@frontmcp/sdk 0.6.0 → 0.6.2

package/src/common/interfaces/scope.interface.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"scope.interface.js","sourceRoot":"","sources":["../../../../src/common/interfaces/scope.interface.ts"],"names":[],"mappings":"","sourcesContent":["import { Type } from './base.interface';\n\nexport interface ScopeInterface {\n\n}\n\nexport type ScopeType = Type<ScopeInterface>\n\n\nexport {\n  ScopeInterface as FrontMcpScopeInterface,\n  ScopeType as FrontMcpScopeType,\n}"]}

package/src/common/interfaces/server.interface.js

@@ -1,18 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.FrontMcpServer = exports.ServerResponse = exports.ServerRequest = void 0;
-const http_1 = require("http");
-class ServerRequest extends http_1.IncomingMessage {
-    path;
-    query;
-    body;
-    authSession;
-}
-exports.ServerRequest = ServerRequest;
-class ServerResponse extends http_1.ServerResponse {
-}
-exports.ServerResponse = ServerResponse;
-class FrontMcpServer {
-}
-exports.FrontMcpServer = FrontMcpServer;
-//# sourceMappingURL=server.interface.js.map

package/src/common/interfaces/server.interface.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"server.interface.js","sourceRoot":"","sources":["../../../../src/common/interfaces/server.interface.ts"],"names":[],"mappings":";;;AAAA,+BAA6E;AAK7E,MAAa,aAAc,SAAQ,sBAAe;IAEhD,IAAI,CAAS;IAGb,KAAK,CAAoC;IACzC,IAAI,CAAO;IACX,WAAW,CAAiB;CAC7B;AARD,sCAQC;AAED,MAAsB,cAAe,SAAQ,qBAAkB;CAU9D;AAVD,wCAUC;AAMD,MAAsB,cAAc;CAwCnC;AAxCD,wCAwCC","sourcesContent":["import { IncomingMessage, ServerResponse as HttpServerResponse } from 'http';\nimport { Authorization } from '../types'; // TODO: move to internal\n\nexport type HttpMethod = 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'OPTIONS' | 'HEAD';\n\nexport class ServerRequest extends IncomingMessage {\n  declare method: HttpMethod;\n  path: string;\n  declare url: string;\n  declare headers: Record<string, string>;\n  query: Record<string, string | string[]>;\n  body?: any;\n  authSession?: Authorization;\n}\n\nexport abstract class ServerResponse extends HttpServerResponse {\n  abstract status(code: number): ServerResponse;\n\n  abstract json(payload: any): void;\n\n  abstract send(payload: any): void;\n\n  abstract redirect(url: string): void;\n\n  abstract redirect(status: number, url: string): void;\n}\n\nexport type NextFn = () => Promise<void> | void;\n\nexport type ServerRequestHandler = (req: ServerRequest, res: ServerResponse, next: NextFn) => Promise<void> | void;\n\nexport abstract class FrontMcpServer {\n  /**\n   * Register a middleware handler for a specific entry path.\n   * @param entryPath - e.g. '' or '/mcp'\n   * @param handler - (req, res, next) => {// middleware // next()}\n   */\n  abstract registerMiddleware(entryPath: string, handler: ServerRequestHandler): Promise<void> | void;\n\n  /**\n   * Register a route handler for a specific path.\n   * @param method - e.g. 'GET' or 'POST'\n   * @param path - e.g. '/mcp/invoke'\n   * @param handler - (req, res) => {// route handler // res.end() }\n   */\n  abstract registerRoute(method: HttpMethod, path: string, handler: ServerRequestHandler): Promise<void> | void;\n\n  /**\n   * Enhance a request handler with request/response processing and error handling.\n   * This handle will be stored as the first middleware in the chain to align adapter handler\n   * with the gateway's request/response processing.\n   */\n  abstract enhancedHandler(\n    handler: ServerRequestHandler,\n  ): (req: any, res: any, next: () => any) => Promise<void> | void;\n\n  /**\n   * Prepares the server routes without starting the HTTP listener.\n   * Used for serverless deployments (Vercel, AWS Lambda, etc.)\n   */\n  abstract prepare(): void;\n\n  /**\n   * Returns the underlying HTTP handler for serverless exports.\n   */\n  abstract getHandler(): unknown;\n\n  /**\n   *  Start the server on the specified port\n   */\n  abstract start(port?: number): Promise<void> | void;\n}\n"]}

package/src/common/interfaces/session-hook.interface.js

@@ -1,140 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SessionHookStage = void 0;
-/**
- * Lifecycle stages for session invocation.
- *
- * Ordering notes:
- * - "will*" stages run before the action; "did*" stages run after.
- * - Higher `priority()` runs earlier for "will*" (outermost), and later for "did*".
- * - Finalization stages (`willFinalize`, `willAudit`, `didAudit`, `onMetrics`) should be placed
- *   in your plan’s `finalize` array to run on both success and error paths.
- *
- * Control flow:
- * - Hooks may call `ctx.respond(value)` to short-circuit with a return value.
- * - Hooks may call `ctx.abort(reason, code?, httpStatus?)` to stop with an error.
- *
- * Common context fields:
- * - `ctx.sessionId` SecureMcp session id (== secureJwt) once created/validated.
- * - `ctx.input`/`output` Arbitrary payloads for the current flow.
- * - `ctx.data` Shared bag for cross-hook state.
- * - `ctx.providers` Optional provider views if needed for UI/selection.
- */
-var SessionHookStage;
-(function (SessionHookStage) {
-    /** Prepare a new session (or re-register an incoming secureJwt).
-     * Responsibilities:
-     * - Validate incoming token (if any); compute defaults; attach user hints.
-     * - Initialize per-session resources and attach to `ctx.data`.
-     * Failure modes:
-     * - `ctx.abort('invalid jwt', 'INVALID_SESSION', 401)`.
-     */
-    SessionHookStage["willCreateSession"] = "willCreateSession";
-    /** Session created and registered.
-     * Responsibilities:
-     * - Announce readiness (mount handlers/streams), emit side-effects if needed.
-     * - Optionally shape `ctx.output` with a `SessionContextView`.
-     */
-    SessionHookStage["didCreateSession"] = "didCreateSession";
-    /** Bind DI providers needed for this session/request.
-     * Responsibilities:
-     * - Resolve and bind providers so later hooks can `ctx.get(...)`.
-     * - May set `ctx.bindProvider/bindProviders` helpers.
-     */
-    SessionHookStage["willBindProviders"] = "willBindProviders";
-    // ---------- Auth (within a session) ----------
-    /** Signal the beginning of an auth sequence in the scope of this session.
-     * Responsibilities:
-     * - Initialize auth-related state (PKCE/state, CSRF, telemetry).
-     * - Decide transport (SSE/StreamableHTTP) for status/URL events if applicable.
-     */
-    SessionHookStage["willBeginAuth"] = "willBeginAuth";
-    /** Streamable authorization progress within the session.
-     * Responsibilities:
-     * - Emit URL/status events (e.g., “authorize_url”, “awaiting_callback”).
-     * - Optionally `ctx.respond({event: ...})` for push-style transports.
-     */
-    SessionHookStage["willAuthorize"] = "willAuthorize";
-    /** Prepare and gate the token exchange with the provider.
-     * Responsibilities:
-     * - Verify callback params; ensure prerequisites (sessionId present).
-     * - Compute exchange request; rate-limit/anti-replay checks.
-     * Failure modes:
-     * - `ctx.abort('invalid state/pkce', 'OAUTH_CALLBACK_ERROR', 400)`.
-     */
-    SessionHookStage["willExchangeToken"] = "willExchangeToken";
-    /** SecureMcp JWT has been minted/confirmed for this session.
-     * Responsibilities:
-     * - React to issuance (e.g., persist session claims, notify listeners).
-     * Notes:
-     * - Fired once the session’s secureJwt is known; avoid logging secrets.
-     */
-    SessionHookStage["didIssueSecureJwt"] = "didIssueSecureJwt";
-    /** Encrypt and store provider tokens for this session.
-     * Responsibilities:
-     * - Write encrypted blobs to the session record (per provider).
-     * - Derive minimal metadata (scopes/expiry) for later claims-only exposure.
-     */
-    SessionHookStage["willStoreTokens"] = "willStoreTokens";
-    // ---------- Access (read path) ----------
-    /** Authorize and prepare a session read.
-     * Responsibilities:
-     * - Validate access to the session; attach read-scoped providers if required.
-     * - Optionally shape a partial view before execute.
-     */
-    SessionHookStage["willGetSession"] = "willGetSession";
-    /** Post-process the session view.
-     * Responsibilities:
-     * - Redact/transform/derive fields for the final response.
-     * - Set `ctx.output` to a `SessionContextView`.
-     */
-    SessionHookStage["didGetSession"] = "didGetSession";
-    // ---------- Disposal ----------
-    /** Announce shutdown and allow flush/cleanup.
-     * Responsibilities:
-     * - Close streams, unsubscribe listeners, schedule disposers.
-     */
-    SessionHookStage["willDisposeSession"] = "willDisposeSession";
-    /** Confirm teardown and emit metrics.
-     * Responsibilities:
-     * - Final confirmation of resource release; summarize outcome.
-     */
-    SessionHookStage["didDisposeSession"] = "didDisposeSession";
-    // ---------- Finalize / audit / metrics / errors ----------
-    /** Optional “late finally” hook if you need a single place before audit/metrics.
-     * Responsibilities:
-     * - Last-chance cleanup across success/error paths (idempotent, non-throwing).
-     * Notes:
-     * - Include this stage in your plan’s `finalize` array to activate.
-     */
-    SessionHookStage["willFinalize"] = "willFinalize";
-    /** Centralized error handler.
-     * Responsibilities:
-     * - Redact sensitive data; map internal errors to public codes.
-     * - Optionally `ctx.respond({ error })` or `ctx.abort(...)`.
-     * Notes:
-     * - Should not throw; runs before audit/metrics finalize.
-     */
-    SessionHookStage["onError"] = "onError";
-    /** Pre-audit collection on both success and error paths.
-     * Responsibilities:
-     * - Build audit envelope (actor, sessionId, providers touched).
-     * - Normalize and strip secrets (no raw tokens).
-     */
-    SessionHookStage["willAudit"] = "willAudit";
-    /** Persist/emit the audit record.
-     * Responsibilities:
-     * - Write to audit sink(s) with outcome and timings.
-     * - Correlate via `ctx.requestId`/`ctx.sessionId`.
-     */
-    SessionHookStage["didAudit"] = "didAudit";
-    /** Telemetry/metrics emission for both success and errors.
-     * Responsibilities:
-     * - Counters & timings (create/get/dispose/auth/exchange/store).
-     * - Error code/tag cardinality kept small for SLOs/alerts.
-     * Constraints:
-     * - Non-throwing; must not alter control flow.
-     */
-    SessionHookStage["onMetrics"] = "onMetrics";
-})(SessionHookStage || (exports.SessionHookStage = SessionHookStage = {}));
-//# sourceMappingURL=session-hook.interface.js.map

package/src/common/interfaces/session-hook.interface.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-hook.interface.js","sourceRoot":"","sources":["../../../../src/common/interfaces/session-hook.interface.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,IAAY,gBAuIX;AAvID,WAAY,gBAAgB;IAC1B;;;;;;OAMG;IACH,2DAAuC,CAAA;IAEvC;;;;OAIG;IACH,yDAAqC,CAAA;IAErC;;;;OAIG;IACH,2DAAuC,CAAA;IAEvC,gDAAgD;IAEhD;;;;OAIG;IACH,mDAA+B,CAAA;IAE/B;;;;OAIG;IACH,mDAA+B,CAAA;IAE/B;;;;;;OAMG;IACH,2DAAuC,CAAA;IAEvC;;;;;OAKG;IACH,2DAAuC,CAAA;IAEvC;;;;OAIG;IACH,uDAAmC,CAAA;IAEnC,2CAA2C;IAE3C;;;;OAIG;IACH,qDAAiC,CAAA;IAEjC;;;;OAIG;IACH,mDAA+B,CAAA;IAE/B,iCAAiC;IAEjC;;;OAGG;IACH,6DAAyC,CAAA;IAEzC;;;OAGG;IACH,2DAAuC,CAAA;IAEvC,4DAA4D;IAE5D;;;;;OAKG;IACH,iDAA6B,CAAA;IAE7B;;;;;;OAMG;IACH,uCAAmB,CAAA;IAEnB;;;;OAIG;IACH,2CAAuB,CAAA;IAEvB;;;;OAIG;IACH,yCAAqB,CAAA;IAErB;;;;;;OAMG;IACH,2CAAuB,CAAA;AACzB,CAAC,EAvIW,gBAAgB,gCAAhB,gBAAgB,QAuI3B","sourcesContent":["/**\n * Lifecycle stages for session invocation.\n *\n * Ordering notes:\n * - \"will*\" stages run before the action; \"did*\" stages run after.\n * - Higher `priority()` runs earlier for \"will*\" (outermost), and later for \"did*\".\n * - Finalization stages (`willFinalize`, `willAudit`, `didAudit`, `onMetrics`) should be placed\n *   in your plan’s `finalize` array to run on both success and error paths.\n *\n * Control flow:\n * - Hooks may call `ctx.respond(value)` to short-circuit with a return value.\n * - Hooks may call `ctx.abort(reason, code?, httpStatus?)` to stop with an error.\n *\n * Common context fields:\n * - `ctx.sessionId` SecureMcp session id (== secureJwt) once created/validated.\n * - `ctx.input`/`output` Arbitrary payloads for the current flow.\n * - `ctx.data` Shared bag for cross-hook state.\n * - `ctx.providers` Optional provider views if needed for UI/selection.\n */\nexport enum SessionHookStage {\n  /** Prepare a new session (or re-register an incoming secureJwt).\n   * Responsibilities:\n   * - Validate incoming token (if any); compute defaults; attach user hints.\n   * - Initialize per-session resources and attach to `ctx.data`.\n   * Failure modes:\n   * - `ctx.abort('invalid jwt', 'INVALID_SESSION', 401)`.\n   */\n  willCreateSession = 'willCreateSession',\n\n  /** Session created and registered.\n   * Responsibilities:\n   * - Announce readiness (mount handlers/streams), emit side-effects if needed.\n   * - Optionally shape `ctx.output` with a `SessionContextView`.\n   */\n  didCreateSession = 'didCreateSession',\n\n  /** Bind DI providers needed for this session/request.\n   * Responsibilities:\n   * - Resolve and bind providers so later hooks can `ctx.get(...)`.\n   * - May set `ctx.bindProvider/bindProviders` helpers.\n   */\n  willBindProviders = 'willBindProviders',\n\n  // ---------- Auth (within a session) ----------\n\n  /** Signal the beginning of an auth sequence in the scope of this session.\n   * Responsibilities:\n   * - Initialize auth-related state (PKCE/state, CSRF, telemetry).\n   * - Decide transport (SSE/StreamableHTTP) for status/URL events if applicable.\n   */\n  willBeginAuth = 'willBeginAuth',\n\n  /** Streamable authorization progress within the session.\n   * Responsibilities:\n   * - Emit URL/status events (e.g., “authorize_url”, “awaiting_callback”).\n   * - Optionally `ctx.respond({event: ...})` for push-style transports.\n   */\n  willAuthorize = 'willAuthorize', // stream-able events (URL/status)\n\n  /** Prepare and gate the token exchange with the provider.\n   * Responsibilities:\n   * - Verify callback params; ensure prerequisites (sessionId present).\n   * - Compute exchange request; rate-limit/anti-replay checks.\n   * Failure modes:\n   * - `ctx.abort('invalid state/pkce', 'OAUTH_CALLBACK_ERROR', 400)`.\n   */\n  willExchangeToken = 'willExchangeToken',\n\n  /** SecureMcp JWT has been minted/confirmed for this session.\n   * Responsibilities:\n   * - React to issuance (e.g., persist session claims, notify listeners).\n   * Notes:\n   * - Fired once the session’s secureJwt is known; avoid logging secrets.\n   */\n  didIssueSecureJwt = 'didIssueSecureJwt',\n\n  /** Encrypt and store provider tokens for this session.\n   * Responsibilities:\n   * - Write encrypted blobs to the session record (per provider).\n   * - Derive minimal metadata (scopes/expiry) for later claims-only exposure.\n   */\n  willStoreTokens = 'willStoreTokens',\n\n  // ---------- Access (read path) ----------\n\n  /** Authorize and prepare a session read.\n   * Responsibilities:\n   * - Validate access to the session; attach read-scoped providers if required.\n   * - Optionally shape a partial view before execute.\n   */\n  willGetSession = 'willGetSession',\n\n  /** Post-process the session view.\n   * Responsibilities:\n   * - Redact/transform/derive fields for the final response.\n   * - Set `ctx.output` to a `SessionContextView`.\n   */\n  didGetSession = 'didGetSession',\n\n  // ---------- Disposal ----------\n\n  /** Announce shutdown and allow flush/cleanup.\n   * Responsibilities:\n   * - Close streams, unsubscribe listeners, schedule disposers.\n   */\n  willDisposeSession = 'willDisposeSession',\n\n  /** Confirm teardown and emit metrics.\n   * Responsibilities:\n   * - Final confirmation of resource release; summarize outcome.\n   */\n  didDisposeSession = 'didDisposeSession',\n\n  // ---------- Finalize / audit / metrics / errors ----------\n\n  /** Optional “late finally” hook if you need a single place before audit/metrics.\n   * Responsibilities:\n   * - Last-chance cleanup across success/error paths (idempotent, non-throwing).\n   * Notes:\n   * - Include this stage in your plan’s `finalize` array to activate.\n   */\n  willFinalize = 'willFinalize',\n\n  /** Centralized error handler.\n   * Responsibilities:\n   * - Redact sensitive data; map internal errors to public codes.\n   * - Optionally `ctx.respond({ error })` or `ctx.abort(...)`.\n   * Notes:\n   * - Should not throw; runs before audit/metrics finalize.\n   */\n  onError = 'onError',\n\n  /** Pre-audit collection on both success and error paths.\n   * Responsibilities:\n   * - Build audit envelope (actor, sessionId, providers touched).\n   * - Normalize and strip secrets (no raw tokens).\n   */\n  willAudit = 'willAudit',\n\n  /** Persist/emit the audit record.\n   * Responsibilities:\n   * - Write to audit sink(s) with outcome and timings.\n   * - Correlate via `ctx.requestId`/`ctx.sessionId`.\n   */\n  didAudit = 'didAudit',\n\n  /** Telemetry/metrics emission for both success and errors.\n   * Responsibilities:\n   * - Counters & timings (create/get/dispose/auth/exchange/store).\n   * - Error code/tag cardinality kept small for SLOs/alerts.\n   * Constraints:\n   * - Non-throwing; must not alter control flow.\n   */\n  onMetrics = 'onMetrics',\n}\n"]}

package/src/common/interfaces/tool-hook.interface.js

@@ -1,92 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ToolHookStage = void 0;
-/**
- * Lifecycle stages for tool invocation.
- *
- * Ordering notes:
- * - "will*" stages run before the action; "did*" run after.
- * - Higher `priority()` runs earlier for "will*" (outermost for wrappers), and later for "did*".
- * - `aroundExecute` wraps the actual execution block (including will/didExecute inside).
- *
- * Control flow:
- * - Hooks may call `ctx.respond(value)` to short-circuit with a value.
- * - Hooks may call `ctx.abort(reason, code?, httpStatus?)` to deny/stop.
- * - Hooks may call `ctx.retryAfter(ms, reason?)` to signal backoff.
- */
-var ToolHookStage;
-(function (ToolHookStage) {
-    /** Bind DI providers needed for this invocation (from ctor tokens + hook/tool `provide()`).
-     * Runs very early so later hooks can use `ctx.get(...)`. */
-    ToolHookStage["willBindProviders"] = "willBindProviders";
-    /** Last chance to populate/shape the invocation context (user, tenant, attrs, ids). */
-    ToolHookStage["willCreateInvokeContext"] = "willCreateInvokeContext";
-    /** Post-context creation; good for sanity checks, tracing decorations. */
-    ToolHookStage["didCreateInvokeContext"] = "didCreateInvokeContext";
-    /** Authorization gate (roles/scopes/RBAC/ABAC). May `abort()` if unauthorized. */
-    ToolHookStage["willAuthorize"] = "willAuthorize";
-    /** Consent gate. May `respond()` with a consent challenge or `abort()` if missing consent. */
-    ToolHookStage["willCheckConsent"] = "willCheckConsent";
-    /** Feature-flag gate (enable/disable per user/tenant/experiment). May `abort()`. */
-    ToolHookStage["willCheckFeatureFlags"] = "willCheckFeatureFlags";
-    // ---------------- Capacity & Resilience ----------------
-    /** Acquire rate-limit quota. May `retryAfter()` or `abort()` on exhaustion. */
-    ToolHookStage["willAcquireQuota"] = "willAcquireQuota";
-    /** Release rate-limit quota (best-effort; typically run in `finally`). */
-    ToolHookStage["didReleaseQuota"] = "didReleaseQuota";
-    /** Acquire concurrency slot/semaphore. May `retryAfter()` or `abort()`. */
-    ToolHookStage["willAcquireSemaphore"] = "willAcquireSemaphore";
-    /** Release concurrency slot/semaphore (best-effort). */
-    ToolHookStage["didReleaseSemaphore"] = "didReleaseSemaphore";
-    // ---------------- Input shaping ----------------
-    /** Parse/coerce raw input (types, defaults). Mutate `ctx.input` as needed. */
-    ToolHookStage["willParseInput"] = "willParseInput";
-    /** Validate business rules for input. May `abort()` on violations. */
-    ToolHookStage["willValidateInput"] = "willValidateInput";
-    /** Normalize/canonicalize input (ids → uuids, trim, sort fields, etc.). */
-    ToolHookStage["willNormalizeInput"] = "willNormalizeInput";
-    /** Apply DLP/minimization to input (mask/drop/hash fields). */
-    ToolHookStage["willRedactInput"] = "willRedactInput";
-    /** Inject credentials/secrets (tokens, API keys) into context or input. */
-    ToolHookStage["willInjectSecrets"] = "willInjectSecrets";
-    // ---------------- Caching ----------------
-    /** Attempt to serve from cache. May `respond(cachedValue)` to short-circuit. */
-    ToolHookStage["willReadCache"] = "willReadCache";
-    /** Metrics/telemetry for cache hit; typically emitted by cache plugin. */
-    ToolHookStage["didCacheHit"] = "didCacheHit";
-    /** Metrics/telemetry for cache miss; typically emitted by cache plugin. */
-    ToolHookStage["didCacheMiss"] = "didCacheMiss";
-    /** Write result to cache after successful execution. */
-    ToolHookStage["willWriteCache"] = "willWriteCache";
-    // ---------------- Execution ----------------
-    /** Around wrapper for execution (timeouts/retries/circuit/tracing). Must call `next()` unless short-circuiting. */
-    ToolHookStage["aroundExecute"] = "aroundExecute";
-    /** Right before calling the tool implementation; may mutate `ctx.input`. */
-    ToolHookStage["willExecute"] = "willExecute";
-    /** Right after tool returns; `ctx.output` is available for downstream hooks. */
-    ToolHookStage["didExecute"] = "didExecute";
-    // ---------------- Output shaping ----------------
-    /** Apply DLP/minimization to output (mask/drop/truncate sensitive fields). */
-    ToolHookStage["willRedactOutput"] = "willRedactOutput";
-    /** Validate output against business/schema rules. May `abort()` or fix. */
-    ToolHookStage["willValidateOutput"] = "willValidateOutput";
-    /** Transform output shape (projection/mapping/pagination). Mutate `ctx.output`. */
-    ToolHookStage["willTransformOutput"] = "willTransformOutput";
-    // ---------------- Retry & Observability ----------------
-    /** Called on each retry attempt by a retry wrapper (emit metrics/backoff hints). */
-    ToolHookStage["onRetry"] = "onRetry";
-    /** Called when retries are exhausted and execution gives up. */
-    ToolHookStage["onGiveUp"] = "onGiveUp";
-    /** Prepare audit payload (apply redaction) and/or write audit logs. */
-    ToolHookStage["willAudit"] = "willAudit";
-    /** Post-audit hook (confirm persistence, forward to sinks). */
-    ToolHookStage["didAudit"] = "didAudit";
-    /** Emit metrics (counters, histograms, traces). */
-    ToolHookStage["onMetrics"] = "onMetrics";
-    // ---------------- Error & Finalization ----------------
-    /** Error handler for unexpected failures or control errors. Can map/normalize errors. */
-    ToolHookStage["onError"] = "onError";
-    /** Always runs at the very end (success or error). Cleanup/releases here. */
-    ToolHookStage["willFinalizeInvoke"] = "willFinalizeInvoke";
-})(ToolHookStage || (exports.ToolHookStage = ToolHookStage = {}));
-//# sourceMappingURL=tool-hook.interface.js.map

package/src/common/interfaces/tool-hook.interface.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"tool-hook.interface.js","sourceRoot":"","sources":["../../../../src/common/interfaces/tool-hook.interface.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;;;GAYG;AACH,IAAY,aA+GX;AA/GD,WAAY,aAAa;IACvB;gEAC4D;IAC5D,wDAAuC,CAAA;IAEvC,uFAAuF;IACvF,oEAAmD,CAAA;IAEnD,0EAA0E;IAC1E,kEAAiD,CAAA;IAEjD,kFAAkF;IAClF,gDAA+B,CAAA;IAE/B,8FAA8F;IAC9F,sDAAqC,CAAA;IAErC,oFAAoF;IACpF,gEAA+C,CAAA;IAE/C,0DAA0D;IAE1D,+EAA+E;IAC/E,sDAAqC,CAAA;IAErC,0EAA0E;IAC1E,oDAAmC,CAAA;IAEnC,2EAA2E;IAC3E,8DAA6C,CAAA;IAE7C,wDAAwD;IACxD,4DAA2C,CAAA;IAE3C,kDAAkD;IAElD,8EAA8E;IAC9E,kDAAiC,CAAA;IAEjC,sEAAsE;IACtE,wDAAuC,CAAA;IAEvC,2EAA2E;IAC3E,0DAAyC,CAAA;IAEzC,+DAA+D;IAC/D,oDAAmC,CAAA;IAEnC,2EAA2E;IAC3E,wDAAuC,CAAA;IAEvC,4CAA4C;IAE5C,gFAAgF;IAChF,gDAA+B,CAAA;IAE/B,0EAA0E;IAC1E,4CAA2B,CAAA;IAE3B,2EAA2E;IAC3E,8CAA6B,CAAA;IAE7B,wDAAwD;IACxD,kDAAiC,CAAA;IAEjC,8CAA8C;IAE9C,mHAAmH;IACnH,gDAA+B,CAAA;IAE/B,4EAA4E;IAC5E,4CAA2B,CAAA;IAE3B,gFAAgF;IAChF,0CAAyB,CAAA;IAEzB,mDAAmD;IAEnD,8EAA8E;IAC9E,sDAAqC,CAAA;IAErC,2EAA2E;IAC3E,0DAAyC,CAAA;IAEzC,mFAAmF;IACnF,4DAA2C,CAAA;IAE3C,0DAA0D;IAE1D,oFAAoF;IACpF,oCAAmB,CAAA;IAEnB,gEAAgE;IAChE,sCAAqB,CAAA;IAErB,uEAAuE;IACvE,wCAAuB,CAAA;IAEvB,+DAA+D;IAC/D,sCAAqB,CAAA;IAErB,mDAAmD;IACnD,wCAAuB,CAAA;IAEvB,yDAAyD;IAEzD,yFAAyF;IACzF,oCAAmB,CAAA;IAEnB,6EAA6E;IAC7E,0DAAyC,CAAA;AAC3C,CAAC,EA/GW,aAAa,6BAAb,aAAa,QA+GxB","sourcesContent":["/**\n * Lifecycle stages for tool invocation.\n *\n * Ordering notes:\n * - \"will*\" stages run before the action; \"did*\" run after.\n * - Higher `priority()` runs earlier for \"will*\" (outermost for wrappers), and later for \"did*\".\n * - `aroundExecute` wraps the actual execution block (including will/didExecute inside).\n *\n * Control flow:\n * - Hooks may call `ctx.respond(value)` to short-circuit with a value.\n * - Hooks may call `ctx.abort(reason, code?, httpStatus?)` to deny/stop.\n * - Hooks may call `ctx.retryAfter(ms, reason?)` to signal backoff.\n */\nexport enum ToolHookStage {\n  /** Bind DI providers needed for this invocation (from ctor tokens + hook/tool `provide()`).\n   * Runs very early so later hooks can use `ctx.get(...)`. */\n  willBindProviders = 'willBindProviders',\n\n  /** Last chance to populate/shape the invocation context (user, tenant, attrs, ids). */\n  willCreateInvokeContext = 'willCreateInvokeContext',\n\n  /** Post-context creation; good for sanity checks, tracing decorations. */\n  didCreateInvokeContext = 'didCreateInvokeContext',\n\n  /** Authorization gate (roles/scopes/RBAC/ABAC). May `abort()` if unauthorized. */\n  willAuthorize = 'willAuthorize',\n\n  /** Consent gate. May `respond()` with a consent challenge or `abort()` if missing consent. */\n  willCheckConsent = 'willCheckConsent',\n\n  /** Feature-flag gate (enable/disable per user/tenant/experiment). May `abort()`. */\n  willCheckFeatureFlags = 'willCheckFeatureFlags',\n\n  // ---------------- Capacity & Resilience ----------------\n\n  /** Acquire rate-limit quota. May `retryAfter()` or `abort()` on exhaustion. */\n  willAcquireQuota = 'willAcquireQuota',\n\n  /** Release rate-limit quota (best-effort; typically run in `finally`). */\n  didReleaseQuota = 'didReleaseQuota',\n\n  /** Acquire concurrency slot/semaphore. May `retryAfter()` or `abort()`. */\n  willAcquireSemaphore = 'willAcquireSemaphore',\n\n  /** Release concurrency slot/semaphore (best-effort). */\n  didReleaseSemaphore = 'didReleaseSemaphore',\n\n  // ---------------- Input shaping ----------------\n\n  /** Parse/coerce raw input (types, defaults). Mutate `ctx.input` as needed. */\n  willParseInput = 'willParseInput',\n\n  /** Validate business rules for input. May `abort()` on violations. */\n  willValidateInput = 'willValidateInput',\n\n  /** Normalize/canonicalize input (ids → uuids, trim, sort fields, etc.). */\n  willNormalizeInput = 'willNormalizeInput',\n\n  /** Apply DLP/minimization to input (mask/drop/hash fields). */\n  willRedactInput = 'willRedactInput',\n\n  /** Inject credentials/secrets (tokens, API keys) into context or input. */\n  willInjectSecrets = 'willInjectSecrets',\n\n  // ---------------- Caching ----------------\n\n  /** Attempt to serve from cache. May `respond(cachedValue)` to short-circuit. */\n  willReadCache = 'willReadCache',\n\n  /** Metrics/telemetry for cache hit; typically emitted by cache plugin. */\n  didCacheHit = 'didCacheHit',\n\n  /** Metrics/telemetry for cache miss; typically emitted by cache plugin. */\n  didCacheMiss = 'didCacheMiss',\n\n  /** Write result to cache after successful execution. */\n  willWriteCache = 'willWriteCache',\n\n  // ---------------- Execution ----------------\n\n  /** Around wrapper for execution (timeouts/retries/circuit/tracing). Must call `next()` unless short-circuiting. */\n  aroundExecute = 'aroundExecute',\n\n  /** Right before calling the tool implementation; may mutate `ctx.input`. */\n  willExecute = 'willExecute',\n\n  /** Right after tool returns; `ctx.output` is available for downstream hooks. */\n  didExecute = 'didExecute',\n\n  // ---------------- Output shaping ----------------\n\n  /** Apply DLP/minimization to output (mask/drop/truncate sensitive fields). */\n  willRedactOutput = 'willRedactOutput',\n\n  /** Validate output against business/schema rules. May `abort()` or fix. */\n  willValidateOutput = 'willValidateOutput',\n\n  /** Transform output shape (projection/mapping/pagination). Mutate `ctx.output`. */\n  willTransformOutput = 'willTransformOutput',\n\n  // ---------------- Retry & Observability ----------------\n\n  /** Called on each retry attempt by a retry wrapper (emit metrics/backoff hints). */\n  onRetry = 'onRetry',\n\n  /** Called when retries are exhausted and execution gives up. */\n  onGiveUp = 'onGiveUp',\n\n  /** Prepare audit payload (apply redaction) and/or write audit logs. */\n  willAudit = 'willAudit',\n\n  /** Post-audit hook (confirm persistence, forward to sinks). */\n  didAudit = 'didAudit',\n\n  /** Emit metrics (counters, histograms, traces). */\n  onMetrics = 'onMetrics',\n\n  // ---------------- Error & Finalization ----------------\n\n  /** Error handler for unexpected failures or control errors. Can map/normalize errors. */\n  onError = 'onError',\n\n  /** Always runs at the very end (success or error). Cleanup/releases here. */\n  willFinalizeInvoke = 'willFinalizeInvoke',\n}\n"]}

package/src/common/interfaces/tool.interface.js

@@ -1,117 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ToolContext = void 0;
-const flow_interface_1 = require("./flow.interface");
-const execution_context_interface_1 = require("./execution-context.interface");
-class ToolContext extends execution_context_interface_1.ExecutionContextBase {
-    toolId;
-    toolName;
-    metadata;
-    // ---- INPUT storages (backing fields)
-    _rawInput;
-    _input;
-    // ---- OUTPUT storages (backing fields)
-    _outputDraft;
-    _output;
-    // ---- histories
-    _inputHistory = [];
-    _outputHistory = [];
-    constructor(args) {
-        const { metadata, input, providers, logger } = args;
-        super({
-            providers,
-            logger: logger.child(`tool:${metadata.id ?? metadata.name}`),
-            authInfo: args.authInfo,
-        });
-        this.toolName = metadata.name;
-        this.toolId = metadata.id ?? metadata.name;
-        this.metadata = metadata;
-        this._input = input;
-    }
-    get input() {
-        return this._input;
-    }
-    set input(v) {
-        this._input = v;
-        this._inputHistory.push({
-            at: Date.now(),
-            stage: this.activeStage,
-            value: v,
-        });
-    }
-    get inputHistory() {
-        return this._inputHistory;
-    }
-    get output() {
-        return this._output;
-    }
-    set output(v) {
-        this._output = v;
-        this._outputHistory.push({ at: Date.now(), stage: this.activeStage, value: v });
-    }
-    get outputHistory() {
-        return this._outputHistory;
-    }
-    respond(value) {
-        // record validated output and surface the value via control flow
-        this.output = value;
-        flow_interface_1.FlowControl.respond(value);
-    }
-    // ============================================
-    // Platform Detection API
-    // ============================================
-    /**
-     * Get the detected AI platform type for the current session.
-     * This is auto-detected from the client info during MCP initialization.
-     *
-     * Use this to customize tool responses (e.g., UI format) based on the calling platform.
-     *
-     * @returns The detected platform type, or 'unknown' if not detected
-     * @example
-     * ```typescript
-     * async execute(input: Input): Promise<Output> {
-     *   const platform = this.platform;
-     *   if (platform === 'openai') {
-     *     // Return OpenAI-specific response format
-     *   }
-     *   // ...
-     * }
-     * ```
-     */
-    get platform() {
-        // First check sessionIdPayload (detected from user-agent during session creation)
-        const payloadPlatform = this.authInfo.sessionIdPayload?.platformType;
-        if (payloadPlatform && payloadPlatform !== 'unknown') {
-            return payloadPlatform;
-        }
-        // Fall back to notification service (detected from MCP clientInfo during initialize)
-        const sessionId = this.authInfo.sessionId;
-        if (!sessionId) {
-            return 'unknown';
-        }
-        return this.scope.notifications.getPlatformType(sessionId);
-    }
-    /**
-     * Get the client info (name and version) for the current session.
-     * This is captured from the MCP initialize request.
-     *
-     * @returns The client info, or undefined if not available
-     * @example
-     * ```typescript
-     * async execute(input: Input): Promise<Output> {
-     *   const client = this.clientInfo;
-     *   console.log(`Called by: ${client?.name} v${client?.version}`);
-     *   // ...
-     * }
-     * ```
-     */
-    get clientInfo() {
-        const sessionId = this.authInfo.sessionId;
-        if (!sessionId) {
-            return undefined;
-        }
-        return this.scope.notifications.getClientInfo(sessionId);
-    }
-}
-exports.ToolContext = ToolContext;
-//# sourceMappingURL=tool.interface.js.map

package/src/common/interfaces/tool.interface.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"tool.interface.js","sourceRoot":"","sources":["../../../../src/common/interfaces/tool.interface.ts"],"names":[],"mappings":";;;AAIA,qDAA+C;AAG/C,+EAA+F;AAiB/F,MAAsB,WAKpB,SAAQ,kDAAyB;IACd,MAAM,CAAS;IACf,QAAQ,CAAS;IAC3B,QAAQ,CAAe;IAEhC,uCAAuC;IAC/B,SAAS,CAAqB;IAC9B,MAAM,CAAM;IAEpB,wCAAwC;IAChC,YAAY,CAAsB;IAClC,OAAO,CAAO;IAEtB,iBAAiB;IACA,aAAa,GAAuB,EAAE,CAAC;IACvC,cAAc,GAAwB,EAAE,CAAC;IAE1D,YAAY,IAAsB;QAChC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;QACpD,KAAK,CAAC;YACJ,SAAS;YACT,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC5D,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC9B,IAAI,CAAC,MAAM,GAAG,QAAQ,CAAC,EAAE,IAAI,QAAQ,CAAC,IAAI,CAAC;QAC3C,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;IACtB,CAAC;IAID,IAAW,KAAK;QACd,OAAO,IAAI,CAAC,MAAY,CAAC;IAC3B,CAAC;IAED,IAAW,KAAK,CAAC,CAAiB;QAChC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;YACtB,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE;YACd,KAAK,EAAE,IAAI,CAAC,WAAW;YACvB,KAAK,EAAE,CAAC;SACT,CAAC,CAAC;IACL,CAAC;IAED,IAAW,YAAY;QACrB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,IAAW,MAAM,CAAC,CAAkB;QAClC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,IAAW,aAAa;QACtB,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED,OAAO,CAAC,KAAU;QAChB,iEAAiE;QACjE,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACpB,4BAAW,CAAC,OAAO,CAAM,KAAK,CAAC,CAAC;IAClC,CAAC;IAED,+CAA+C;IAC/C,yBAAyB;IACzB,+CAA+C;IAE/C;;;;;;;;;;;;;;;;;OAiBG;IACH,IAAI,QAAQ;QACV,kFAAkF;QAClF,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,YAAY,CAAC;QACrE,IAAI,eAAe,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YACrD,OAAO,eAAe,CAAC;QACzB,CAAC;QAED,qFAAqF;QACrF,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,IAAI,UAAU;QACZ,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;IAC3D,CAAC;CACF;AAnID,kCAmIC","sourcesContent":["import { FuncType, Type } from './base.interface';\nimport { ProviderRegistryInterface } from './internal';\nimport { ToolInputType, ToolMetadata, ToolOutputType } from '../metadata';\nimport { FrontMcpLogger } from './logger.interface';\nimport { FlowControl } from './flow.interface';\nimport { AuthInfo } from '@modelcontextprotocol/sdk/server/auth/types.js';\nimport { ToolInputOf, ToolOutputOf } from '../decorators';\nimport { ExecutionContextBase, ExecutionContextBaseArgs } from './execution-context.interface';\nimport type { AIPlatformType, ClientInfo } from '../../notification';\n\nexport type ToolType<T = any> = Type<T> | FuncType<T>;\n\ntype HistoryEntry<T> = {\n  at: number;\n  stage?: string;\n  value: T | undefined;\n  note?: string;\n};\n\nexport type ToolCtorArgs<In> = ExecutionContextBaseArgs & {\n  metadata: ToolMetadata;\n  input: In;\n};\n\nexport abstract class ToolContext<\n  InSchema extends ToolInputType = ToolInputType,\n  OutSchema extends ToolOutputType = ToolOutputType,\n  In = ToolInputOf<{ inputSchema: InSchema }>,\n  Out = ToolOutputOf<{ outputSchema: OutSchema }>,\n> extends ExecutionContextBase<Out> {\n  protected readonly toolId: string;\n  protected readonly toolName: string;\n  readonly metadata: ToolMetadata;\n\n  // ---- INPUT storages (backing fields)\n  private _rawInput?: Partial<In> | any;\n  private _input?: In;\n\n  // ---- OUTPUT storages (backing fields)\n  private _outputDraft?: Partial<Out> | any;\n  private _output?: Out;\n\n  // ---- histories\n  private readonly _inputHistory: HistoryEntry<In>[] = [];\n  private readonly _outputHistory: HistoryEntry<Out>[] = [];\n\n  constructor(args: ToolCtorArgs<In>) {\n    const { metadata, input, providers, logger } = args;\n    super({\n      providers,\n      logger: logger.child(`tool:${metadata.id ?? metadata.name}`),\n      authInfo: args.authInfo,\n    });\n    this.toolName = metadata.name;\n    this.toolId = metadata.id ?? metadata.name;\n    this.metadata = metadata;\n    this._input = input;\n  }\n\n  abstract execute(input: In): Promise<Out>;\n\n  public get input(): In {\n    return this._input as In;\n  }\n\n  public set input(v: In | undefined) {\n    this._input = v;\n    this._inputHistory.push({\n      at: Date.now(),\n      stage: this.activeStage,\n      value: v,\n    });\n  }\n\n  public get inputHistory(): ReadonlyArray<HistoryEntry<In>> {\n    return this._inputHistory;\n  }\n\n  public get output(): Out | undefined {\n    return this._output;\n  }\n\n  public set output(v: Out | undefined) {\n    this._output = v;\n    this._outputHistory.push({ at: Date.now(), stage: this.activeStage, value: v });\n  }\n\n  public get outputHistory(): ReadonlyArray<HistoryEntry<Out>> {\n    return this._outputHistory;\n  }\n\n  respond(value: Out): never {\n    // record validated output and surface the value via control flow\n    this.output = value;\n    FlowControl.respond<Out>(value);\n  }\n\n  // ============================================\n  // Platform Detection API\n  // ============================================\n\n  /**\n   * Get the detected AI platform type for the current session.\n   * This is auto-detected from the client info during MCP initialization.\n   *\n   * Use this to customize tool responses (e.g., UI format) based on the calling platform.\n   *\n   * @returns The detected platform type, or 'unknown' if not detected\n   * @example\n   * ```typescript\n   * async execute(input: Input): Promise<Output> {\n   *   const platform = this.platform;\n   *   if (platform === 'openai') {\n   *     // Return OpenAI-specific response format\n   *   }\n   *   // ...\n   * }\n   * ```\n   */\n  get platform(): AIPlatformType {\n    // First check sessionIdPayload (detected from user-agent during session creation)\n    const payloadPlatform = this.authInfo.sessionIdPayload?.platformType;\n    if (payloadPlatform && payloadPlatform !== 'unknown') {\n      return payloadPlatform;\n    }\n\n    // Fall back to notification service (detected from MCP clientInfo during initialize)\n    const sessionId = this.authInfo.sessionId;\n    if (!sessionId) {\n      return 'unknown';\n    }\n    return this.scope.notifications.getPlatformType(sessionId);\n  }\n\n  /**\n   * Get the client info (name and version) for the current session.\n   * This is captured from the MCP initialize request.\n   *\n   * @returns The client info, or undefined if not available\n   * @example\n   * ```typescript\n   * async execute(input: Input): Promise<Output> {\n   *   const client = this.clientInfo;\n   *   console.log(`Called by: ${client?.name} v${client?.version}`);\n   *   // ...\n   * }\n   * ```\n   */\n  get clientInfo(): ClientInfo | undefined {\n    const sessionId = this.authInfo.sessionId;\n    if (!sessionId) {\n      return undefined;\n    }\n    return this.scope.notifications.getClientInfo(sessionId);\n  }\n}\n"]}

package/src/common/metadata/adapter.metadata.js

@@ -1,10 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.frontMcpAdapterMetadataSchema = void 0;
-const zod_1 = require("zod");
-exports.frontMcpAdapterMetadataSchema = zod_1.z.object({
-    id: zod_1.z.string().optional(),
-    name: zod_1.z.string().min(1),
-    description: zod_1.z.string().optional(),
-}).passthrough();
-//# sourceMappingURL=adapter.metadata.js.map

package/src/common/metadata/adapter.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"adapter.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/adapter.metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AAcX,QAAA,6BAA6B,GAAG,OAAC,CAAC,MAAM,CAAC;IACpD,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzB,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACI,CAAC,CAAC,WAAW,EAAE,CAAC","sourcesContent":["import { z } from 'zod';\nimport { RawZodShape } from '../types';\n\n\n/**\n * Declarative metadata describing what a FrontMcpAdapter contributes at app scope.\n */\nexport interface AdapterMetadata {\n  id?: string;\n  name: string;\n  description?: string;\n}\n\n\nexport const frontMcpAdapterMetadataSchema = z.object({\n  id: z.string().optional(),\n  name: z.string().min(1),\n  description: z.string().optional(),\n} satisfies RawZodShape<AdapterMetadata>).passthrough();\n"]}

package/src/common/metadata/app.metadata.js

@@ -1,30 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.frontMcpRemoteAppMetadataSchema = exports.frontMcpLocalAppMetadataSchema = void 0;
-const zod_1 = require("zod");
-const types_1 = require("../types");
-const schemas_1 = require("../schemas");
-exports.frontMcpLocalAppMetadataSchema = zod_1.z.object({
-    id: zod_1.z.string().optional(),
-    name: zod_1.z.string().min(1),
-    description: zod_1.z.string().optional(),
-    providers: zod_1.z.array(schemas_1.annotatedFrontMcpProvidersSchema).optional().default([]),
-    authProviders: zod_1.z.array(schemas_1.annotatedFrontMcpAuthProvidersSchema).optional().default([]),
-    plugins: zod_1.z.array(schemas_1.annotatedFrontMcpPluginsSchema).optional(),
-    adapters: zod_1.z.array(schemas_1.annotatedFrontMcpAdaptersSchema).optional(),
-    tools: zod_1.z.array(schemas_1.annotatedFrontMcpToolsSchema).optional(),
-    resources: zod_1.z.array(schemas_1.annotatedFrontMcpResourcesSchema).optional(),
-    prompts: zod_1.z.array(schemas_1.annotatedFrontMcpPromptsSchema).optional(),
-    auth: types_1.authOptionsSchema.optional(),
-    standalone: zod_1.z.union([zod_1.z.literal('includeInParent'), zod_1.z.boolean()]).optional().default(false),
-}).passthrough();
-exports.frontMcpRemoteAppMetadataSchema = zod_1.z.object({
-    id: zod_1.z.string().optional(),
-    name: zod_1.z.string().min(1),
-    description: zod_1.z.string().optional(),
-    urlType: zod_1.z.enum(['worker', 'url']),
-    url: zod_1.z.string().url(),
-    auth: types_1.authOptionsSchema.optional(),
-    standalone: zod_1.z.union([zod_1.z.literal('includeInParent'), zod_1.z.boolean()]).optional().default(false),
-}).passthrough();
-//# sourceMappingURL=app.metadata.js.map

package/src/common/metadata/app.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"app.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/app.metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,oCAAuE;AAUvE,wCAIoB;AA0FP,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzB,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,0CAAgC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3E,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,8CAAoC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACnF,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,wCAA8B,CAAC,CAAC,QAAQ,EAAE;IAC3D,QAAQ,EAAE,OAAC,CAAC,KAAK,CAAC,yCAA+B,CAAC,CAAC,QAAQ,EAAE;IAC7D,KAAK,EAAE,OAAC,CAAC,KAAK,CAAC,sCAA4B,CAAC,CAAC,QAAQ,EAAE;IACvD,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,0CAAgC,CAAC,CAAC,QAAQ,EAAE;IAC/D,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,wCAA8B,CAAC,CAAC,QAAQ,EAAE;IAC3D,IAAI,EAAE,yBAAiB,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACnD,CAAC,CAAC,WAAW,EAAE,CAAC;AAmD5C,QAAA,+BAA+B,GAAG,OAAC,CAAC,MAAM,CAAC;IACtD,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzB,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,OAAO,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAClC,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACrB,IAAI,EAAE,yBAAiB,CAAC,QAAQ,EAAE;IAClC,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CAClD,CAAC,CAAC,WAAW,EAAE,CAAC","sourcesContent":["import { z } from 'zod';\nimport { RawZodShape, AuthOptions, authOptionsSchema } from '../types';\nimport {\n  ProviderType,\n  PromptType,\n  ResourceType,\n  ToolType,\n  AuthProviderType,\n  PluginType,\n  AdapterType,\n} from '../interfaces';\nimport {\n  annotatedFrontMcpAdaptersSchema, annotatedFrontMcpAuthProvidersSchema,\n  annotatedFrontMcpPluginsSchema, annotatedFrontMcpPromptsSchema,\n  annotatedFrontMcpProvidersSchema, annotatedFrontMcpResourcesSchema, annotatedFrontMcpToolsSchema,\n} from '../schemas';\n\n\n/**\n * Declarative metadata describing what a local mcp app contributes at app scope.\n *\n * Includes dependency providers, app-scoped plugins, adapters (that can\n * generate tools/resources/prompts from external definitions), and any\n * inline tools authored in the app. Adapter-generated items inherit the\n * app’s plugins and policies and are tagged with provenance.\n */\nexport interface LocalAppMetadata {\n  /**\n   * Human-friendly name for this app as shown in UIs, logs, and describe reports.\n   * Keep it short, stable, and unique within a gateway (consider prefixes).\n   */\n  id?: string;\n  /**\n   * Human-friendly name for this app as shown in UIs, logs, and describe reports.\n   * Keep it short, stable, and unique within a gateway (consider prefixes).\n   */\n  name: string;\n\n  /**\n   * Optional longer explanation of what the app does and what it exposes.\n   * Used for documentation, describe reports, and UIs. Avoid secrets/PII.\n   */\n  description?: string;\n\n  /**\n   * Named singleton (or scoped-singleton) dependencies used by tools/plugins at runtime\n   * — e.g., config, database pools, Redis clients, queues, KMS.\n   *\n   * Resolution is hierarchical (tool → app → gateway). Providers may depend on\n   * other providers and are usually initialized lazily on first use.\n   */\n  providers?: ProviderType[];\n\n  /**\n   * Named singleton / session auth provider to be used by tools/plugins at runtime\n   * — e.g., GithubAuthProvider, GoogleAuthProvider, etc.\n   *\n   * Note: this is different from providers, which are used for calling fetch request\n   *     with specific auth context headers.\n   *\n   * Resolution is hierarchical (tool → app → gateway). Providers may depend on\n   * other providers and are usually initialized lazily on first use.\n   */\n  authProviders?: AuthProviderType[];\n\n  /**\n   * App-scoped plugins that participate in lifecycle events and can contribute\n   * additional capabilities (tools, resources, prompts, providers, adapters).\n   * Use plugins to enforce policy, auth, PII reduction, tracing, etc.\n   */\n  plugins?: PluginType[];\n\n  /**\n   * Adapters attached to this app that convert external definitions or sources\n   * (e.g., OpenAPI, Lambda, Custom) into generated tools/resources/prompts.\n   * Common options include include/exclude filters, name prefixes, base URLs,\n   * and authentication (often provided by plugins).\n   */\n  adapters?: AdapterType[];\n\n  /**\n   * Inline tools authored by this app (via builder or class). These are active\n   * actions with input/output schemas that the model can call. Tools generated\n   * by adapters do not need to be listed here.\n   */\n  tools?: ToolType[];\n  resources?: ResourceType[];\n  prompts?: PromptType[];\n\n\n  /**\n   * Configures the app's default authentication provider.\n   * If not provided, the app will use the gateway's default auth provider.\n   */\n  auth?: AuthOptions;\n\n  /**\n   * If true, the app will NOT be included and will act as a separated scope.\n   * If false, the app will be included in MultiApp frontmcp server.\n   * If 'includeInParent', the app will be included in the gateway's\n   *    standalone app list and will act as a separated scope under the appName prefix\n   */\n  standalone?: 'includeInParent' | boolean;\n}\n\nexport const frontMcpLocalAppMetadataSchema = z.object({\n  id: z.string().optional(),\n  name: z.string().min(1),\n  description: z.string().optional(),\n  providers: z.array(annotatedFrontMcpProvidersSchema).optional().default([]),\n  authProviders: z.array(annotatedFrontMcpAuthProvidersSchema).optional().default([]),\n  plugins: z.array(annotatedFrontMcpPluginsSchema).optional(),\n  adapters: z.array(annotatedFrontMcpAdaptersSchema).optional(),\n  tools: z.array(annotatedFrontMcpToolsSchema).optional(),\n  resources: z.array(annotatedFrontMcpResourcesSchema).optional(),\n  prompts: z.array(annotatedFrontMcpPromptsSchema).optional(),\n  auth: authOptionsSchema.optional(),\n  standalone: z.union([z.literal('includeInParent'), z.boolean()]).optional().default(false),\n} satisfies RawZodShape<LocalAppMetadata>).passthrough();\n\n\n/**\n * Declarative metadata describing what a remote encapsulated mcp app.\n */\nexport interface RemoteAppMetadata {\n  /**\n   * Human-friendly name for this app as shown in UIs, logs, and describe reports.\n   * Keep it short, stable, and unique within a gateway (consider prefixes).\n   */\n  id?: string;\n  /**\n   * Human-friendly name for this app as shown in UIs, logs, and describe reports.\n   * Keep it short, stable, and unique within a gateway (consider prefixes).\n   */\n  name: string;\n\n  /**\n   * Optional longer explanation of what the app does and what it exposes.\n   * Used for documentation, describe reports, and UIs. Avoid secrets/PII.\n   */\n  description?: string;\n\n  /**\n   * The type of the remote app.\n   * - 'worker': The remote app is a worker file.\n   * - 'url': The remote app is a remote URL.\n   */\n  urlType: 'worker' | 'url';\n  /**\n   * The URL of the remote app. This can be a local worker file or a remote URL.\n   */\n  url: string;\n\n  /**\n   * Configures the app's default authentication provider.\n   * If not provided, the app will use the gateway's default auth provider.\n   */\n  auth?: AuthOptions;\n\n  /**\n   * If true, the app will NOT be included and will act as a separated scope.\n   * If false, the app will be included in MultiApp frontmcp server.\n   * If 'includeInParent', the app will be included in the gateway's\n   *    standalone app list and will act as a separated scope under the appName prefix\n   */\n  standalone: 'includeInParent' | boolean;\n\n}\n\nexport const frontMcpRemoteAppMetadataSchema = z.object({\n  id: z.string().optional(),\n  name: z.string().min(1),\n  description: z.string().optional(),\n  urlType: z.enum(['worker', 'url']),\n  url: z.string().url(),\n  auth: authOptionsSchema.optional(),\n  standalone: z.union([z.literal('includeInParent'), z.boolean()]).optional().default(false),\n} satisfies RawZodShape<RemoteAppMetadata>).passthrough();\n\n\nexport type AppMetadata = LocalAppMetadata | RemoteAppMetadata;\n"]}

package/src/common/metadata/auth-provider.metadata.js

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.frontMcpAuthProviderMetadataSchema = exports.AuthProviderScope = void 0;
-const zod_1 = require("zod");
-/**
- * Provider lifetime scope semantics.
- */
-var AuthProviderScope;
-(function (AuthProviderScope) {
-    AuthProviderScope["GLOBAL"] = "global";
-    AuthProviderScope["SESSION"] = "session";
-})(AuthProviderScope || (exports.AuthProviderScope = AuthProviderScope = {}));
-exports.frontMcpAuthProviderMetadataSchema = zod_1.z.object({
-    id: zod_1.z.string().optional(),
-    name: zod_1.z.string().min(1),
-    description: zod_1.z.string().optional(),
-    scope: zod_1.z.nativeEnum(AuthProviderScope).optional().default(AuthProviderScope.GLOBAL),
-}).passthrough();
-//# sourceMappingURL=auth-provider.metadata.js.map

package/src/common/metadata/auth-provider.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-provider.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/auth-provider.metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AAaxB;;GAEG;AACH,IAAY,iBAGX;AAHD,WAAY,iBAAiB;IAC3B,sCAAiB,CAAA;IACjB,wCAAmB,CAAA;AACrB,CAAC,EAHW,iBAAiB,iCAAjB,iBAAiB,QAG5B;AAEY,QAAA,kCAAkC,GAAG,OAAC,CAAC,MAAM,CAAC;IACzD,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACzB,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,KAAK,EAAE,OAAC,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC;CACxC,CAAC,CAAC,WAAW,EAAE,CAAC","sourcesContent":["import { z } from 'zod';\nimport { RawZodShape } from '../types';\n\n/**\n * Declarative metadata describing what a FrontMcpProvider contributes at app scope.\n */\nexport interface AuthProviderMetadata {\n  id?: string;\n  name: string;\n  description?: string;\n  scope?: AuthProviderScope;\n}\n\n/**\n * Provider lifetime scope semantics.\n */\nexport enum AuthProviderScope {\n  GLOBAL = 'global',\n  SESSION = 'session',\n}\n\nexport const frontMcpAuthProviderMetadataSchema = z.object({\n  id: z.string().optional(),\n  name: z.string().min(1),\n  description: z.string().optional(),\n  scope: z.nativeEnum(AuthProviderScope).optional().default(AuthProviderScope.GLOBAL),\n} satisfies RawZodShape<AuthProviderMetadata>).passthrough();\n"]}

package/src/common/metadata/flow.metadata.js

@@ -1,15 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.frontMcpFlowMetadataSchema = void 0;
-const zod_1 = require("zod");
-exports.frontMcpFlowMetadataSchema = zod_1.z.object({
-    name: zod_1.z.string().min(1),
-    description: zod_1.z.string().optional(),
-    access: zod_1.z.enum(['public', 'authorized']).optional().default('public'),
-    inputSchema: zod_1.z.instanceof(Object),
-    outputSchema: zod_1.z.instanceof(Object).optional(),
-    plan: zod_1.z.instanceof(Object),
-    dependsOn: zod_1.z.array(zod_1.z.any()).optional(),
-    middleware: zod_1.z.instanceof(Object).optional(),
-}).passthrough();
-//# sourceMappingURL=flow.metadata.js.map

package/src/common/metadata/flow.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"flow.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/flow.metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAsB;AA4DT,QAAA,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IACjD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,MAAM,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;IACrE,WAAW,EAAE,OAAC,CAAC,UAAU,CAAC,MAAM,CAAC;IACjC,YAAY,EAAE,OAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;IAC7C,IAAI,EAAE,OAAC,CAAC,UAAU,CAAC,MAAM,CAAC;IAC1B,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,UAAU,EAAE,OAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE;CACD,CAAC,CAAC,WAAW,EAAE,CAAC","sourcesContent":["import {z} from 'zod';\nimport {RawZodShape} from '../types';\nimport {HttpMethod, ServerRequest, Token} from '../interfaces';\nimport {ScopeEntry} from '../entries';\n\ndeclare module '@frontmcp/sdk' {\n  // eslint-disable-next-line\n  export interface ExtendFlows {\n\n  }\n}\n\nexport type FlowName = keyof ExtendFlows;\n\nexport type CanActivateFlow = (request: ServerRequest, scope: ScopeEntry) => Promise<boolean>;\n\nexport interface FlowMiddlewareOptions {\n  path?: RegExp | string; // string can be \"/test/**\" or \"/test/*/asds\", default to all paths\n  method?: HttpMethod; // default to all methods\n  canActivate?: CanActivateFlow[];\n}\n\nexport type FlowRunOptions<Ctx, Plan extends FlowPlan<string>, Input, Output extends (z.ZodObject<any> | z.ZodUnion<any> | z.ZodDiscriminatedUnion<any, any>), State extends z.ZodObject<any>> = {\n  ctx: Ctx;\n  plan: Plan;\n  input: Input;\n  output: Output;\n  state: State;\n  stage: StagesFromPlan<Plan>;\n  executeStage: ExecuteStagesFromPlan<Plan>;\n}\n\n/**\n * Declarative metadata describing what a FrontMcpFlow contributes at app scope.\n */\nexport interface FlowMetadata<Name extends FlowName> {\n  name: Name;\n  description?: string;\n  plan: FlowPlan<ExtendFlows[Name]['stage']>;\n  inputSchema: ExtendFlows[Name]['input'];\n  outputSchema: ExtendFlows[Name]['output'];\n  access: 'public' | 'authorized';\n  dependsOn?: Token[];\n  middleware?: FlowMiddlewareOptions;\n}\n\n\nexport type StepInfo = string | { title?: string; description?: string; };\nexport type FlowPhase = 'pre' | 'execute' | 'post' | 'finalize' | 'error';\ntype Values<T> = T[keyof T];\ntype ArrayElem<T> = T extends ReadonlyArray<infer U> ? U : never;\n\nexport type StagesFromPlan<P extends FlowPlan<string>> = ArrayElem<Values<Required<P>>>;\nexport type ExecuteStagesFromPlan<P extends FlowPlan<string>> = ArrayElem<Required<P['execute']>>;\n\nexport type FlowPlan<Base extends string> = {\n  steps?: Record<Base, StepInfo>;\n} & Partial<Record<FlowPhase, Base[]>>;\n\n\nexport const frontMcpFlowMetadataSchema = z.object({\n  name: z.string().min(1),\n  description: z.string().optional(),\n  access: z.enum(['public', 'authorized']).optional().default('public'),\n  inputSchema: z.instanceof(Object),\n  outputSchema: z.instanceof(Object).optional(),\n  plan: z.instanceof(Object),\n  dependsOn: z.array(z.any()).optional(),\n  middleware: z.instanceof(Object).optional(),\n} satisfies RawZodShape<FlowMetadata<never>>).passthrough();\n"]}

package/src/common/metadata/front-mcp.metadata.js

@@ -1,29 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.frontMcpMetadataSchema = exports.frontMcpBaseSchema = void 0;
-const zod_1 = require("zod");
-const types_1 = require("../types");
-const schemas_1 = require("../schemas");
-exports.frontMcpBaseSchema = zod_1.z.object({
-    info: types_1.serverInfoOptionsSchema,
-    providers: zod_1.z.array(schemas_1.annotatedFrontMcpProvidersSchema).optional().default([]),
-    tools: zod_1.z.array(schemas_1.annotatedFrontMcpToolsSchema).optional().default([]),
-    resources: zod_1.z.array(schemas_1.annotatedFrontMcpResourcesSchema).optional().default([]),
-    apps: zod_1.z.array(schemas_1.annotatedFrontMcpAppSchema),
-    serve: zod_1.z.boolean().optional().default(true),
-    http: types_1.httpOptionsSchema.optional(),
-    redis: types_1.redisOptionsSchema.optional(),
-    transport: types_1.transportOptionsSchema.optional().transform((val) => val ?? types_1.transportOptionsSchema.parse({})),
-    session: types_1.sessionOptionsSchema.optional(), // @deprecated - kept for backward compatibility
-    logging: types_1.loggingOptionsSchema.optional(),
-});
-const frontMcpMultiAppSchema = exports.frontMcpBaseSchema.extend({
-    splitByApp: zod_1.z.literal(false).default(false).describe('If true, each app gets its own scope & basePath.'),
-    auth: types_1.authOptionsSchema.optional().describe("Configures the server's default authentication provider."),
-});
-const frontMcpSplitByAppSchema = exports.frontMcpBaseSchema.extend({
-    splitByApp: zod_1.z.literal(true).describe('If false, apps are grouped under the same scope & basePath.'),
-    auth: zod_1.z.never().optional(),
-});
-exports.frontMcpMetadataSchema = frontMcpMultiAppSchema.or(frontMcpSplitByAppSchema);
-//# sourceMappingURL=front-mcp.metadata.js.map

package/src/common/metadata/front-mcp.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"front-mcp.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/front-mcp.metadata.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,oCAiBkB;AAClB,wCAKoB;AA+CP,QAAA,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,+BAAuB;IAC7B,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,0CAAgC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3E,KAAK,EAAE,OAAC,CAAC,KAAK,CAAC,sCAA4B,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACnE,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,0CAAgC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3E,IAAI,EAAE,OAAC,CAAC,KAAK,CAAC,oCAA0B,CAAC;IACzC,KAAK,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3C,IAAI,EAAE,yBAAiB,CAAC,QAAQ,EAAE;IAClC,KAAK,EAAE,0BAAkB,CAAC,QAAQ,EAAE;IACpC,SAAS,EAAE,8BAAsB,CAAC,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,IAAI,8BAAsB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACxG,OAAO,EAAE,4BAAoB,CAAC,QAAQ,EAAE,EAAE,gDAAgD;IAC1F,OAAO,EAAE,4BAAoB,CAAC,QAAQ,EAAE;CACG,CAAC,CAAC;AAO/C,MAAM,sBAAsB,GAAG,0BAAkB,CAAC,MAAM,CAAC;IACvD,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,kDAAkD,CAAC;IACxG,IAAI,EAAE,yBAAiB,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,0DAA0D,CAAC;CAClC,CAAC,CAAC;AAOzE,MAAM,wBAAwB,GAAG,0BAAkB,CAAC,MAAM,CAAC;IACzD,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,6DAA6D,CAAC;IACnG,IAAI,EAAE,OAAC,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;CAC6C,CAAC,CAAC;AAI9D,QAAA,sBAAsB,GAAG,sBAAsB,CAAC,EAAE,CAAC,wBAAwB,CAAC,CAAC","sourcesContent":["import { z } from 'zod';\nimport {\n  AuthOptions,\n  authOptionsSchema,\n  SessionOptions,\n  sessionOptionsSchema,\n  ServerInfoOptions,\n  serverInfoOptionsSchema,\n  HttpOptions,\n  httpOptionsSchema,\n  LoggingOptions,\n  loggingOptionsSchema,\n  RawZodShape,\n  AuthOptionsInput,\n  RedisOptionsInput,\n  redisOptionsSchema,\n  TransportOptionsInput,\n  transportOptionsSchema,\n} from '../types';\nimport {\n  annotatedFrontMcpAppSchema,\n  annotatedFrontMcpProvidersSchema,\n  annotatedFrontMcpResourcesSchema,\n  annotatedFrontMcpToolsSchema,\n} from '../schemas';\nimport { AppType, ProviderType, ResourceType, ToolType } from '../interfaces';\n\nexport interface FrontMcpBaseMetadata {\n  info: ServerInfoOptions;\n  apps: AppType[];\n  http?: HttpOptions;\n  logging?: LoggingOptions;\n\n  serve?: boolean; // default to true\n\n  /**\n   * Shared Redis configuration\n   * Used by transport persistence and auth token storage\n   */\n  redis?: RedisOptionsInput;\n\n  /**\n   * Transport and session lifecycle configuration\n   * Controls transport protocols, session management, and persistence\n   * @default {} (all transport options use their schema defaults)\n   */\n  transport?: TransportOptionsInput; // Optional in input, but always defined in output\n\n  /**\n   * @deprecated Use `transport` instead. Session config has been merged into transport.\n   */\n  session?: SessionOptions;\n\n  /**\n   * Additional providers that are available to all apps.\n   */\n  providers?: ProviderType[];\n\n  /**\n   * Shared tools that are available to all apps.\n   * These are merged (additively) with app-specific tools.\n   */\n  tools?: ToolType[];\n\n  /**\n   * Shared resources that are available to all apps.\n   * These are merged (additively) with app-specific resources.\n   */\n  resources?: ResourceType[];\n}\n\nexport const frontMcpBaseSchema = z.object({\n  info: serverInfoOptionsSchema,\n  providers: z.array(annotatedFrontMcpProvidersSchema).optional().default([]),\n  tools: z.array(annotatedFrontMcpToolsSchema).optional().default([]),\n  resources: z.array(annotatedFrontMcpResourcesSchema).optional().default([]),\n  apps: z.array(annotatedFrontMcpAppSchema),\n  serve: z.boolean().optional().default(true),\n  http: httpOptionsSchema.optional(),\n  redis: redisOptionsSchema.optional(),\n  transport: transportOptionsSchema.optional().transform((val) => val ?? transportOptionsSchema.parse({})),\n  session: sessionOptionsSchema.optional(), // @deprecated - kept for backward compatibility\n  logging: loggingOptionsSchema.optional(),\n} satisfies RawZodShape<FrontMcpBaseMetadata>);\n\nexport interface FrontMcpMultiAppMetadata extends FrontMcpBaseMetadata {\n  splitByApp?: false;\n  auth?: AuthOptionsInput;\n}\n\nconst frontMcpMultiAppSchema = frontMcpBaseSchema.extend({\n  splitByApp: z.literal(false).default(false).describe('If true, each app gets its own scope & basePath.'),\n  auth: authOptionsSchema.optional().describe(\"Configures the server's default authentication provider.\"),\n} satisfies RawZodShape<FrontMcpMultiAppMetadata, FrontMcpBaseMetadata>);\n\nexport interface FrontMcpSplitByAppMetadata extends FrontMcpBaseMetadata {\n  splitByApp: true;\n  auth?: never;\n}\n\nconst frontMcpSplitByAppSchema = frontMcpBaseSchema.extend({\n  splitByApp: z.literal(true).describe('If false, apps are grouped under the same scope & basePath.'),\n  auth: z.never().optional(),\n} satisfies RawZodShape<FrontMcpSplitByAppMetadata, FrontMcpBaseMetadata>);\n\nexport type FrontMcpMetadata = FrontMcpMultiAppMetadata | FrontMcpSplitByAppMetadata;\n\nexport const frontMcpMetadataSchema = frontMcpMultiAppSchema.or(frontMcpSplitByAppSchema);\n\nexport type FrontMcpMultiAppConfig = z.infer<typeof frontMcpMultiAppSchema>;\nexport type FrontMcpSplitByAppConfig = z.infer<typeof frontMcpSplitByAppSchema>;\n\nexport type FrontMcpConfigType = z.infer<typeof frontMcpMetadataSchema>;\n\nexport interface AppScopeMetadata extends Omit<FrontMcpSplitByAppMetadata, 'auth' | 'splitByApp'> {\n  id: string;\n  apps: [AppType];\n  auth?: AuthOptions;\n}\n\nexport interface MultiAppScopeMetadata extends FrontMcpMultiAppMetadata {\n  id: string;\n  apps: AppType[];\n}\n\nexport type ScopeMetadata = AppScopeMetadata | MultiAppScopeMetadata;\n"]}

package/src/common/metadata/hook.metadata.js

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=hook.metadata.js.map

package/src/common/metadata/hook.metadata.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"hook.metadata.js","sourceRoot":"","sources":["../../../../src/common/metadata/hook.metadata.ts"],"names":[],"mappings":"","sourcesContent":["import { Token } from '../interfaces';\nimport { FlowName } from './flow.metadata';\nimport { EntryOwnerRef } from '../entries/base.entry';\n\nexport type HookStageType = 'stage' | 'will' | 'did' | 'around';\nexport type HookPriority = number;\n\nexport interface HookOptions<Ctx> {\n  priority?: HookPriority;\n  filter?: (ctx: Ctx) => boolean | Promise<boolean>;\n}\n\nexport interface TokenHookMetadata {\n  hooks: HookMetadata[];\n}\n\nexport interface HookMetadata<Name extends FlowName = FlowName, Stage = string, Ctx = any> extends HookOptions<Ctx> {\n  type: HookStageType;\n  flow: Name;\n  stage: Stage;\n  target: Token | null; // null for TC39 decorators until resolved at execution time\n  method: string;\n  static?: boolean;\n  owner?: EntryOwnerRef;\n}\n"]}