1
- "use strict";
2
- // auth/authorization/index.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.OrchestratedAuthorization = exports.TransparentAuthorization = exports.PublicAuthorization = exports.getMachineId = exports.AuthorizationBase = void 0;
5
- const tslib_1 = require("tslib");
6
- // Types
7
- tslib_1.__exportStar(require("./authorization.types"), exports);
8
- // Base class
9
- var authorization_class_1 = require("./authorization.class");
10
- Object.defineProperty(exports, "AuthorizationBase", { enumerable: true, get: function () { return authorization_class_1.AuthorizationBase; } });
11
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return authorization_class_1.getMachineId; } });
12
- // Mode-specific implementations
13
- var public_authorization_1 = require("./public.authorization");
14
- Object.defineProperty(exports, "PublicAuthorization", { enumerable: true, get: function () { return public_authorization_1.PublicAuthorization; } });
15
- var transparent_authorization_1 = require("./transparent.authorization");
16
- Object.defineProperty(exports, "TransparentAuthorization", { enumerable: true, get: function () { return transparent_authorization_1.TransparentAuthorization; } });
17
- var orchestrated_authorization_1 = require("./orchestrated.authorization");
18
- Object.defineProperty(exports, "OrchestratedAuthorization", { enumerable: true, get: function () { return orchestrated_authorization_1.OrchestratedAuthorization; } });
19
- //# sourceMappingURL=index.js.map
package/src/auth/authorization/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/auth/authorization/index.ts"],"names":[],"mappings":";AAAA,8BAA8B;;;;AAE9B,QAAQ;AACR,gEAAsC;AAEtC,aAAa;AACb,6DAAwE;AAA/D,wHAAA,iBAAiB,OAAA;AAAE,mHAAA,YAAY,OAAA;AAExC,gCAAgC;AAChC,+DAA2F;AAAlF,2HAAA,mBAAmB,OAAA;AAC5B,yEAIqC;AAHnC,qIAAA,wBAAwB,OAAA;AAI1B,2EAMsC;AALpC,uIAAA,yBAAyB,OAAA","sourcesContent":["// auth/authorization/index.ts\n\n// Types\nexport * from './authorization.types';\n\n// Base class\nexport { AuthorizationBase, getMachineId } from './authorization.class';\n\n// Mode-specific implementations\nexport { PublicAuthorization, PublicAuthorizationCreateCtx } from './public.authorization';\nexport {\n TransparentAuthorization,\n TransparentAuthorizationCreateCtx,\n TransparentVerifiedPayload,\n} from './transparent.authorization';\nexport {\n OrchestratedAuthorization,\n OrchestratedAuthorizationCreateCtx,\n OrchestratedProviderState,\n TokenStore,\n TokenRefreshCallback,\n} from './orchestrated.authorization';\n"]}