@frontmcp/sdk 0.6.1 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1059) hide show
  1. package/{src/auth → auth}/instances/instance.local-primary-auth.d.ts +1 -1
  2. package/{src/auth → auth}/instances/instance.remote-primary-auth.d.ts +1 -1
  3. package/{src/common → common}/interfaces/internal/primary-auth-provider.interface.d.ts +1 -4
  4. package/{src/common → common}/metadata/front-mcp.metadata.d.ts +1074 -44
  5. package/common/types/options/auth/app-auth.schema.d.ts +275 -0
  6. package/common/types/options/auth/auth.interfaces.d.ts +461 -0
  7. package/common/types/options/auth/auth.schema.d.ts +284 -0
  8. package/common/types/options/auth/auth.utils.d.ts +32 -0
  9. package/common/types/options/auth/index.d.ts +16 -0
  10. package/common/types/options/auth/orchestrated.schema.d.ts +381 -0
  11. package/common/types/options/auth/public.schema.d.ts +42 -0
  12. package/common/types/options/auth/shared.schemas.d.ts +120 -0
  13. package/common/types/options/auth/transparent.schema.d.ts +56 -0
  14. package/common/types/options/auth/transport.deprecated.d.ts +63 -0
  15. package/{src/common → common}/types/options/index.d.ts +1 -1
  16. package/{src/common → common}/types/options/transport.options.d.ts +6 -1
  17. package/{src/common → common}/utils/decide-request-intent.utils.d.ts +6 -7
  18. package/esm/index.mjs +22664 -0
  19. package/esm/mcp-apps/index.mjs +723 -0
  20. package/esm/package.json +81 -0
  21. package/index.js +22957 -0
  22. package/logger/logger.tokens.d.ts +1 -0
  23. package/mcp-apps/index.js +799 -0
  24. package/package.json +26 -13
  25. package/README.md +0 -461
  26. package/src/adapter/adapter.instance.js +0 -70
  27. package/src/adapter/adapter.instance.js.map +0 -1
  28. package/src/adapter/adapter.regsitry.js +0 -54
  29. package/src/adapter/adapter.regsitry.js.map +0 -1
  30. package/src/adapter/adapter.utils.js +0 -83
  31. package/src/adapter/adapter.utils.js.map +0 -1
  32. package/src/app/app.registry.js +0 -66
  33. package/src/app/app.registry.js.map +0 -1
  34. package/src/app/app.utils.js +0 -58
  35. package/src/app/app.utils.js.map +0 -1
  36. package/src/app/instances/app.local.instance.js +0 -67
  37. package/src/app/instances/app.local.instance.js.map +0 -1
  38. package/src/app/instances/app.remote.instance.js +0 -36
  39. package/src/app/instances/app.remote.instance.js.map +0 -1
  40. package/src/app/instances/index.js +0 -6
  41. package/src/app/instances/index.js.map +0 -1
  42. package/src/auth/auth.registry.js +0 -219
  43. package/src/auth/auth.registry.js.map +0 -1
  44. package/src/auth/auth.utils.js +0 -84
  45. package/src/auth/auth.utils.js.map +0 -1
  46. package/src/auth/authorization/authorization.class.js +0 -217
  47. package/src/auth/authorization/authorization.class.js.map +0 -1
  48. package/src/auth/authorization/authorization.types.js +0 -79
  49. package/src/auth/authorization/authorization.types.js.map +0 -1
  50. package/src/auth/authorization/index.js +0 -19
  51. package/src/auth/authorization/index.js.map +0 -1
  52. package/src/auth/authorization/orchestrated.authorization.js +0 -306
  53. package/src/auth/authorization/orchestrated.authorization.js.map +0 -1
  54. package/src/auth/authorization/public.authorization.js +0 -132
  55. package/src/auth/authorization/public.authorization.js.map +0 -1
  56. package/src/auth/authorization/transparent.authorization.js +0 -147
  57. package/src/auth/authorization/transparent.authorization.js.map +0 -1
  58. package/src/auth/consent/consent.types.js +0 -119
  59. package/src/auth/consent/consent.types.js.map +0 -1
  60. package/src/auth/consent/index.js +0 -13
  61. package/src/auth/consent/index.js.map +0 -1
  62. package/src/auth/detection/auth-provider-detection.js +0 -230
  63. package/src/auth/detection/auth-provider-detection.js.map +0 -1
  64. package/src/auth/detection/index.js +0 -15
  65. package/src/auth/detection/index.js.map +0 -1
  66. package/src/auth/flows/auth.verify.flow.js +0 -379
  67. package/src/auth/flows/auth.verify.flow.js.map +0 -1
  68. package/src/auth/flows/oauth.authorize.flow.js +0 -822
  69. package/src/auth/flows/oauth.authorize.flow.js.map +0 -1
  70. package/src/auth/flows/oauth.callback.flow.js +0 -357
  71. package/src/auth/flows/oauth.callback.flow.js.map +0 -1
  72. package/src/auth/flows/oauth.register.flow.js +0 -201
  73. package/src/auth/flows/oauth.register.flow.js.map +0 -1
  74. package/src/auth/flows/oauth.token.flow.js +0 -319
  75. package/src/auth/flows/oauth.token.flow.js.map +0 -1
  76. package/src/auth/flows/session.verify.flow.js +0 -304
  77. package/src/auth/flows/session.verify.flow.js.map +0 -1
  78. package/src/auth/flows/well-known.jwks.flow.js +0 -89
  79. package/src/auth/flows/well-known.jwks.flow.js.map +0 -1
  80. package/src/auth/flows/well-known.oauth-authorization-server.flow.js +0 -122
  81. package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +0 -1
  82. package/src/auth/flows/well-known.prm.flow.js +0 -106
  83. package/src/auth/flows/well-known.prm.flow.js.map +0 -1
  84. package/src/auth/instances/instance.local-primary-auth.js +0 -308
  85. package/src/auth/instances/instance.local-primary-auth.js.map +0 -1
  86. package/src/auth/instances/instance.remote-primary-auth.js +0 -49
  87. package/src/auth/instances/instance.remote-primary-auth.js.map +0 -1
  88. package/src/auth/jwks/dev-key-persistence.js +0 -219
  89. package/src/auth/jwks/dev-key-persistence.js.map +0 -1
  90. package/src/auth/jwks/index.js +0 -7
  91. package/src/auth/jwks/index.js.map +0 -1
  92. package/src/auth/jwks/jwks.service.js +0 -303
  93. package/src/auth/jwks/jwks.service.js.map +0 -1
  94. package/src/auth/jwks/jwks.types.js +0 -3
  95. package/src/auth/jwks/jwks.types.js.map +0 -1
  96. package/src/auth/jwks/jwks.utils.js +0 -32
  97. package/src/auth/jwks/jwks.utils.js.map +0 -1
  98. package/src/auth/machine-id.js +0 -32
  99. package/src/auth/machine-id.js.map +0 -1
  100. package/src/auth/oauth/flows/oauth.authorize.flow.js +0 -33
  101. package/src/auth/oauth/flows/oauth.authorize.flow.js.map +0 -1
  102. package/src/auth/oauth/flows/oauth.device-authorization.flow.js +0 -48
  103. package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +0 -1
  104. package/src/auth/oauth/flows/oauth.introspect.flow.js +0 -28
  105. package/src/auth/oauth/flows/oauth.introspect.flow.js.map +0 -1
  106. package/src/auth/oauth/flows/oauth.par.flow.js +0 -29
  107. package/src/auth/oauth/flows/oauth.par.flow.js.map +0 -1
  108. package/src/auth/oauth/flows/oauth.revoke.flow.js +0 -27
  109. package/src/auth/oauth/flows/oauth.revoke.flow.js.map +0 -1
  110. package/src/auth/oauth/flows/oauth.token.flow.js +0 -59
  111. package/src/auth/oauth/flows/oauth.token.flow.js.map +0 -1
  112. package/src/auth/oauth/flows/oauth.userinfo.flow.js +0 -24
  113. package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +0 -1
  114. package/src/auth/oauth/flows/oidc.logout.flow.js +0 -20
  115. package/src/auth/oauth/flows/oidc.logout.flow.js.map +0 -1
  116. package/src/auth/session/authorization-vault.js +0 -817
  117. package/src/auth/session/authorization-vault.js.map +0 -1
  118. package/src/auth/session/authorization.store.js +0 -323
  119. package/src/auth/session/authorization.store.js.map +0 -1
  120. package/src/auth/session/encrypted-authorization-vault.js +0 -493
  121. package/src/auth/session/encrypted-authorization-vault.js.map +0 -1
  122. package/src/auth/session/index.js +0 -18
  123. package/src/auth/session/index.js.map +0 -1
  124. package/src/auth/session/record/session.base.js +0 -125
  125. package/src/auth/session/record/session.base.js.map +0 -1
  126. package/src/auth/session/record/session.stateful.js +0 -55
  127. package/src/auth/session/record/session.stateful.js.map +0 -1
  128. package/src/auth/session/record/session.stateless.js +0 -32
  129. package/src/auth/session/record/session.stateless.js.map +0 -1
  130. package/src/auth/session/record/session.transparent.js +0 -22
  131. package/src/auth/session/record/session.transparent.js.map +0 -1
  132. package/src/auth/session/redis-session.store.js +0 -204
  133. package/src/auth/session/redis-session.store.js.map +0 -1
  134. package/src/auth/session/session.crypto.js +0 -47
  135. package/src/auth/session/session.crypto.js.map +0 -1
  136. package/src/auth/session/session.schema.js +0 -13
  137. package/src/auth/session/session.schema.js.map +0 -1
  138. package/src/auth/session/session.service.js +0 -105
  139. package/src/auth/session/session.service.js.map +0 -1
  140. package/src/auth/session/session.transport.js +0 -20
  141. package/src/auth/session/session.transport.js.map +0 -1
  142. package/src/auth/session/session.types.js +0 -4
  143. package/src/auth/session/session.types.js.map +0 -1
  144. package/src/auth/session/token.refresh.js +0 -63
  145. package/src/auth/session/token.refresh.js.map +0 -1
  146. package/src/auth/session/token.store.js +0 -53
  147. package/src/auth/session/token.store.js.map +0 -1
  148. package/src/auth/session/token.vault.js +0 -54
  149. package/src/auth/session/token.vault.js.map +0 -1
  150. package/src/auth/session/transport-session.manager.js +0 -298
  151. package/src/auth/session/transport-session.manager.js.map +0 -1
  152. package/src/auth/session/transport-session.types.js +0 -111
  153. package/src/auth/session/transport-session.types.js.map +0 -1
  154. package/src/auth/session/utils/auth-token.utils.js +0 -57
  155. package/src/auth/session/utils/auth-token.utils.js.map +0 -1
  156. package/src/auth/session/utils/session-id.utils.js +0 -217
  157. package/src/auth/session/utils/session-id.utils.js.map +0 -1
  158. package/src/auth/session/utils/tiny-ttl-cache.js +0 -26
  159. package/src/auth/session/utils/tiny-ttl-cache.js.map +0 -1
  160. package/src/auth/session/vault-encryption.js +0 -263
  161. package/src/auth/session/vault-encryption.js.map +0 -1
  162. package/src/auth/session/vercel-kv-session.store.js +0 -216
  163. package/src/auth/session/vercel-kv-session.store.js.map +0 -1
  164. package/src/auth/ui/base-layout.js +0 -279
  165. package/src/auth/ui/base-layout.js.map +0 -1
  166. package/src/auth/ui/index.js +0 -34
  167. package/src/auth/ui/index.js.map +0 -1
  168. package/src/auth/ui/templates.js +0 -426
  169. package/src/auth/ui/templates.js.map +0 -1
  170. package/src/auth/utils/audience.validator.js +0 -196
  171. package/src/auth/utils/audience.validator.js.map +0 -1
  172. package/src/auth/utils/index.js +0 -7
  173. package/src/auth/utils/index.js.map +0 -1
  174. package/src/auth/utils/www-authenticate.utils.js +0 -183
  175. package/src/auth/utils/www-authenticate.utils.js.map +0 -1
  176. package/src/common/common.schema.js +0 -35
  177. package/src/common/common.schema.js.map +0 -1
  178. package/src/common/constants.js +0 -13
  179. package/src/common/constants.js.map +0 -1
  180. package/src/common/decorators/adapter.decorator.js +0 -20
  181. package/src/common/decorators/adapter.decorator.js.map +0 -1
  182. package/src/common/decorators/app.decorator.js +0 -44
  183. package/src/common/decorators/app.decorator.js.map +0 -1
  184. package/src/common/decorators/auth-provider.decorator.js +0 -20
  185. package/src/common/decorators/auth-provider.decorator.js.map +0 -1
  186. package/src/common/decorators/decorator-utils.js +0 -195
  187. package/src/common/decorators/decorator-utils.js.map +0 -1
  188. package/src/common/decorators/flow.decorator.js +0 -19
  189. package/src/common/decorators/flow.decorator.js.map +0 -1
  190. package/src/common/decorators/front-mcp.decorator.js +0 -64
  191. package/src/common/decorators/front-mcp.decorator.js.map +0 -1
  192. package/src/common/decorators/hook.decorator.js +0 -178
  193. package/src/common/decorators/hook.decorator.js.map +0 -1
  194. package/src/common/decorators/index.js +0 -16
  195. package/src/common/decorators/index.js.map +0 -1
  196. package/src/common/decorators/logger.decorator.js +0 -20
  197. package/src/common/decorators/logger.decorator.js.map +0 -1
  198. package/src/common/decorators/plugin.decorator.js +0 -39
  199. package/src/common/decorators/plugin.decorator.js.map +0 -1
  200. package/src/common/decorators/prompt.decorator.js +0 -38
  201. package/src/common/decorators/prompt.decorator.js.map +0 -1
  202. package/src/common/decorators/provider.decorator.js +0 -20
  203. package/src/common/decorators/provider.decorator.js.map +0 -1
  204. package/src/common/decorators/resource.decorator.js +0 -94
  205. package/src/common/decorators/resource.decorator.js.map +0 -1
  206. package/src/common/decorators/tool.decorator.js +0 -45
  207. package/src/common/decorators/tool.decorator.js.map +0 -1
  208. package/src/common/dynamic/dynamic.adapter.js +0 -28
  209. package/src/common/dynamic/dynamic.adapter.js.map +0 -1
  210. package/src/common/dynamic/dynamic.plugin.js +0 -42
  211. package/src/common/dynamic/dynamic.plugin.js.map +0 -1
  212. package/src/common/dynamic/dynamic.utils.js +0 -27
  213. package/src/common/dynamic/dynamic.utils.js.map +0 -1
  214. package/src/common/dynamic/index.js +0 -6
  215. package/src/common/dynamic/index.js.map +0 -1
  216. package/src/common/entries/adapter.entry.js +0 -8
  217. package/src/common/entries/adapter.entry.js.map +0 -1
  218. package/src/common/entries/app.entry.js +0 -9
  219. package/src/common/entries/app.entry.js.map +0 -1
  220. package/src/common/entries/auth-provider.entry.js +0 -8
  221. package/src/common/entries/auth-provider.entry.js.map +0 -1
  222. package/src/common/entries/base.entry.js +0 -17
  223. package/src/common/entries/base.entry.js.map +0 -1
  224. package/src/common/entries/flow.entry.js +0 -21
  225. package/src/common/entries/flow.entry.js.map +0 -1
  226. package/src/common/entries/hook.entry.js +0 -20
  227. package/src/common/entries/hook.entry.js.map +0 -1
  228. package/src/common/entries/index.js +0 -17
  229. package/src/common/entries/index.js.map +0 -1
  230. package/src/common/entries/logger.entry.js +0 -8
  231. package/src/common/entries/logger.entry.js.map +0 -1
  232. package/src/common/entries/plugin.entry.js +0 -8
  233. package/src/common/entries/plugin.entry.js.map +0 -1
  234. package/src/common/entries/prompt.entry.js +0 -18
  235. package/src/common/entries/prompt.entry.js.map +0 -1
  236. package/src/common/entries/provider.entry.js +0 -8
  237. package/src/common/entries/provider.entry.js.map +0 -1
  238. package/src/common/entries/resource.entry.js +0 -35
  239. package/src/common/entries/resource.entry.js.map +0 -1
  240. package/src/common/entries/scope.entry.js +0 -14
  241. package/src/common/entries/scope.entry.js.map +0 -1
  242. package/src/common/entries/tool.entry.js +0 -31
  243. package/src/common/entries/tool.entry.js.map +0 -1
  244. package/src/common/flow/flow.utils.js +0 -96
  245. package/src/common/flow/flow.utils.js.map +0 -1
  246. package/src/common/index.js +0 -20
  247. package/src/common/index.js.map +0 -1
  248. package/src/common/interfaces/adapter.interface.js +0 -3
  249. package/src/common/interfaces/adapter.interface.js.map +0 -1
  250. package/src/common/interfaces/app.interface.js +0 -3
  251. package/src/common/interfaces/app.interface.js.map +0 -1
  252. package/src/common/interfaces/auth-hook.interface.js +0 -135
  253. package/src/common/interfaces/auth-hook.interface.js.map +0 -1
  254. package/src/common/interfaces/auth-provider.interface.js +0 -18
  255. package/src/common/interfaces/auth-provider.interface.js.map +0 -1
  256. package/src/common/interfaces/base.interface.js +0 -3
  257. package/src/common/interfaces/base.interface.js.map +0 -1
  258. package/src/common/interfaces/execution-context.interface.js +0 -166
  259. package/src/common/interfaces/execution-context.interface.js.map +0 -1
  260. package/src/common/interfaces/flow.interface.js +0 -95
  261. package/src/common/interfaces/flow.interface.js.map +0 -1
  262. package/src/common/interfaces/front-mcp.interface.js +0 -3
  263. package/src/common/interfaces/front-mcp.interface.js.map +0 -1
  264. package/src/common/interfaces/hook.interface.js +0 -3
  265. package/src/common/interfaces/hook.interface.js.map +0 -1
  266. package/src/common/interfaces/index.js +0 -21
  267. package/src/common/interfaces/index.js.map +0 -1
  268. package/src/common/interfaces/internal/flow.utils.js +0 -83
  269. package/src/common/interfaces/internal/flow.utils.js.map +0 -1
  270. package/src/common/interfaces/internal/index.js +0 -7
  271. package/src/common/interfaces/internal/index.js.map +0 -1
  272. package/src/common/interfaces/internal/primary-auth-provider.interface.js +0 -81
  273. package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
  274. package/src/common/interfaces/internal/registry.interface.js +0 -3
  275. package/src/common/interfaces/internal/registry.interface.js.map +0 -1
  276. package/src/common/interfaces/logger.interface.js +0 -10
  277. package/src/common/interfaces/logger.interface.js.map +0 -1
  278. package/src/common/interfaces/plugin.interface.js +0 -3
  279. package/src/common/interfaces/plugin.interface.js.map +0 -1
  280. package/src/common/interfaces/prompt.interface.js +0 -81
  281. package/src/common/interfaces/prompt.interface.js.map +0 -1
  282. package/src/common/interfaces/provider.interface.js +0 -18
  283. package/src/common/interfaces/provider.interface.js.map +0 -1
  284. package/src/common/interfaces/resource.interface.js +0 -56
  285. package/src/common/interfaces/resource.interface.js.map +0 -1
  286. package/src/common/interfaces/scope.interface.js +0 -3
  287. package/src/common/interfaces/scope.interface.js.map +0 -1
  288. package/src/common/interfaces/server.interface.js +0 -18
  289. package/src/common/interfaces/server.interface.js.map +0 -1
  290. package/src/common/interfaces/session-hook.interface.js +0 -140
  291. package/src/common/interfaces/session-hook.interface.js.map +0 -1
  292. package/src/common/interfaces/tool-hook.interface.js +0 -92
  293. package/src/common/interfaces/tool-hook.interface.js.map +0 -1
  294. package/src/common/interfaces/tool.interface.js +0 -117
  295. package/src/common/interfaces/tool.interface.js.map +0 -1
  296. package/src/common/metadata/adapter.metadata.js +0 -10
  297. package/src/common/metadata/adapter.metadata.js.map +0 -1
  298. package/src/common/metadata/app.metadata.js +0 -30
  299. package/src/common/metadata/app.metadata.js.map +0 -1
  300. package/src/common/metadata/auth-provider.metadata.js +0 -19
  301. package/src/common/metadata/auth-provider.metadata.js.map +0 -1
  302. package/src/common/metadata/flow.metadata.js +0 -15
  303. package/src/common/metadata/flow.metadata.js.map +0 -1
  304. package/src/common/metadata/front-mcp.metadata.js +0 -30
  305. package/src/common/metadata/front-mcp.metadata.js.map +0 -1
  306. package/src/common/metadata/hook.metadata.js +0 -3
  307. package/src/common/metadata/hook.metadata.js.map +0 -1
  308. package/src/common/metadata/index.js +0 -17
  309. package/src/common/metadata/index.js.map +0 -1
  310. package/src/common/metadata/logger.metadata.js +0 -10
  311. package/src/common/metadata/logger.metadata.js.map +0 -1
  312. package/src/common/metadata/plugin.metadata.js +0 -18
  313. package/src/common/metadata/plugin.metadata.js.map +0 -1
  314. package/src/common/metadata/prompt.metadata.js +0 -27
  315. package/src/common/metadata/prompt.metadata.js.map +0 -1
  316. package/src/common/metadata/provider.metadata.js +0 -36
  317. package/src/common/metadata/provider.metadata.js.map +0 -1
  318. package/src/common/metadata/resource.metadata.js +0 -31
  319. package/src/common/metadata/resource.metadata.js.map +0 -1
  320. package/src/common/metadata/tool-ui.metadata.js +0 -12
  321. package/src/common/metadata/tool-ui.metadata.js.map +0 -1
  322. package/src/common/metadata/tool.metadata.js +0 -55
  323. package/src/common/metadata/tool.metadata.js.map +0 -1
  324. package/src/common/migrate/auth-transport.migrate.js +0 -140
  325. package/src/common/migrate/auth-transport.migrate.js.map +0 -1
  326. package/src/common/migrate/index.js +0 -6
  327. package/src/common/migrate/index.js.map +0 -1
  328. package/src/common/providers/base-config.provider.js +0 -128
  329. package/src/common/providers/base-config.provider.js.map +0 -1
  330. package/src/common/records/adapter.record.js +0 -11
  331. package/src/common/records/adapter.record.js.map +0 -1
  332. package/src/common/records/app.record.js +0 -9
  333. package/src/common/records/app.record.js.map +0 -1
  334. package/src/common/records/auth-provider.record.js +0 -12
  335. package/src/common/records/auth-provider.record.js.map +0 -1
  336. package/src/common/records/flow.record.js +0 -8
  337. package/src/common/records/flow.record.js.map +0 -1
  338. package/src/common/records/hook.record.js +0 -8
  339. package/src/common/records/hook.record.js.map +0 -1
  340. package/src/common/records/index.js +0 -16
  341. package/src/common/records/index.js.map +0 -1
  342. package/src/common/records/logger.record.js +0 -8
  343. package/src/common/records/logger.record.js.map +0 -1
  344. package/src/common/records/plugin.record.js +0 -11
  345. package/src/common/records/plugin.record.js.map +0 -1
  346. package/src/common/records/prompt.record.js +0 -9
  347. package/src/common/records/prompt.record.js.map +0 -1
  348. package/src/common/records/provider.record.js +0 -14
  349. package/src/common/records/provider.record.js.map +0 -1
  350. package/src/common/records/resource.record.js +0 -20
  351. package/src/common/records/resource.record.js.map +0 -1
  352. package/src/common/records/scope.record.js +0 -9
  353. package/src/common/records/scope.record.js.map +0 -1
  354. package/src/common/records/tool.record.js +0 -9
  355. package/src/common/records/tool.record.js.map +0 -1
  356. package/src/common/schemas/annotated-class.schema.js +0 -109
  357. package/src/common/schemas/annotated-class.schema.js.map +0 -1
  358. package/src/common/schemas/http-input.schema.js +0 -13
  359. package/src/common/schemas/http-input.schema.js.map +0 -1
  360. package/src/common/schemas/http-output.schema.js +0 -321
  361. package/src/common/schemas/http-output.schema.js.map +0 -1
  362. package/src/common/schemas/index.js +0 -8
  363. package/src/common/schemas/index.js.map +0 -1
  364. package/src/common/schemas/session-header.schema.js +0 -42
  365. package/src/common/schemas/session-header.schema.js.map +0 -1
  366. package/src/common/tokens/adapter.tokens.js +0 -11
  367. package/src/common/tokens/adapter.tokens.js.map +0 -1
  368. package/src/common/tokens/app.tokens.js +0 -30
  369. package/src/common/tokens/app.tokens.js.map +0 -1
  370. package/src/common/tokens/auth-provider.tokens.js +0 -12
  371. package/src/common/tokens/auth-provider.tokens.js.map +0 -1
  372. package/src/common/tokens/base.tokens.js +0 -9
  373. package/src/common/tokens/base.tokens.js.map +0 -1
  374. package/src/common/tokens/flow-hook.tokens.js +0 -9
  375. package/src/common/tokens/flow-hook.tokens.js.map +0 -1
  376. package/src/common/tokens/flow.tokens.js +0 -16
  377. package/src/common/tokens/flow.tokens.js.map +0 -1
  378. package/src/common/tokens/front-mcp.tokens.js +0 -25
  379. package/src/common/tokens/front-mcp.tokens.js.map +0 -1
  380. package/src/common/tokens/index.js +0 -17
  381. package/src/common/tokens/index.js.map +0 -1
  382. package/src/common/tokens/logger.tokens.js +0 -11
  383. package/src/common/tokens/logger.tokens.js.map +0 -1
  384. package/src/common/tokens/plugin.tokens.js +0 -18
  385. package/src/common/tokens/plugin.tokens.js.map +0 -1
  386. package/src/common/tokens/prompt.tokens.js +0 -14
  387. package/src/common/tokens/prompt.tokens.js.map +0 -1
  388. package/src/common/tokens/provider.tokens.js +0 -12
  389. package/src/common/tokens/provider.tokens.js.map +0 -1
  390. package/src/common/tokens/resource.tokens.js +0 -28
  391. package/src/common/tokens/resource.tokens.js.map +0 -1
  392. package/src/common/tokens/server.tokens.js +0 -11
  393. package/src/common/tokens/server.tokens.js.map +0 -1
  394. package/src/common/tokens/tool.tokens.js +0 -21
  395. package/src/common/tokens/tool.tokens.js.map +0 -1
  396. package/src/common/types/auth/index.js +0 -6
  397. package/src/common/types/auth/index.js.map +0 -1
  398. package/src/common/types/auth/jwt.types.js +0 -36
  399. package/src/common/types/auth/jwt.types.js.map +0 -1
  400. package/src/common/types/auth/session.types.js +0 -53
  401. package/src/common/types/auth/session.types.js.map +0 -1
  402. package/src/common/types/common.types.js +0 -3
  403. package/src/common/types/common.types.js.map +0 -1
  404. package/src/common/types/index.js +0 -7
  405. package/src/common/types/index.js.map +0 -1
  406. package/src/common/types/options/auth.options.d.ts +0 -1266
  407. package/src/common/types/options/auth.options.js +0 -560
  408. package/src/common/types/options/auth.options.js.map +0 -1
  409. package/src/common/types/options/http.options.js +0 -10
  410. package/src/common/types/options/http.options.js.map +0 -1
  411. package/src/common/types/options/index.js +0 -11
  412. package/src/common/types/options/index.js.map +0 -1
  413. package/src/common/types/options/logging.options.js +0 -33
  414. package/src/common/types/options/logging.options.js.map +0 -1
  415. package/src/common/types/options/redis.options.js +0 -191
  416. package/src/common/types/options/redis.options.js.map +0 -1
  417. package/src/common/types/options/server-info.options.js +0 -13
  418. package/src/common/types/options/server-info.options.js.map +0 -1
  419. package/src/common/types/options/session.options.js +0 -32
  420. package/src/common/types/options/session.options.js.map +0 -1
  421. package/src/common/types/options/transport.options.js +0 -121
  422. package/src/common/types/options/transport.options.js.map +0 -1
  423. package/src/common/utils/decide-request-intent.utils.js +0 -391
  424. package/src/common/utils/decide-request-intent.utils.js.map +0 -1
  425. package/src/common/utils/global-config.utils.js +0 -44
  426. package/src/common/utils/global-config.utils.js.map +0 -1
  427. package/src/common/utils/index.js +0 -7
  428. package/src/common/utils/index.js.map +0 -1
  429. package/src/common/utils/path.utils.js +0 -66
  430. package/src/common/utils/path.utils.js.map +0 -1
  431. package/src/completion/flows/complete.flow.js +0 -199
  432. package/src/completion/flows/complete.flow.js.map +0 -1
  433. package/src/context/frontmcp-context-storage.js +0 -183
  434. package/src/context/frontmcp-context-storage.js.map +0 -1
  435. package/src/context/frontmcp-context.js +0 -360
  436. package/src/context/frontmcp-context.js.map +0 -1
  437. package/src/context/frontmcp-context.provider.js +0 -61
  438. package/src/context/frontmcp-context.provider.js.map +0 -1
  439. package/src/context/index.js +0 -64
  440. package/src/context/index.js.map +0 -1
  441. package/src/context/request-context-storage.js +0 -183
  442. package/src/context/request-context-storage.js.map +0 -1
  443. package/src/context/request-context.js +0 -209
  444. package/src/context/request-context.js.map +0 -1
  445. package/src/context/request-context.provider.js +0 -51
  446. package/src/context/request-context.provider.js.map +0 -1
  447. package/src/context/session-key.provider.js +0 -65
  448. package/src/context/session-key.provider.js.map +0 -1
  449. package/src/context/trace-context.js +0 -142
  450. package/src/context/trace-context.js.map +0 -1
  451. package/src/errors/authorization-required.error.js +0 -274
  452. package/src/errors/authorization-required.error.js.map +0 -1
  453. package/src/errors/error-handler.js +0 -107
  454. package/src/errors/error-handler.js.map +0 -1
  455. package/src/errors/index.js +0 -45
  456. package/src/errors/index.js.map +0 -1
  457. package/src/errors/mcp.error.js +0 -416
  458. package/src/errors/mcp.error.js.map +0 -1
  459. package/src/exceptions/mcp-exceptions/session-missing.exception.js +0 -11
  460. package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +0 -1
  461. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +0 -15
  462. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +0 -1
  463. package/src/flows/flow.instance.js +0 -420
  464. package/src/flows/flow.instance.js.map +0 -1
  465. package/src/flows/flow.registry.js +0 -121
  466. package/src/flows/flow.registry.js.map +0 -1
  467. package/src/flows/flow.stages.js +0 -113
  468. package/src/flows/flow.stages.js.map +0 -1
  469. package/src/flows/flow.utils.js +0 -36
  470. package/src/flows/flow.utils.js.map +0 -1
  471. package/src/front-mcp/front-mcp.js +0 -63
  472. package/src/front-mcp/front-mcp.js.map +0 -1
  473. package/src/front-mcp/front-mcp.providers.js +0 -29
  474. package/src/front-mcp/front-mcp.providers.js.map +0 -1
  475. package/src/front-mcp/front-mcp.tokens.js +0 -5
  476. package/src/front-mcp/front-mcp.tokens.js.map +0 -1
  477. package/src/front-mcp/index.js +0 -8
  478. package/src/front-mcp/index.js.map +0 -1
  479. package/src/front-mcp/serverless-handler.js +0 -61
  480. package/src/front-mcp/serverless-handler.js.map +0 -1
  481. package/src/hooks/hook.instance.js +0 -26
  482. package/src/hooks/hook.instance.js.map +0 -1
  483. package/src/hooks/hook.registry.js +0 -152
  484. package/src/hooks/hook.registry.js.map +0 -1
  485. package/src/hooks/hooks.utils.js +0 -34
  486. package/src/hooks/hooks.utils.js.map +0 -1
  487. package/src/index.js +0 -37
  488. package/src/index.js.map +0 -1
  489. package/src/logger/instances/instance.console-logger.js +0 -75
  490. package/src/logger/instances/instance.console-logger.js.map +0 -1
  491. package/src/logger/instances/instance.logger.js +0 -77
  492. package/src/logger/instances/instance.logger.js.map +0 -1
  493. package/src/logger/logger.registry.js +0 -96
  494. package/src/logger/logger.registry.js.map +0 -1
  495. package/src/logger/logger.tokens.js +0 -3
  496. package/src/logger/logger.tokens.js.map +0 -1
  497. package/src/logger/logger.types.js +0 -8
  498. package/src/logger/logger.types.js.map +0 -1
  499. package/src/logger/logger.utils.js +0 -42
  500. package/src/logger/logger.utils.js.map +0 -1
  501. package/src/logging/flows/set-level.flow.js +0 -108
  502. package/src/logging/flows/set-level.flow.js.map +0 -1
  503. package/src/mcp-apps/csp.js +0 -267
  504. package/src/mcp-apps/csp.js.map +0 -1
  505. package/src/mcp-apps/index.js +0 -91
  506. package/src/mcp-apps/index.js.map +0 -1
  507. package/src/mcp-apps/schemas.js +0 -345
  508. package/src/mcp-apps/schemas.js.map +0 -1
  509. package/src/mcp-apps/template.js +0 -419
  510. package/src/mcp-apps/template.js.map +0 -1
  511. package/src/mcp-apps/types.js +0 -59
  512. package/src/mcp-apps/types.js.map +0 -1
  513. package/src/notification/index.js +0 -13
  514. package/src/notification/index.js.map +0 -1
  515. package/src/notification/notification.service.js +0 -731
  516. package/src/notification/notification.service.js.map +0 -1
  517. package/src/plugin/plugin.registry.js +0 -152
  518. package/src/plugin/plugin.registry.js.map +0 -1
  519. package/src/plugin/plugin.utils.js +0 -88
  520. package/src/plugin/plugin.utils.js.map +0 -1
  521. package/src/prompt/flows/get-prompt.flow.js +0 -214
  522. package/src/prompt/flows/get-prompt.flow.js.map +0 -1
  523. package/src/prompt/flows/prompts-list.flow.js +0 -176
  524. package/src/prompt/flows/prompts-list.flow.js.map +0 -1
  525. package/src/prompt/index.js +0 -17
  526. package/src/prompt/index.js.map +0 -1
  527. package/src/prompt/prompt.events.js +0 -25
  528. package/src/prompt/prompt.events.js.map +0 -1
  529. package/src/prompt/prompt.instance.js +0 -120
  530. package/src/prompt/prompt.instance.js.map +0 -1
  531. package/src/prompt/prompt.registry.js +0 -380
  532. package/src/prompt/prompt.registry.js.map +0 -1
  533. package/src/prompt/prompt.types.js +0 -11
  534. package/src/prompt/prompt.types.js.map +0 -1
  535. package/src/prompt/prompt.utils.js +0 -136
  536. package/src/prompt/prompt.utils.js.map +0 -1
  537. package/src/provider/provider.registry.js +0 -868
  538. package/src/provider/provider.registry.js.map +0 -1
  539. package/src/provider/provider.types.js +0 -3
  540. package/src/provider/provider.types.js.map +0 -1
  541. package/src/provider/provider.utils.js +0 -103
  542. package/src/provider/provider.utils.js.map +0 -1
  543. package/src/regsitry/index.js +0 -5
  544. package/src/regsitry/index.js.map +0 -1
  545. package/src/regsitry/registry.base.js +0 -32
  546. package/src/regsitry/registry.base.js.map +0 -1
  547. package/src/resource/flows/read-resource.flow.js +0 -270
  548. package/src/resource/flows/read-resource.flow.js.map +0 -1
  549. package/src/resource/flows/resource-templates-list.flow.js +0 -191
  550. package/src/resource/flows/resource-templates-list.flow.js.map +0 -1
  551. package/src/resource/flows/resources-list.flow.js +0 -196
  552. package/src/resource/flows/resources-list.flow.js.map +0 -1
  553. package/src/resource/flows/subscribe-resource.flow.js +0 -123
  554. package/src/resource/flows/subscribe-resource.flow.js.map +0 -1
  555. package/src/resource/flows/unsubscribe-resource.flow.js +0 -107
  556. package/src/resource/flows/unsubscribe-resource.flow.js.map +0 -1
  557. package/src/resource/index.js +0 -20
  558. package/src/resource/index.js.map +0 -1
  559. package/src/resource/resource.events.js +0 -17
  560. package/src/resource/resource.events.js.map +0 -1
  561. package/src/resource/resource.instance.js +0 -163
  562. package/src/resource/resource.instance.js.map +0 -1
  563. package/src/resource/resource.registry.js +0 -468
  564. package/src/resource/resource.registry.js.map +0 -1
  565. package/src/resource/resource.types.js +0 -11
  566. package/src/resource/resource.types.js.map +0 -1
  567. package/src/resource/resource.utils.js +0 -151
  568. package/src/resource/resource.utils.js.map +0 -1
  569. package/src/scope/flows/http.request.flow.js +0 -474
  570. package/src/scope/flows/http.request.flow.js.map +0 -1
  571. package/src/scope/index.js +0 -6
  572. package/src/scope/index.js.map +0 -1
  573. package/src/scope/scope.instance.js +0 -263
  574. package/src/scope/scope.instance.js.map +0 -1
  575. package/src/scope/scope.registry.js +0 -94
  576. package/src/scope/scope.registry.js.map +0 -1
  577. package/src/scope/scope.utils.js +0 -61
  578. package/src/scope/scope.utils.js.map +0 -1
  579. package/src/server/adapters/base.host.adapter.js +0 -8
  580. package/src/server/adapters/base.host.adapter.js.map +0 -1
  581. package/src/server/adapters/express.host.adapter.js +0 -70
  582. package/src/server/adapters/express.host.adapter.js.map +0 -1
  583. package/src/server/server.instance.js +0 -54
  584. package/src/server/server.instance.js.map +0 -1
  585. package/src/server/server.types.js +0 -3
  586. package/src/server/server.types.js.map +0 -1
  587. package/src/server/server.validation.js +0 -192
  588. package/src/server/server.validation.js.map +0 -1
  589. package/src/store/adapters/store.base.adapter.js +0 -16
  590. package/src/store/adapters/store.base.adapter.js.map +0 -1
  591. package/src/store/adapters/store.memory.adapter.js +0 -89
  592. package/src/store/adapters/store.memory.adapter.js.map +0 -1
  593. package/src/store/adapters/store.redis.adapter.js +0 -104
  594. package/src/store/adapters/store.redis.adapter.js.map +0 -1
  595. package/src/store/adapters/store.vercel-kv.adapter.js +0 -155
  596. package/src/store/adapters/store.vercel-kv.adapter.js.map +0 -1
  597. package/src/store/index.js +0 -14
  598. package/src/store/index.js.map +0 -1
  599. package/src/store/store.factory.js +0 -194
  600. package/src/store/store.factory.js.map +0 -1
  601. package/src/store/store.helpers.js +0 -67
  602. package/src/store/store.helpers.js.map +0 -1
  603. package/src/store/store.registry.js +0 -37
  604. package/src/store/store.registry.js.map +0 -1
  605. package/src/store/store.tokens.js +0 -7
  606. package/src/store/store.tokens.js.map +0 -1
  607. package/src/store/store.types.js +0 -11
  608. package/src/store/store.types.js.map +0 -1
  609. package/src/store/store.utils.js +0 -18
  610. package/src/store/store.utils.js.map +0 -1
  611. package/src/tool/flows/call-tool.flow.js +0 -616
  612. package/src/tool/flows/call-tool.flow.js.map +0 -1
  613. package/src/tool/flows/tools-list.flow.js +0 -328
  614. package/src/tool/flows/tools-list.flow.js.map +0 -1
  615. package/src/tool/tool.events.js +0 -16
  616. package/src/tool/tool.events.js.map +0 -1
  617. package/src/tool/tool.instance.js +0 -117
  618. package/src/tool/tool.instance.js.map +0 -1
  619. package/src/tool/tool.registry.js +0 -353
  620. package/src/tool/tool.registry.js.map +0 -1
  621. package/src/tool/tool.types.js +0 -10
  622. package/src/tool/tool.types.js.map +0 -1
  623. package/src/tool/tool.utils.js +0 -366
  624. package/src/tool/tool.utils.js.map +0 -1
  625. package/src/tool/ui/index.js +0 -63
  626. package/src/tool/ui/index.js.map +0 -1
  627. package/src/tool/ui/platform-adapters.js +0 -18
  628. package/src/tool/ui/platform-adapters.js.map +0 -1
  629. package/src/tool/ui/template-helpers.js +0 -95
  630. package/src/tool/ui/template-helpers.js.map +0 -1
  631. package/src/tool/ui/ui-resource-template.js +0 -64
  632. package/src/tool/ui/ui-resource-template.js.map +0 -1
  633. package/src/tool/ui/ui-resource.handler.js +0 -129
  634. package/src/tool/ui/ui-resource.handler.js.map +0 -1
  635. package/src/transport/adapters/transport.local.adapter.js +0 -148
  636. package/src/transport/adapters/transport.local.adapter.js.map +0 -1
  637. package/src/transport/adapters/transport.sse.adapter.js +0 -65
  638. package/src/transport/adapters/transport.sse.adapter.js.map +0 -1
  639. package/src/transport/adapters/transport.streamable-http.adapter.js +0 -112
  640. package/src/transport/adapters/transport.streamable-http.adapter.js.map +0 -1
  641. package/src/transport/flows/handle.sse.flow.js +0 -197
  642. package/src/transport/flows/handle.sse.flow.js.map +0 -1
  643. package/src/transport/flows/handle.stateless-http.flow.js +0 -102
  644. package/src/transport/flows/handle.stateless-http.flow.js.map +0 -1
  645. package/src/transport/flows/handle.streamable-http.flow.js +0 -315
  646. package/src/transport/flows/handle.streamable-http.flow.js.map +0 -1
  647. package/src/transport/legacy/legacy.sse.tranporter.js +0 -185
  648. package/src/transport/legacy/legacy.sse.tranporter.js.map +0 -1
  649. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +0 -14
  650. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +0 -1
  651. package/src/transport/mcp-handlers/call-tool-request.handler.js +0 -46
  652. package/src/transport/mcp-handlers/call-tool-request.handler.js.map +0 -1
  653. package/src/transport/mcp-handlers/complete-request.handler.js +0 -11
  654. package/src/transport/mcp-handlers/complete-request.handler.js.map +0 -1
  655. package/src/transport/mcp-handlers/get-prompt-request.handler.js +0 -11
  656. package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +0 -1
  657. package/src/transport/mcp-handlers/index.js +0 -57
  658. package/src/transport/mcp-handlers/index.js.map +0 -1
  659. package/src/transport/mcp-handlers/initialize-request.handler.js +0 -109
  660. package/src/transport/mcp-handlers/initialize-request.handler.js.map +0 -1
  661. package/src/transport/mcp-handlers/list-prompts-request.handler.js +0 -11
  662. package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +0 -1
  663. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +0 -12
  664. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +0 -1
  665. package/src/transport/mcp-handlers/list-resources-request.handler.js +0 -12
  666. package/src/transport/mcp-handlers/list-resources-request.handler.js.map +0 -1
  667. package/src/transport/mcp-handlers/list-tools-request.handler.js +0 -11
  668. package/src/transport/mcp-handlers/list-tools-request.handler.js.map +0 -1
  669. package/src/transport/mcp-handlers/logging-set-level-request.handler.js +0 -34
  670. package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +0 -1
  671. package/src/transport/mcp-handlers/mcp-handlers.types.js +0 -3
  672. package/src/transport/mcp-handlers/mcp-handlers.types.js.map +0 -1
  673. package/src/transport/mcp-handlers/read-resource-request.handler.js +0 -12
  674. package/src/transport/mcp-handlers/read-resource-request.handler.js.map +0 -1
  675. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +0 -26
  676. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +0 -1
  677. package/src/transport/mcp-handlers/subscribe-request.handler.js +0 -34
  678. package/src/transport/mcp-handlers/subscribe-request.handler.js.map +0 -1
  679. package/src/transport/mcp-handlers/unsubscribe-request.handler.js +0 -34
  680. package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +0 -1
  681. package/src/transport/transport.error.js +0 -25
  682. package/src/transport/transport.error.js.map +0 -1
  683. package/src/transport/transport.event-store.js +0 -36
  684. package/src/transport/transport.event-store.js.map +0 -1
  685. package/src/transport/transport.local.js +0 -71
  686. package/src/transport/transport.local.js.map +0 -1
  687. package/src/transport/transport.registry.js +0 -552
  688. package/src/transport/transport.registry.js.map +0 -1
  689. package/src/transport/transport.remote.js +0 -31
  690. package/src/transport/transport.remote.js.map +0 -1
  691. package/src/transport/transport.types.js +0 -3
  692. package/src/transport/transport.types.js.map +0 -1
  693. package/src/types/drinen-hooks.types.js +0 -3
  694. package/src/types/drinen-hooks.types.js.map +0 -1
  695. package/src/types/invoke.type.js +0 -34
  696. package/src/types/invoke.type.js.map +0 -1
  697. package/src/types/token.types.js +0 -3
  698. package/src/types/token.types.js.map +0 -1
  699. package/src/utils/content.utils.js +0 -194
  700. package/src/utils/content.utils.js.map +0 -1
  701. package/src/utils/index.js +0 -55
  702. package/src/utils/index.js.map +0 -1
  703. package/src/utils/lineage.utils.js +0 -82
  704. package/src/utils/lineage.utils.js.map +0 -1
  705. package/src/utils/metadata.utils.js +0 -26
  706. package/src/utils/metadata.utils.js.map +0 -1
  707. package/src/utils/naming.utils.js +0 -136
  708. package/src/utils/naming.utils.js.map +0 -1
  709. package/src/utils/server.utils.js +0 -59
  710. package/src/utils/server.utils.js.map +0 -1
  711. package/src/utils/string.utils.js +0 -10
  712. package/src/utils/string.utils.js.map +0 -1
  713. package/src/utils/token.utils.js +0 -65
  714. package/src/utils/token.utils.js.map +0 -1
  715. package/src/utils/types.utils.js +0 -3
  716. package/src/utils/types.utils.js.map +0 -1
  717. package/src/utils/uri-template.utils.js +0 -113
  718. package/src/utils/uri-template.utils.js.map +0 -1
  719. package/src/utils/uri-validation.utils.js +0 -76
  720. package/src/utils/uri-validation.utils.js.map +0 -1
  721. package/{src/adapter → adapter}/adapter.instance.d.ts +0 -0
  722. package/{src/adapter → adapter}/adapter.regsitry.d.ts +0 -0
  723. package/{src/adapter → adapter}/adapter.utils.d.ts +0 -0
  724. package/{src/app → app}/app.registry.d.ts +0 -0
  725. package/{src/app → app}/app.utils.d.ts +0 -0
  726. package/{src/app → app}/instances/app.local.instance.d.ts +0 -0
  727. package/{src/app → app}/instances/app.remote.instance.d.ts +0 -0
  728. package/{src/app → app}/instances/index.d.ts +0 -0
  729. package/{src/auth → auth}/auth.registry.d.ts +0 -0
  730. package/{src/auth → auth}/auth.utils.d.ts +0 -0
  731. package/{src/auth → auth}/authorization/authorization.class.d.ts +0 -0
  732. package/{src/auth → auth}/authorization/authorization.types.d.ts +0 -0
  733. package/{src/auth → auth}/authorization/index.d.ts +0 -0
  734. package/{src/auth → auth}/authorization/orchestrated.authorization.d.ts +0 -0
  735. package/{src/auth → auth}/authorization/public.authorization.d.ts +0 -0
  736. package/{src/auth → auth}/authorization/transparent.authorization.d.ts +0 -0
  737. package/{src/auth → auth}/consent/consent.types.d.ts +0 -0
  738. package/{src/auth → auth}/consent/index.d.ts +0 -0
  739. package/{src/auth → auth}/detection/auth-provider-detection.d.ts +0 -0
  740. package/{src/auth → auth}/detection/index.d.ts +0 -0
  741. package/{src/auth → auth}/flows/auth.verify.flow.d.ts +0 -0
  742. package/{src/auth → auth}/flows/oauth.authorize.flow.d.ts +0 -0
  743. package/{src/auth → auth}/flows/oauth.callback.flow.d.ts +0 -0
  744. package/{src/auth → auth}/flows/oauth.register.flow.d.ts +0 -0
  745. package/{src/auth → auth}/flows/oauth.token.flow.d.ts +0 -0
  746. package/{src/auth → auth}/flows/session.verify.flow.d.ts +0 -0
  747. package/{src/auth → auth}/flows/well-known.jwks.flow.d.ts +0 -0
  748. package/{src/auth → auth}/flows/well-known.oauth-authorization-server.flow.d.ts +0 -0
  749. package/{src/auth → auth}/flows/well-known.prm.flow.d.ts +0 -0
  750. package/{src/auth → auth}/jwks/dev-key-persistence.d.ts +0 -0
  751. package/{src/auth → auth}/jwks/index.d.ts +0 -0
  752. package/{src/auth → auth}/jwks/jwks.service.d.ts +0 -0
  753. package/{src/auth → auth}/jwks/jwks.types.d.ts +0 -0
  754. package/{src/auth → auth}/jwks/jwks.utils.d.ts +0 -0
  755. package/{src/auth → auth}/machine-id.d.ts +0 -0
  756. package/{src/auth → auth}/oauth/flows/oauth.authorize.flow.d.ts +0 -0
  757. package/{src/auth → auth}/oauth/flows/oauth.device-authorization.flow.d.ts +0 -0
  758. package/{src/auth → auth}/oauth/flows/oauth.introspect.flow.d.ts +0 -0
  759. package/{src/auth → auth}/oauth/flows/oauth.par.flow.d.ts +0 -0
  760. package/{src/auth → auth}/oauth/flows/oauth.revoke.flow.d.ts +0 -0
  761. package/{src/auth → auth}/oauth/flows/oauth.token.flow.d.ts +0 -0
  762. package/{src/auth → auth}/oauth/flows/oauth.userinfo.flow.d.ts +0 -0
  763. package/{src/auth → auth}/oauth/flows/oidc.logout.flow.d.ts +0 -0
  764. package/{src/auth → auth}/session/authorization-vault.d.ts +0 -0
  765. package/{src/auth → auth}/session/authorization.store.d.ts +0 -0
  766. package/{src/auth → auth}/session/encrypted-authorization-vault.d.ts +0 -0
  767. package/{src/auth → auth}/session/index.d.ts +0 -0
  768. package/{src/auth → auth}/session/record/session.base.d.ts +0 -0
  769. package/{src/auth → auth}/session/record/session.stateful.d.ts +0 -0
  770. package/{src/auth → auth}/session/record/session.stateless.d.ts +0 -0
  771. package/{src/auth → auth}/session/record/session.transparent.d.ts +0 -0
  772. package/{src/auth → auth}/session/redis-session.store.d.ts +0 -0
  773. package/{src/auth → auth}/session/session.crypto.d.ts +0 -0
  774. package/{src/auth → auth}/session/session.schema.d.ts +0 -0
  775. package/{src/auth → auth}/session/session.service.d.ts +0 -0
  776. package/{src/auth → auth}/session/session.transport.d.ts +0 -0
  777. package/{src/auth → auth}/session/session.types.d.ts +0 -0
  778. package/{src/auth → auth}/session/token.refresh.d.ts +0 -0
  779. package/{src/auth → auth}/session/token.store.d.ts +0 -0
  780. package/{src/auth → auth}/session/token.vault.d.ts +0 -0
  781. package/{src/auth → auth}/session/transport-session.manager.d.ts +0 -0
  782. package/{src/auth → auth}/session/transport-session.types.d.ts +0 -0
  783. package/{src/auth → auth}/session/utils/auth-token.utils.d.ts +0 -0
  784. package/{src/auth → auth}/session/utils/session-id.utils.d.ts +0 -0
  785. package/{src/auth → auth}/session/utils/tiny-ttl-cache.d.ts +0 -0
  786. package/{src/auth → auth}/session/vault-encryption.d.ts +0 -0
  787. package/{src/auth → auth}/session/vercel-kv-session.store.d.ts +0 -0
  788. package/{src/auth → auth}/ui/base-layout.d.ts +0 -0
  789. package/{src/auth → auth}/ui/index.d.ts +0 -0
  790. package/{src/auth → auth}/ui/templates.d.ts +0 -0
  791. package/{src/auth → auth}/utils/audience.validator.d.ts +0 -0
  792. package/{src/auth → auth}/utils/index.d.ts +0 -0
  793. package/{src/auth → auth}/utils/www-authenticate.utils.d.ts +0 -0
  794. package/{src/common → common}/common.schema.d.ts +0 -0
  795. package/{src/common → common}/constants.d.ts +0 -0
  796. package/{src/common → common}/decorators/adapter.decorator.d.ts +0 -0
  797. package/{src/common → common}/decorators/app.decorator.d.ts +0 -0
  798. package/{src/common → common}/decorators/auth-provider.decorator.d.ts +0 -0
  799. package/{src/common → common}/decorators/decorator-utils.d.ts +0 -0
  800. package/{src/common → common}/decorators/flow.decorator.d.ts +0 -0
  801. package/{src/common → common}/decorators/front-mcp.decorator.d.ts +0 -0
  802. package/{src/common → common}/decorators/hook.decorator.d.ts +0 -0
  803. package/{src/common → common}/decorators/index.d.ts +0 -0
  804. package/{src/common → common}/decorators/logger.decorator.d.ts +0 -0
  805. package/{src/common → common}/decorators/plugin.decorator.d.ts +0 -0
  806. package/{src/common → common}/decorators/prompt.decorator.d.ts +0 -0
  807. package/{src/common → common}/decorators/provider.decorator.d.ts +0 -0
  808. package/{src/common → common}/decorators/resource.decorator.d.ts +0 -0
  809. package/{src/common → common}/decorators/tool.decorator.d.ts +0 -0
  810. package/{src/common → common}/dynamic/dynamic.adapter.d.ts +0 -0
  811. package/{src/common → common}/dynamic/dynamic.plugin.d.ts +0 -0
  812. package/{src/common → common}/dynamic/dynamic.utils.d.ts +0 -0
  813. package/{src/common → common}/dynamic/index.d.ts +0 -0
  814. package/{src/common → common}/entries/adapter.entry.d.ts +0 -0
  815. package/{src/common → common}/entries/app.entry.d.ts +0 -0
  816. package/{src/common → common}/entries/auth-provider.entry.d.ts +0 -0
  817. package/{src/common → common}/entries/base.entry.d.ts +0 -0
  818. package/{src/common → common}/entries/flow.entry.d.ts +0 -0
  819. package/{src/common → common}/entries/hook.entry.d.ts +0 -0
  820. package/{src/common → common}/entries/index.d.ts +0 -0
  821. package/{src/common → common}/entries/logger.entry.d.ts +0 -0
  822. package/{src/common → common}/entries/plugin.entry.d.ts +0 -0
  823. package/{src/common → common}/entries/prompt.entry.d.ts +0 -0
  824. package/{src/common → common}/entries/provider.entry.d.ts +0 -0
  825. package/{src/common → common}/entries/resource.entry.d.ts +0 -0
  826. package/{src/common → common}/entries/scope.entry.d.ts +0 -0
  827. package/{src/common → common}/entries/tool.entry.d.ts +0 -0
  828. package/{src/common → common}/flow/flow.utils.d.ts +0 -0
  829. package/{src/common → common}/index.d.ts +0 -0
  830. package/{src/common → common}/interfaces/adapter.interface.d.ts +0 -0
  831. package/{src/common → common}/interfaces/app.interface.d.ts +0 -0
  832. package/{src/common → common}/interfaces/auth-hook.interface.d.ts +0 -0
  833. package/{src/common → common}/interfaces/auth-provider.interface.d.ts +0 -0
  834. package/{src/common → common}/interfaces/base.interface.d.ts +0 -0
  835. package/{src/common → common}/interfaces/execution-context.interface.d.ts +0 -0
  836. package/{src/common → common}/interfaces/flow.interface.d.ts +0 -0
  837. package/{src/common → common}/interfaces/front-mcp.interface.d.ts +0 -0
  838. package/{src/common → common}/interfaces/hook.interface.d.ts +0 -0
  839. package/{src/common → common}/interfaces/index.d.ts +0 -0
  840. package/{src/common → common}/interfaces/internal/flow.utils.d.ts +0 -0
  841. package/{src/common → common}/interfaces/internal/index.d.ts +0 -0
  842. package/{src/common → common}/interfaces/internal/registry.interface.d.ts +0 -0
  843. package/{src/common → common}/interfaces/logger.interface.d.ts +0 -0
  844. package/{src/common → common}/interfaces/plugin.interface.d.ts +0 -0
  845. package/{src/common → common}/interfaces/prompt.interface.d.ts +0 -0
  846. package/{src/common → common}/interfaces/provider.interface.d.ts +0 -0
  847. package/{src/common → common}/interfaces/resource.interface.d.ts +0 -0
  848. package/{src/common → common}/interfaces/scope.interface.d.ts +0 -0
  849. package/{src/common → common}/interfaces/server.interface.d.ts +0 -0
  850. package/{src/common → common}/interfaces/session-hook.interface.d.ts +0 -0
  851. package/{src/common → common}/interfaces/tool-hook.interface.d.ts +0 -0
  852. package/{src/common → common}/interfaces/tool.interface.d.ts +0 -0
  853. package/{src/common → common}/metadata/adapter.metadata.d.ts +0 -0
  854. package/{src/common → common}/metadata/app.metadata.d.ts +42 -42
  855. package/{src/common → common}/metadata/auth-provider.metadata.d.ts +0 -0
  856. package/{src/common → common}/metadata/flow.metadata.d.ts +0 -0
  857. package/{src/common → common}/metadata/hook.metadata.d.ts +0 -0
  858. package/{src/common → common}/metadata/index.d.ts +0 -0
  859. package/{src/common → common}/metadata/logger.metadata.d.ts +0 -0
  860. package/{src/common → common}/metadata/plugin.metadata.d.ts +0 -0
  861. package/{src/common → common}/metadata/prompt.metadata.d.ts +0 -0
  862. package/{src/common → common}/metadata/provider.metadata.d.ts +0 -0
  863. package/{src/common → common}/metadata/resource.metadata.d.ts +0 -0
  864. package/{src/common → common}/metadata/tool-ui.metadata.d.ts +0 -0
  865. package/{src/common → common}/metadata/tool.metadata.d.ts +0 -0
  866. package/{src/common → common}/migrate/auth-transport.migrate.d.ts +0 -0
  867. package/{src/common → common}/migrate/index.d.ts +0 -0
  868. package/{src/common → common}/providers/base-config.provider.d.ts +0 -0
  869. package/{src/common → common}/records/adapter.record.d.ts +0 -0
  870. package/{src/common → common}/records/app.record.d.ts +0 -0
  871. package/{src/common → common}/records/auth-provider.record.d.ts +0 -0
  872. package/{src/common → common}/records/flow.record.d.ts +0 -0
  873. package/{src/common → common}/records/hook.record.d.ts +0 -0
  874. package/{src/common → common}/records/index.d.ts +0 -0
  875. package/{src/common → common}/records/logger.record.d.ts +0 -0
  876. package/{src/common → common}/records/plugin.record.d.ts +0 -0
  877. package/{src/common → common}/records/prompt.record.d.ts +0 -0
  878. package/{src/common → common}/records/provider.record.d.ts +0 -0
  879. package/{src/common → common}/records/resource.record.d.ts +0 -0
  880. package/{src/common → common}/records/scope.record.d.ts +0 -0
  881. package/{src/common → common}/records/tool.record.d.ts +0 -0
  882. package/{src/common → common}/schemas/annotated-class.schema.d.ts +0 -0
  883. package/{src/common → common}/schemas/http-input.schema.d.ts +0 -0
  884. package/{src/common → common}/schemas/http-output.schema.d.ts +0 -0
  885. package/{src/common → common}/schemas/index.d.ts +0 -0
  886. package/{src/common → common}/schemas/session-header.schema.d.ts +0 -0
  887. package/{src/common → common}/tokens/adapter.tokens.d.ts +0 -0
  888. package/{src/common → common}/tokens/app.tokens.d.ts +0 -0
  889. package/{src/common → common}/tokens/auth-provider.tokens.d.ts +0 -0
  890. package/{src/common → common}/tokens/base.tokens.d.ts +0 -0
  891. package/{src/common → common}/tokens/flow-hook.tokens.d.ts +0 -0
  892. package/{src/common → common}/tokens/flow.tokens.d.ts +0 -0
  893. package/{src/common → common}/tokens/front-mcp.tokens.d.ts +0 -0
  894. package/{src/common → common}/tokens/index.d.ts +0 -0
  895. package/{src/common → common}/tokens/logger.tokens.d.ts +0 -0
  896. package/{src/common → common}/tokens/plugin.tokens.d.ts +0 -0
  897. package/{src/common → common}/tokens/prompt.tokens.d.ts +0 -0
  898. package/{src/common → common}/tokens/provider.tokens.d.ts +0 -0
  899. package/{src/common → common}/tokens/resource.tokens.d.ts +0 -0
  900. package/{src/common → common}/tokens/server.tokens.d.ts +0 -0
  901. package/{src/common → common}/tokens/tool.tokens.d.ts +0 -0
  902. package/{src/common → common}/types/auth/index.d.ts +0 -0
  903. package/{src/common → common}/types/auth/jwt.types.d.ts +0 -0
  904. package/{src/common → common}/types/auth/session.types.d.ts +0 -0
  905. package/{src/common → common}/types/common.types.d.ts +0 -0
  906. package/{src/common → common}/types/index.d.ts +0 -0
  907. package/{src/logger/logger.tokens.d.ts → common/types/options/auth/auth.typecheck.d.ts} +0 -0
  908. package/{src/common → common}/types/options/http.options.d.ts +0 -0
  909. package/{src/common → common}/types/options/logging.options.d.ts +0 -0
  910. package/{src/common → common}/types/options/redis.options.d.ts +0 -0
  911. package/{src/common → common}/types/options/server-info.options.d.ts +0 -0
  912. package/{src/common → common}/types/options/session.options.d.ts +0 -0
  913. package/{src/common → common}/utils/global-config.utils.d.ts +0 -0
  914. package/{src/common → common}/utils/index.d.ts +0 -0
  915. package/{src/common → common}/utils/path.utils.d.ts +0 -0
  916. package/{src/completion → completion}/flows/complete.flow.d.ts +0 -0
  917. package/{src/context → context}/frontmcp-context-storage.d.ts +0 -0
  918. package/{src/context → context}/frontmcp-context.d.ts +0 -0
  919. package/{src/context → context}/frontmcp-context.provider.d.ts +0 -0
  920. package/{src/context → context}/index.d.ts +0 -0
  921. package/{src/context → context}/request-context-storage.d.ts +0 -0
  922. package/{src/context → context}/request-context.d.ts +0 -0
  923. package/{src/context → context}/request-context.provider.d.ts +0 -0
  924. package/{src/context → context}/session-key.provider.d.ts +0 -0
  925. package/{src/context → context}/trace-context.d.ts +0 -0
  926. package/{src/errors → errors}/authorization-required.error.d.ts +0 -0
  927. package/{src/errors → errors}/error-handler.d.ts +0 -0
  928. package/{src/errors → errors}/index.d.ts +0 -0
  929. package/{src/errors → errors}/mcp.error.d.ts +0 -0
  930. package/{src/exceptions → exceptions}/mcp-exceptions/session-missing.exception.d.ts +0 -0
  931. package/{src/exceptions → exceptions}/mcp-exceptions/unsupported-client-version.exception.d.ts +0 -0
  932. package/{src/flows → flows}/flow.instance.d.ts +0 -0
  933. package/{src/flows → flows}/flow.registry.d.ts +0 -0
  934. package/{src/flows → flows}/flow.stages.d.ts +0 -0
  935. package/{src/flows → flows}/flow.utils.d.ts +0 -0
  936. package/{src/front-mcp → front-mcp}/front-mcp.d.ts +0 -0
  937. package/{src/front-mcp → front-mcp}/front-mcp.providers.d.ts +38 -38
  938. /package/{src/front-mcp → front-mcp}/front-mcp.tokens.d.ts +0 -0
  939. /package/{src/front-mcp → front-mcp}/index.d.ts +0 -0
  940. /package/{src/front-mcp → front-mcp}/serverless-handler.d.ts +0 -0
  941. /package/{src/hooks → hooks}/hook.instance.d.ts +0 -0
  942. /package/{src/hooks → hooks}/hook.registry.d.ts +0 -0
  943. /package/{src/hooks → hooks}/hooks.utils.d.ts +0 -0
  944. /package/{src/index.d.ts → index.d.ts} +0 -0
  945. /package/{src/logger → logger}/instances/instance.console-logger.d.ts +0 -0
  946. /package/{src/logger → logger}/instances/instance.logger.d.ts +0 -0
  947. /package/{src/logger → logger}/logger.registry.d.ts +0 -0
  948. /package/{src/logger → logger}/logger.types.d.ts +0 -0
  949. /package/{src/logger → logger}/logger.utils.d.ts +0 -0
  950. /package/{src/logging → logging}/flows/set-level.flow.d.ts +0 -0
  951. /package/{src/mcp-apps → mcp-apps}/csp.d.ts +0 -0
  952. /package/{src/mcp-apps → mcp-apps}/index.d.ts +0 -0
  953. /package/{src/mcp-apps → mcp-apps}/schemas.d.ts +0 -0
  954. /package/{src/mcp-apps → mcp-apps}/template.d.ts +0 -0
  955. /package/{src/mcp-apps → mcp-apps}/types.d.ts +0 -0
  956. /package/{src/notification → notification}/index.d.ts +0 -0
  957. /package/{src/notification → notification}/notification.service.d.ts +0 -0
  958. /package/{src/plugin → plugin}/plugin.registry.d.ts +0 -0
  959. /package/{src/plugin → plugin}/plugin.utils.d.ts +0 -0
  960. /package/{src/prompt → prompt}/flows/get-prompt.flow.d.ts +0 -0
  961. /package/{src/prompt → prompt}/flows/prompts-list.flow.d.ts +0 -0
  962. /package/{src/prompt → prompt}/index.d.ts +0 -0
  963. /package/{src/prompt → prompt}/prompt.events.d.ts +0 -0
  964. /package/{src/prompt → prompt}/prompt.instance.d.ts +0 -0
  965. /package/{src/prompt → prompt}/prompt.registry.d.ts +0 -0
  966. /package/{src/prompt → prompt}/prompt.types.d.ts +0 -0
  967. /package/{src/prompt → prompt}/prompt.utils.d.ts +0 -0
  968. /package/{src/provider → provider}/provider.registry.d.ts +0 -0
  969. /package/{src/provider → provider}/provider.types.d.ts +0 -0
  970. /package/{src/provider → provider}/provider.utils.d.ts +0 -0
  971. /package/{src/regsitry → regsitry}/index.d.ts +0 -0
  972. /package/{src/regsitry → regsitry}/registry.base.d.ts +0 -0
  973. /package/{src/resource → resource}/flows/read-resource.flow.d.ts +0 -0
  974. /package/{src/resource → resource}/flows/resource-templates-list.flow.d.ts +0 -0
  975. /package/{src/resource → resource}/flows/resources-list.flow.d.ts +0 -0
  976. /package/{src/resource → resource}/flows/subscribe-resource.flow.d.ts +0 -0
  977. /package/{src/resource → resource}/flows/unsubscribe-resource.flow.d.ts +0 -0
  978. /package/{src/resource → resource}/index.d.ts +0 -0
  979. /package/{src/resource → resource}/resource.events.d.ts +0 -0
  980. /package/{src/resource → resource}/resource.instance.d.ts +0 -0
  981. /package/{src/resource → resource}/resource.registry.d.ts +0 -0
  982. /package/{src/resource → resource}/resource.types.d.ts +0 -0
  983. /package/{src/resource → resource}/resource.utils.d.ts +0 -0
  984. /package/{src/scope → scope}/flows/http.request.flow.d.ts +0 -0
  985. /package/{src/scope → scope}/index.d.ts +0 -0
  986. /package/{src/scope → scope}/scope.instance.d.ts +0 -0
  987. /package/{src/scope → scope}/scope.registry.d.ts +0 -0
  988. /package/{src/scope → scope}/scope.utils.d.ts +0 -0
  989. /package/{src/server → server}/adapters/base.host.adapter.d.ts +0 -0
  990. /package/{src/server → server}/adapters/express.host.adapter.d.ts +0 -0
  991. /package/{src/server → server}/server.instance.d.ts +0 -0
  992. /package/{src/server → server}/server.types.d.ts +0 -0
  993. /package/{src/server → server}/server.validation.d.ts +0 -0
  994. /package/{src/store → store}/adapters/store.base.adapter.d.ts +0 -0
  995. /package/{src/store → store}/adapters/store.memory.adapter.d.ts +0 -0
  996. /package/{src/store → store}/adapters/store.redis.adapter.d.ts +0 -0
  997. /package/{src/store → store}/adapters/store.vercel-kv.adapter.d.ts +0 -0
  998. /package/{src/store → store}/index.d.ts +0 -0
  999. /package/{src/store → store}/store.factory.d.ts +0 -0
  1000. /package/{src/store → store}/store.helpers.d.ts +0 -0
  1001. /package/{src/store → store}/store.registry.d.ts +0 -0
  1002. /package/{src/store → store}/store.tokens.d.ts +0 -0
  1003. /package/{src/store → store}/store.types.d.ts +0 -0
  1004. /package/{src/store → store}/store.utils.d.ts +0 -0
  1005. /package/{src/tool → tool}/flows/call-tool.flow.d.ts +0 -0
  1006. /package/{src/tool → tool}/flows/tools-list.flow.d.ts +0 -0
  1007. /package/{src/tool → tool}/tool.events.d.ts +0 -0
  1008. /package/{src/tool → tool}/tool.instance.d.ts +0 -0
  1009. /package/{src/tool → tool}/tool.registry.d.ts +0 -0
  1010. /package/{src/tool → tool}/tool.types.d.ts +0 -0
  1011. /package/{src/tool → tool}/tool.utils.d.ts +0 -0
  1012. /package/{src/tool → tool}/ui/index.d.ts +0 -0
  1013. /package/{src/tool → tool}/ui/platform-adapters.d.ts +0 -0
  1014. /package/{src/tool → tool}/ui/template-helpers.d.ts +0 -0
  1015. /package/{src/tool → tool}/ui/ui-resource-template.d.ts +0 -0
  1016. /package/{src/tool → tool}/ui/ui-resource.handler.d.ts +0 -0
  1017. /package/{src/transport → transport}/adapters/transport.local.adapter.d.ts +0 -0
  1018. /package/{src/transport → transport}/adapters/transport.sse.adapter.d.ts +0 -0
  1019. /package/{src/transport → transport}/adapters/transport.streamable-http.adapter.d.ts +0 -0
  1020. /package/{src/transport → transport}/flows/handle.sse.flow.d.ts +0 -0
  1021. /package/{src/transport → transport}/flows/handle.stateless-http.flow.d.ts +0 -0
  1022. /package/{src/transport → transport}/flows/handle.streamable-http.flow.d.ts +0 -0
  1023. /package/{src/transport → transport}/legacy/legacy.sse.tranporter.d.ts +0 -0
  1024. /package/{src/transport → transport}/mcp-handlers/Initialized-notification.hanlder.d.ts +0 -0
  1025. /package/{src/transport → transport}/mcp-handlers/call-tool-request.handler.d.ts +0 -0
  1026. /package/{src/transport → transport}/mcp-handlers/complete-request.handler.d.ts +0 -0
  1027. /package/{src/transport → transport}/mcp-handlers/get-prompt-request.handler.d.ts +0 -0
  1028. /package/{src/transport → transport}/mcp-handlers/index.d.ts +0 -0
  1029. /package/{src/transport → transport}/mcp-handlers/initialize-request.handler.d.ts +0 -0
  1030. /package/{src/transport → transport}/mcp-handlers/list-prompts-request.handler.d.ts +0 -0
  1031. /package/{src/transport → transport}/mcp-handlers/list-resource-templates-request.handler.d.ts +0 -0
  1032. /package/{src/transport → transport}/mcp-handlers/list-resources-request.handler.d.ts +0 -0
  1033. /package/{src/transport → transport}/mcp-handlers/list-tools-request.handler.d.ts +0 -0
  1034. /package/{src/transport → transport}/mcp-handlers/logging-set-level-request.handler.d.ts +0 -0
  1035. /package/{src/transport → transport}/mcp-handlers/mcp-handlers.types.d.ts +0 -0
  1036. /package/{src/transport → transport}/mcp-handlers/read-resource-request.handler.d.ts +0 -0
  1037. /package/{src/transport → transport}/mcp-handlers/roots-list-changed-notification.handler.d.ts +0 -0
  1038. /package/{src/transport → transport}/mcp-handlers/subscribe-request.handler.d.ts +0 -0
  1039. /package/{src/transport → transport}/mcp-handlers/unsubscribe-request.handler.d.ts +0 -0
  1040. /package/{src/transport → transport}/transport.error.d.ts +0 -0
  1041. /package/{src/transport → transport}/transport.event-store.d.ts +0 -0
  1042. /package/{src/transport → transport}/transport.local.d.ts +0 -0
  1043. /package/{src/transport → transport}/transport.registry.d.ts +0 -0
  1044. /package/{src/transport → transport}/transport.remote.d.ts +0 -0
  1045. /package/{src/transport → transport}/transport.types.d.ts +0 -0
  1046. /package/{src/types → types}/drinen-hooks.types.d.ts +0 -0
  1047. /package/{src/types → types}/invoke.type.d.ts +0 -0
  1048. /package/{src/types → types}/token.types.d.ts +0 -0
  1049. /package/{src/utils → utils}/content.utils.d.ts +0 -0
  1050. /package/{src/utils → utils}/index.d.ts +0 -0
  1051. /package/{src/utils → utils}/lineage.utils.d.ts +0 -0
  1052. /package/{src/utils → utils}/metadata.utils.d.ts +0 -0
  1053. /package/{src/utils → utils}/naming.utils.d.ts +0 -0
  1054. /package/{src/utils → utils}/server.utils.d.ts +0 -0
  1055. /package/{src/utils → utils}/string.utils.d.ts +0 -0
  1056. /package/{src/utils → utils}/token.utils.d.ts +0 -0
  1057. /package/{src/utils → utils}/types.utils.d.ts +0 -0
  1058. /package/{src/utils → utils}/uri-template.utils.d.ts +0 -0
  1059. /package/{src/utils → utils}/uri-validation.utils.d.ts +0 -0
package/src/auth/auth.utils.js DELETED
@@ -1,84 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.collectAuthMetadata = collectAuthMetadata;
4
- exports.normalizeAuth = normalizeAuth;
5
- exports.authDiscoveryDeps = authDiscoveryDeps;
6
- // auth/auth.utils.ts
7
- const utils_1 = require("../utils");
8
- const common_1 = require("../common");
9
- function collectAuthMetadata(cls) {
10
- return Object.entries(common_1.FrontMcpAuthProviderTokens).reduce((metadata, [key, token]) => {
11
- return Object.assign(metadata, {
12
- [key]: (0, utils_1.getMetadata)(token, cls),
13
- });
14
- }, {});
15
- }
16
- function normalizeAuth(item) {
17
- if ((0, utils_1.isClass)(item)) {
18
- // read McpAuthMetadata from class
19
- const metadata = collectAuthMetadata(item);
20
- return { kind: common_1.AuthProviderKind.CLASS_TOKEN, provide: item, metadata };
21
- }
22
- if (item && typeof item === 'object') {
23
- const { provide, useClass, useValue, useFactory, inject, ...metadata } = item;
24
- if (!provide) {
25
- const name = item?.name ?? '[object]';
26
- throw new Error(`Auth '${name}' is missing 'provide'.`);
27
- }
28
- if (useClass) {
29
- if (!(0, utils_1.isClass)(useClass)) {
30
- throw new Error(`'useClass' on auth '${(0, utils_1.tokenName)(provide)}' must be a class.`);
31
- }
32
- return {
33
- kind: common_1.AuthProviderKind.CLASS,
34
- provide,
35
- useClass,
36
- metadata,
37
- };
38
- }
39
- if (useFactory) {
40
- if (typeof useFactory !== 'function') {
41
- throw new Error(`'useFactory' on auth '${(0, utils_1.tokenName)(provide)}' must be a function.`);
42
- }
43
- const inj = typeof inject === 'function' ? inject : () => [];
44
- return {
45
- kind: common_1.AuthProviderKind.FACTORY,
46
- provide,
47
- inject: inj,
48
- useFactory,
49
- metadata,
50
- };
51
- }
52
- if ('useValue' in item) {
53
- return {
54
- kind: common_1.AuthProviderKind.VALUE,
55
- provide,
56
- useValue,
57
- metadata,
58
- };
59
- }
60
- }
61
- const name = item?.name ?? String(item);
62
- throw new Error(`Invalid auth '${name}'. Expected a class or a auth object.`);
63
- }
64
- /**
65
- * For graph/cycle detection. Returns dependency tokens that should be graphed.
66
- * - VALUE: no deps
67
- * - FACTORY: only includes deps that are registered (others will be resolved)
68
- * - CLASS / CLASS_TOKEN: deps come from the class constructor or static with(...)
69
- */
70
- function authDiscoveryDeps(rec) {
71
- switch (rec.kind) {
72
- case common_1.AuthProviderKind.VALUE:
73
- case common_1.AuthProviderKind.PRIMARY:
74
- return [];
75
- case common_1.AuthProviderKind.FACTORY: {
76
- return [...rec.inject()];
77
- }
78
- case common_1.AuthProviderKind.CLASS:
79
- return (0, utils_1.depsOfClass)(rec.useClass, 'discovery');
80
- case common_1.AuthProviderKind.CLASS_TOKEN:
81
- return (0, utils_1.depsOfClass)(rec.provide, 'discovery');
82
- }
83
- }
84
- //# sourceMappingURL=auth.utils.js.map
package/src/auth/auth.utils.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth.utils.js","sourceRoot":"","sources":["../../../src/auth/auth.utils.ts"],"names":[],"mappings":";;AAWA,kDAMC;AAED,sCAoDC;AAQD,8CAeC;AA9FD,qBAAqB;AACrB,oCAAwE;AACxE,sCAOmB;AAEnB,SAAgB,mBAAmB,CAAC,GAAqB;IACvD,OAAO,MAAM,CAAC,OAAO,CAAC,mCAA0B,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAClF,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE;YAC7B,CAAC,GAAG,CAAC,EAAE,IAAA,mBAAW,EAAC,KAAK,EAAE,GAAG,CAAC;SAC/B,CAAC,CAAC;IACL,CAAC,EAAE,EAA0B,CAAC,CAAC;AACjC,CAAC;AAED,SAAgB,aAAa,CAAC,IAAsB;IAClD,IAAI,IAAA,eAAO,EAAC,IAAI,CAAC,EAAE,CAAC;QAClB,kCAAkC;QAClC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,OAAO,EAAE,IAAI,EAAE,yBAAgB,CAAC,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACzE,CAAC;IACD,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAW,CAAC;QAErF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,UAAU,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,SAAS,IAAI,yBAAyB,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,IAAA,eAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,IAAA,iBAAS,EAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACjF,CAAC;YACD,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAA,iBAAS,EAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;YACtF,CAAC;YACD,MAAM,GAAG,GAAG,OAAO,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAW,CAAC;YACtE,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,OAAO;gBAC9B,OAAO;gBACP,MAAM,EAAE,GAAG;gBACX,UAAU;gBACV,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;YACvB,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,uCAAuC,CAAC,CAAC;AAChF,CAAC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,GAAuB;IACvD,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,yBAAgB,CAAC,KAAK,CAAC;QAC5B,KAAK,yBAAgB,CAAC,OAAO;YAC3B,OAAO,EAAE,CAAC;QAEZ,KAAK,yBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9B,OAAO,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,KAAK,yBAAgB,CAAC,KAAK;YACzB,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAEhD,KAAK,yBAAgB,CAAC,WAAW;YAC/B,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IACjD,CAAC;AACH,CAAC","sourcesContent":["// auth/auth.utils.ts\nimport { depsOfClass, isClass, tokenName, getMetadata } from '../utils';\nimport {\n AuthProviderMetadata,\n FrontMcpAuthProviderTokens,\n AuthProviderType,\n Token,\n AuthProviderRecord,\n AuthProviderKind,\n} from '../common';\n\nexport function collectAuthMetadata(cls: AuthProviderType): AuthProviderMetadata {\n return Object.entries(FrontMcpAuthProviderTokens).reduce((metadata, [key, token]) => {\n return Object.assign(metadata, {\n [key]: getMetadata(token, cls),\n });\n }, {} as AuthProviderMetadata);\n}\n\nexport function normalizeAuth(item: AuthProviderType): AuthProviderRecord {\n if (isClass(item)) {\n // read McpAuthMetadata from class\n const metadata = collectAuthMetadata(item);\n return { kind: AuthProviderKind.CLASS_TOKEN, provide: item, metadata };\n }\n if (item && typeof item === 'object') {\n const { provide, useClass, useValue, useFactory, inject, ...metadata } = item as any;\n\n if (!provide) {\n const name = (item as any)?.name ?? '[object]';\n throw new Error(`Auth '${name}' is missing 'provide'.`);\n }\n\n if (useClass) {\n if (!isClass(useClass)) {\n throw new Error(`'useClass' on auth '${tokenName(provide)}' must be a class.`);\n }\n return {\n kind: AuthProviderKind.CLASS,\n provide,\n useClass,\n metadata,\n };\n }\n\n if (useFactory) {\n if (typeof useFactory !== 'function') {\n throw new Error(`'useFactory' on auth '${tokenName(provide)}' must be a function.`);\n }\n const inj = typeof inject === 'function' ? inject : () => [] as const;\n return {\n kind: AuthProviderKind.FACTORY,\n provide,\n inject: inj,\n useFactory,\n metadata,\n };\n }\n\n if ('useValue' in item) {\n return {\n kind: AuthProviderKind.VALUE,\n provide,\n useValue,\n metadata,\n };\n }\n }\n\n const name = (item as any)?.name ?? String(item);\n throw new Error(`Invalid auth '${name}'. Expected a class or a auth object.`);\n}\n\n/**\n * For graph/cycle detection. Returns dependency tokens that should be graphed.\n * - VALUE: no deps\n * - FACTORY: only includes deps that are registered (others will be resolved)\n * - CLASS / CLASS_TOKEN: deps come from the class constructor or static with(...)\n */\nexport function authDiscoveryDeps(rec: AuthProviderRecord): Token[] {\n switch (rec.kind) {\n case AuthProviderKind.VALUE:\n case AuthProviderKind.PRIMARY:\n return [];\n\n case AuthProviderKind.FACTORY: {\n return [...rec.inject()];\n }\n case AuthProviderKind.CLASS:\n return depsOfClass(rec.useClass, 'discovery');\n\n case AuthProviderKind.CLASS_TOKEN:\n return depsOfClass(rec.provide, 'discovery');\n }\n}\n"]}
package/src/auth/authorization/authorization.class.js DELETED
@@ -1,217 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.class.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.AuthorizationBase = exports.getMachineId = void 0;
5
- const crypto_1 = require("crypto");
6
- const session_id_utils_1 = require("../session/utils/session-id.utils");
7
- const machine_id_1 = require("../machine-id");
8
- // Re-export getMachineId for backwards compatibility
9
- var machine_id_2 = require("../machine-id");
10
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return machine_id_2.getMachineId; } });
11
- /**
12
- * Base Authorization class - represents authenticated user context
13
- * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)
14
- */
15
- class AuthorizationBase {
16
- id;
17
- isAnonymous;
18
- user;
19
- claims;
20
- expiresAt;
21
- scopes;
22
- authorizedProviders;
23
- authorizedProviderIds;
24
- authorizedApps;
25
- authorizedAppIds;
26
- authorizedTools;
27
- authorizedToolIds;
28
- authorizedPrompts;
29
- authorizedPromptIds;
30
- authorizedResources;
31
- /** The original bearer token (for transparent mode) */
32
- token;
33
- /** Active transport sessions for this authorization */
34
- #sessions = new Map();
35
- /** Creation timestamp */
36
- createdAt;
37
- constructor(ctx) {
38
- this.id = ctx.id;
39
- this.isAnonymous = ctx.isAnonymous;
40
- this.user = ctx.user;
41
- this.claims = ctx.claims;
42
- this.expiresAt = ctx.expiresAt;
43
- this.scopes = ctx.scopes ?? [];
44
- this.token = ctx.token;
45
- this.createdAt = Date.now();
46
- // Initialize authorization projections
47
- this.authorizedProviders = ctx.authorizedProviders ?? {};
48
- this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);
49
- this.authorizedApps = ctx.authorizedApps ?? {};
50
- this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);
51
- this.authorizedTools = ctx.authorizedTools ?? {};
52
- this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);
53
- this.authorizedPrompts = ctx.authorizedPrompts ?? {};
54
- this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);
55
- this.authorizedResources = ctx.authorizedResources ?? [];
56
- }
57
- /**
58
- * Create a new transport session for this authorization
59
- * @param protocol - Transport protocol (sse, streamable-http, etc.)
60
- * @param fingerprint - Optional client fingerprint for tracking
61
- */
62
- createTransportSession(protocol, fingerprint) {
63
- const sessionId = (0, crypto_1.randomUUID)();
64
- const session = {
65
- id: sessionId,
66
- authorizationId: this.id,
67
- protocol,
68
- createdAt: Date.now(),
69
- expiresAt: this.expiresAt,
70
- nodeId: (0, machine_id_1.getMachineId)(),
71
- clientFingerprint: fingerprint,
72
- };
73
- this.#sessions.set(session.id, session);
74
- return session;
75
- }
76
- /**
77
- * Get existing transport session by ID
78
- */
79
- getTransportSession(sessionId) {
80
- return this.#sessions.get(sessionId);
81
- }
82
- /**
83
- * Get all active transport sessions
84
- */
85
- getAllSessions() {
86
- return Array.from(this.#sessions.values());
87
- }
88
- /**
89
- * Remove a transport session
90
- */
91
- removeTransportSession(sessionId) {
92
- return this.#sessions.delete(sessionId);
93
- }
94
- /**
95
- * Get count of active sessions
96
- */
97
- get sessionCount() {
98
- return this.#sessions.size;
99
- }
100
- /**
101
- * Check if a scope is granted
102
- */
103
- hasScope(scope) {
104
- return this.scopes.includes(scope);
105
- }
106
- /**
107
- * Check if all scopes are granted
108
- */
109
- hasAllScopes(scopes) {
110
- return scopes.every((s) => this.scopes.includes(s));
111
- }
112
- /**
113
- * Check if any scope is granted
114
- */
115
- hasAnyScope(scopes) {
116
- return scopes.some((s) => this.scopes.includes(s));
117
- }
118
- /**
119
- * Check if a tool is authorized
120
- */
121
- canAccessTool(toolId) {
122
- return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);
123
- }
124
- /**
125
- * Check if a prompt is authorized
126
- */
127
- canAccessPrompt(promptId) {
128
- return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);
129
- }
130
- /**
131
- * Check if an app is authorized.
132
- * Used for progressive authorization to determine if tools from this app can be executed.
133
- * @param appId - App ID to check
134
- */
135
- isAppAuthorized(appId) {
136
- return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);
137
- }
138
- /**
139
- * Build URL for progressive/incremental authorization.
140
- * Used when a tool requires authorization for an app that was skipped during initial auth.
141
- * @param appId - App ID that requires authorization
142
- * @param baseUrl - Base URL of the server
143
- */
144
- getProgressiveAuthUrl(appId, baseUrl) {
145
- return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;
146
- }
147
- /**
148
- * Check if the authorization is expired
149
- */
150
- isExpired() {
151
- if (!this.expiresAt)
152
- return false;
153
- return Date.now() > this.expiresAt;
154
- }
155
- /**
156
- * Get time until expiration in milliseconds
157
- * Returns undefined if no expiration, negative if expired
158
- */
159
- getTimeToExpiry() {
160
- if (!this.expiresAt)
161
- return undefined;
162
- return this.expiresAt - Date.now();
163
- }
164
- /**
165
- * Convert a transport session to encrypted session JWT
166
- * This is what gets sent in the Mcp-Session-Id header
167
- */
168
- toSessionJwt(session) {
169
- const payload = {
170
- sid: session.id,
171
- aid: this.id,
172
- proto: session.protocol,
173
- nid: session.nodeId,
174
- iat: Math.floor(Date.now() / 1000),
175
- exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,
176
- };
177
- return (0, session_id_utils_1.encryptJson)(payload);
178
- }
179
- /**
180
- * Convert to LLM-safe context (no tokens exposed)
181
- */
182
- toLLMSafeContext(session) {
183
- return {
184
- authorizationId: this.id,
185
- sessionId: session.id,
186
- mode: this.mode,
187
- isAnonymous: this.isAnonymous,
188
- user: {
189
- sub: this.user.sub,
190
- name: this.user.name,
191
- },
192
- scopes: this.scopes,
193
- authorizedToolIds: this.authorizedToolIds,
194
- authorizedPromptIds: this.authorizedPromptIds,
195
- };
196
- }
197
- /**
198
- * Validate that no tokens are leaked in data
199
- * Throws if JWT pattern detected
200
- */
201
- static validateNoTokenLeakage(data) {
202
- const json = JSON.stringify(data);
203
- // Detect JWT pattern (header.payload.signature)
204
- if (/eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/.test(json)) {
205
- throw new Error('SECURITY: Token detected in data - potential LLM context leak');
206
- }
207
- // Detect sensitive field names
208
- const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];
209
- for (const field of sensitiveFields) {
210
- if (json.includes(`"${field}"`)) {
211
- throw new Error(`SECURITY: Sensitive field "${field}" detected - potential leak`);
212
- }
213
- }
214
- }
215
- }
216
- exports.AuthorizationBase = AuthorizationBase;
217
- //# sourceMappingURL=authorization.class.js.map
package/src/auth/authorization/authorization.class.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.class.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.class.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,mCAAoC;AAWpC,wEAAgE;AAEhE,8CAA6C;AAE7C,qDAAqD;AACrD,4CAA6C;AAApC,0GAAA,YAAY,OAAA;AAErB;;;GAGG;AACH,MAAsB,iBAAiB;IAC5B,EAAE,CAAS;IAEX,WAAW,CAAU;IACrB,IAAI,CAAW;IACf,MAAM,CAA2B;IACjC,SAAS,CAAU;IACnB,MAAM,CAAW;IACjB,mBAAmB,CAAmC;IACtD,qBAAqB,CAAW;IAChC,cAAc,CAAoD;IAClE,gBAAgB,CAAW;IAC3B,eAAe,CAAiC;IAChD,iBAAiB,CAAW;IAC5B,iBAAiB,CAAmC;IACpD,mBAAmB,CAAW;IAC9B,mBAAmB,CAAW;IAEvC,uDAAuD;IACpC,KAAK,CAAU;IAElC,uDAAuD;IAC9C,SAAS,GAAkC,IAAI,GAAG,EAAE,CAAC;IAE9D,yBAAyB;IAChB,SAAS,CAAS;IAE3B,YAAsB,GAA2B;QAC/C,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE5B,uCAAuC;QACvC,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;QACzD,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAChG,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC;QAC/C,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,gBAAgB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACjF,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACpF,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;QACrD,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC1F,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED;;;;OAIG;IACH,sBAAsB,CAAC,QAA2B,EAAE,WAAoB;QACtE,MAAM,SAAS,GAAG,IAAA,mBAAU,GAAE,CAAC;QAE/B,MAAM,OAAO,GAAqB;YAChC,EAAE,EAAE,SAAS;YACb,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,IAAA,yBAAY,GAAE;YACtB,iBAAiB,EAAE,WAAW;SAC/B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACxC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,SAAiB;QACnC,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,SAAiB;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC7B,CAAC;IAWD;;OAEG;IACH,QAAQ,CAAC,KAAa;QACpB,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAgB;QAC3B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,MAAgB;QAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,MAAc;QAC1B,OAAO,MAAM,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,QAAgB;QAC9B,OAAO,QAAQ,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3F,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAa;QAC3B,OAAO,KAAK,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACH,qBAAqB,CAAC,KAAa,EAAE,OAAe;QAClD,OAAO,GAAG,OAAO,wBAAwB,kBAAkB,CAAC,KAAK,CAAC,mBAAmB,CAAC;IACxF,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QAClC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,SAAS,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,OAAyB;QACpC,MAAM,OAAO,GAAsB;YACjC,GAAG,EAAE,OAAO,CAAC,EAAE;YACf,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,OAAO,CAAC,QAAQ;YACvB,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;QACF,OAAO,IAAA,8BAAW,EAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,OAAyB;QACxC,OAAO;YACL,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,SAAS,EAAE,OAAO,CAAC,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,IAAI,EAAE;gBACJ,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG;gBAClB,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI;aACrB;YACD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;SAC9C,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,sBAAsB,CAAC,IAAa;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,gDAAgD;QAChD,IAAI,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QACD,+BAA+B;QAC/B,MAAM,eAAe,GAAG,CAAC,cAAc,EAAE,eAAe,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;QACjG,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,6BAA6B,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAxOD,8CAwOC","sourcesContent":["// auth/authorization/authorization.class.ts\n\nimport { randomUUID } from 'crypto';\nimport {\n Authorization,\n AuthorizationCreateCtx,\n AuthorizedPrompt,\n AuthorizedTool,\n AuthUser,\n LLMSafeAuthContext,\n} from './authorization.types';\nimport { TransportSession, TransportProtocol, SessionJwtPayload } from '../session';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { encryptJson } from '../session/utils/session-id.utils';\nimport { AuthMode } from '../../common';\nimport { getMachineId } from '../machine-id';\n\n// Re-export getMachineId for backwards compatibility\nexport { getMachineId } from '../machine-id';\n\n/**\n * Base Authorization class - represents authenticated user context\n * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)\n */\nexport abstract class AuthorizationBase implements Authorization {\n readonly id: string;\n abstract readonly mode: AuthMode;\n readonly isAnonymous: boolean;\n readonly user: AuthUser;\n readonly claims?: Record<string, unknown>;\n readonly expiresAt?: number;\n readonly scopes: string[];\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n readonly authorizedProviderIds: string[];\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n readonly authorizedAppIds: string[];\n readonly authorizedTools: Record<string, AuthorizedTool>;\n readonly authorizedToolIds: string[];\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n readonly authorizedPromptIds: string[];\n readonly authorizedResources: string[];\n\n /** The original bearer token (for transparent mode) */\n protected readonly token?: string;\n\n /** Active transport sessions for this authorization */\n readonly #sessions: Map<string, TransportSession> = new Map();\n\n /** Creation timestamp */\n readonly createdAt: number;\n\n protected constructor(ctx: AuthorizationCreateCtx) {\n this.id = ctx.id;\n this.isAnonymous = ctx.isAnonymous;\n this.user = ctx.user;\n this.claims = ctx.claims;\n this.expiresAt = ctx.expiresAt;\n this.scopes = ctx.scopes ?? [];\n this.token = ctx.token;\n this.createdAt = Date.now();\n\n // Initialize authorization projections\n this.authorizedProviders = ctx.authorizedProviders ?? {};\n this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);\n this.authorizedApps = ctx.authorizedApps ?? {};\n this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);\n this.authorizedTools = ctx.authorizedTools ?? {};\n this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);\n this.authorizedPrompts = ctx.authorizedPrompts ?? {};\n this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);\n this.authorizedResources = ctx.authorizedResources ?? [];\n }\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession {\n const sessionId = randomUUID();\n\n const session: TransportSession = {\n id: sessionId,\n authorizationId: this.id,\n protocol,\n createdAt: Date.now(),\n expiresAt: this.expiresAt,\n nodeId: getMachineId(),\n clientFingerprint: fingerprint,\n };\n\n this.#sessions.set(session.id, session);\n return session;\n }\n\n /**\n * Get existing transport session by ID\n */\n getTransportSession(sessionId: string): TransportSession | undefined {\n return this.#sessions.get(sessionId);\n }\n\n /**\n * Get all active transport sessions\n */\n getAllSessions(): TransportSession[] {\n return Array.from(this.#sessions.values());\n }\n\n /**\n * Remove a transport session\n */\n removeTransportSession(sessionId: string): boolean {\n return this.#sessions.delete(sessionId);\n }\n\n /**\n * Get count of active sessions\n */\n get sessionCount(): number {\n return this.#sessions.size;\n }\n\n /**\n * Abstract: Get access token for a provider\n * Implementation varies by mode:\n * - Public: throws (no tokens)\n * - Transparent: returns the original bearer token\n * - Orchestrated: retrieves from vault/store\n */\n abstract getToken(providerId?: string): Promise<string>;\n\n /**\n * Check if a scope is granted\n */\n hasScope(scope: string): boolean {\n return this.scopes.includes(scope);\n }\n\n /**\n * Check if all scopes are granted\n */\n hasAllScopes(scopes: string[]): boolean {\n return scopes.every((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if any scope is granted\n */\n hasAnyScope(scopes: string[]): boolean {\n return scopes.some((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if a tool is authorized\n */\n canAccessTool(toolId: string): boolean {\n return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);\n }\n\n /**\n * Check if a prompt is authorized\n */\n canAccessPrompt(promptId: string): boolean {\n return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);\n }\n\n /**\n * Check if an app is authorized.\n * Used for progressive authorization to determine if tools from this app can be executed.\n * @param appId - App ID to check\n */\n isAppAuthorized(appId: string): boolean {\n return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);\n }\n\n /**\n * Build URL for progressive/incremental authorization.\n * Used when a tool requires authorization for an app that was skipped during initial auth.\n * @param appId - App ID that requires authorization\n * @param baseUrl - Base URL of the server\n */\n getProgressiveAuthUrl(appId: string, baseUrl: string): string {\n return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;\n }\n\n /**\n * Check if the authorization is expired\n */\n isExpired(): boolean {\n if (!this.expiresAt) return false;\n return Date.now() > this.expiresAt;\n }\n\n /**\n * Get time until expiration in milliseconds\n * Returns undefined if no expiration, negative if expired\n */\n getTimeToExpiry(): number | undefined {\n if (!this.expiresAt) return undefined;\n return this.expiresAt - Date.now();\n }\n\n /**\n * Convert a transport session to encrypted session JWT\n * This is what gets sent in the Mcp-Session-Id header\n */\n toSessionJwt(session: TransportSession): string {\n const payload: SessionJwtPayload = {\n sid: session.id,\n aid: this.id,\n proto: session.protocol,\n nid: session.nodeId,\n iat: Math.floor(Date.now() / 1000),\n exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,\n };\n return encryptJson(payload);\n }\n\n /**\n * Convert to LLM-safe context (no tokens exposed)\n */\n toLLMSafeContext(session: TransportSession): LLMSafeAuthContext {\n return {\n authorizationId: this.id,\n sessionId: session.id,\n mode: this.mode,\n isAnonymous: this.isAnonymous,\n user: {\n sub: this.user.sub,\n name: this.user.name,\n },\n scopes: this.scopes,\n authorizedToolIds: this.authorizedToolIds,\n authorizedPromptIds: this.authorizedPromptIds,\n };\n }\n\n /**\n * Validate that no tokens are leaked in data\n * Throws if JWT pattern detected\n */\n static validateNoTokenLeakage(data: unknown): void {\n const json = JSON.stringify(data);\n // Detect JWT pattern (header.payload.signature)\n if (/eyJ[A-Za-z0-9_-]+\\.eyJ[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+/.test(json)) {\n throw new Error('SECURITY: Token detected in data - potential LLM context leak');\n }\n // Detect sensitive field names\n const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];\n for (const field of sensitiveFields) {\n if (json.includes(`\"${field}\"`)) {\n throw new Error(`SECURITY: Sensitive field \"${field}\" detected - potential leak`);\n }\n }\n }\n}\n"]}
package/src/auth/authorization/authorization.types.js DELETED
@@ -1,79 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.types.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.progressiveAuthStateSchema = exports.appAuthorizationRecordSchema = exports.appAuthStateSchema = exports.AppAuthState = exports.llmSafeAuthContextSchema = exports.authModeSchema = exports.authorizedPromptSchema = exports.authorizedToolSchema = exports.authUserSchema = void 0;
5
- const zod_1 = require("zod");
6
- // ============================================
7
- // Zod Schemas
8
- // ============================================
9
- exports.authUserSchema = zod_1.z.object({
10
- sub: zod_1.z.string(),
11
- name: zod_1.z.string().optional(),
12
- email: zod_1.z.string().email().optional(),
13
- picture: zod_1.z.string().url().optional(),
14
- anonymous: zod_1.z.boolean().optional(),
15
- });
16
- exports.authorizedToolSchema = zod_1.z.object({
17
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
18
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
19
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
20
- });
21
- exports.authorizedPromptSchema = zod_1.z.object({
22
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
23
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
24
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
25
- });
26
- exports.authModeSchema = zod_1.z.enum(['public', 'transparent', 'orchestrated']);
27
- exports.llmSafeAuthContextSchema = zod_1.z.object({
28
- authorizationId: zod_1.z.string(),
29
- sessionId: zod_1.z.string(),
30
- mode: exports.authModeSchema,
31
- isAnonymous: zod_1.z.boolean(),
32
- user: zod_1.z.object({
33
- sub: zod_1.z.string(),
34
- name: zod_1.z.string().optional(),
35
- }),
36
- scopes: zod_1.z.array(zod_1.z.string()),
37
- authorizedToolIds: zod_1.z.array(zod_1.z.string()),
38
- authorizedPromptIds: zod_1.z.array(zod_1.z.string()),
39
- });
40
- // ============================================
41
- // Progressive/Incremental Authorization Types
42
- // ============================================
43
- /**
44
- * State of app authorization within a session.
45
- * Used for progressive authorization flow.
46
- */
47
- var AppAuthState;
48
- (function (AppAuthState) {
49
- /** App has been fully authorized with tokens stored */
50
- AppAuthState["AUTHORIZED"] = "authorized";
51
- /** User explicitly skipped this app during initial auth */
52
- AppAuthState["SKIPPED"] = "skipped";
53
- /** App authorization is pending (not yet presented to user) */
54
- AppAuthState["PENDING"] = "pending";
55
- })(AppAuthState || (exports.AppAuthState = AppAuthState = {}));
56
- /**
57
- * Zod schema for AppAuthState enum
58
- */
59
- exports.appAuthStateSchema = zod_1.z.nativeEnum(AppAuthState);
60
- /**
61
- * Zod schema for AppAuthorizationRecord
62
- */
63
- exports.appAuthorizationRecordSchema = zod_1.z.object({
64
- appId: zod_1.z.string(),
65
- state: exports.appAuthStateSchema,
66
- stateChangedAt: zod_1.z.number(),
67
- grantedScopes: zod_1.z.array(zod_1.z.string()).optional(),
68
- authProviderId: zod_1.z.string().optional(),
69
- toolIds: zod_1.z.array(zod_1.z.string()),
70
- });
71
- /**
72
- * Zod schema for ProgressiveAuthState
73
- */
74
- exports.progressiveAuthStateSchema = zod_1.z.object({
75
- apps: zod_1.z.record(zod_1.z.string(), exports.appAuthorizationRecordSchema),
76
- initiallyAuthorized: zod_1.z.array(zod_1.z.string()),
77
- initiallySkipped: zod_1.z.array(zod_1.z.string()),
78
- });
79
- //# sourceMappingURL=authorization.types.js.map
package/src/auth/authorization/authorization.types.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.types.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.types.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,6BAAwB;AAiNxB,+CAA+C;AAC/C,cAAc;AACd,+CAA+C;AAElC,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;IACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;IACpC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,SAAS,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAClC,CAAC,CAAC;AAEU,QAAA,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,cAAc,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC,CAAC;AAEnE,QAAA,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC/C,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE;IAC3B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE;IACrB,IAAI,EAAE,sBAAc;IACpB,WAAW,EAAE,OAAC,CAAC,OAAO,EAAE;IACxB,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC;QACb,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;QACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC5B,CAAC;IACF,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACtC,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACzC,CAAC,CAAC;AAEH,+CAA+C;AAC/C,8CAA8C;AAC9C,+CAA+C;AAE/C;;;GAGG;AACH,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,uDAAuD;IACvD,yCAAyB,CAAA;IACzB,2DAA2D;IAC3D,mCAAmB,CAAA;IACnB,+DAA+D;IAC/D,mCAAmB,CAAA;AACrB,CAAC,EAPW,YAAY,4BAAZ,YAAY,QAOvB;AAmCD;;GAEG;AACU,QAAA,kBAAkB,GAAG,OAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAE7D;;GAEG;AACU,QAAA,4BAA4B,GAAG,OAAC,CAAC,MAAM,CAAC;IACnD,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,KAAK,EAAE,0BAAkB;IACzB,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE;IAC1B,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC7C,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CAC7B,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IACjD,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,oCAA4B,CAAC;IACxD,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACxC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACtC,CAAC,CAAC","sourcesContent":["// auth/authorization/authorization.types.ts\n\nimport { z } from 'zod';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { TransportSession, TransportProtocol } from '../session';\nimport type { AuthMode } from '../../common';\n\n/**\n * User identity from authentication\n */\nexport interface AuthUser {\n /** Subject identifier */\n sub: string;\n /** Display name */\n name?: string;\n /** Email address */\n email?: string;\n /** Profile picture URL */\n picture?: string;\n /** Whether this is an anonymous user */\n anonymous?: boolean;\n}\n\n/**\n * Authorized tool entry\n */\nexport interface AuthorizedTool {\n /** Execution path: [appId, toolId] */\n executionPath: [appId: string, toolId: string];\n /** Required scopes for this tool */\n scopes?: string[];\n /** Additional tool metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorized prompt entry\n */\nexport interface AuthorizedPrompt {\n /** Execution path: [appId, promptId] */\n executionPath: [appId: string, promptId: string];\n /** Required scopes for this prompt */\n scopes?: string[];\n /** Additional prompt metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorization represents the authenticated user context.\n * Created from JWT verification, independent of transport.\n * One authorization can have multiple transport sessions.\n */\nexport interface Authorization {\n /** Unique authorization ID (derived from token signature) */\n readonly id: string;\n\n /** Auth mode that created this authorization */\n readonly mode: AuthMode;\n\n /** Whether this is an anonymous/public authorization */\n readonly isAnonymous: boolean;\n\n /** User identity */\n readonly user: AuthUser;\n\n /** JWT claims */\n readonly claims?: Record<string, unknown>;\n\n /** Token expiration (epoch ms) */\n readonly expiresAt?: number;\n\n /** Granted scopes */\n readonly scopes: string[];\n\n /** Authorized providers (for orchestrated mode) */\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n\n /** Authorized provider IDs */\n readonly authorizedProviderIds: string[];\n\n /** Authorized apps */\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n\n /** Authorized app IDs */\n readonly authorizedAppIds: string[];\n\n /** Authorized tools */\n readonly authorizedTools: Record<string, AuthorizedTool>;\n\n /** Authorized tool IDs */\n readonly authorizedToolIds: string[];\n\n /** Authorized prompts */\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n\n /** Authorized prompt IDs */\n readonly authorizedPromptIds: string[];\n\n /** Authorized resources */\n readonly authorizedResources: string[];\n\n /**\n * Get access token for a provider (orchestrated mode)\n * @param providerId - Provider ID, defaults to primary\n */\n getToken(providerId?: string): Promise<string>;\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession;\n\n /**\n * Get existing transport session by ID\n * @param sessionId - Session ID to retrieve\n */\n getTransportSession(sessionId: string): TransportSession | undefined;\n\n /**\n * Check if a scope is granted\n * @param scope - Scope to check\n */\n hasScope(scope: string): boolean;\n\n /**\n * Check if all scopes are granted\n * @param scopes - Scopes to check\n */\n hasAllScopes(scopes: string[]): boolean;\n\n /**\n * Check if any scope is granted\n * @param scopes - Scopes to check\n */\n hasAnyScope(scopes: string[]): boolean;\n\n /**\n * Check if a tool is authorized\n * @param toolId - Tool ID to check\n */\n canAccessTool(toolId: string): boolean;\n\n /**\n * Check if a prompt is authorized\n * @param promptId - Prompt ID to check\n */\n canAccessPrompt(promptId: string): boolean;\n}\n\n/**\n * Context for creating an authorization\n */\nexport interface AuthorizationCreateCtx {\n /** Unique ID (typically token signature fingerprint) */\n id: string;\n /** Whether this is anonymous */\n isAnonymous: boolean;\n /** User identity */\n user: AuthUser;\n /** JWT claims */\n claims?: Record<string, unknown>;\n /** Token expiration (epoch ms) */\n expiresAt?: number;\n /** Granted scopes */\n scopes?: string[];\n /** The original token (for transparent mode) */\n token?: string;\n /** Authorized providers */\n authorizedProviders?: Record<string, ProviderSnapshot>;\n /** Authorized provider IDs */\n authorizedProviderIds?: string[];\n /** Authorized apps */\n authorizedApps?: Record<string, { id: string; toolIds: string[] }>;\n /** Authorized app IDs */\n authorizedAppIds?: string[];\n /** Authorized tools */\n authorizedTools?: Record<string, AuthorizedTool>;\n /** Authorized tool IDs */\n authorizedToolIds?: string[];\n /** Authorized prompts */\n authorizedPrompts?: Record<string, AuthorizedPrompt>;\n /** Authorized prompt IDs */\n authorizedPromptIds?: string[];\n /** Authorized resources */\n authorizedResources?: string[];\n}\n\n/**\n * LLM-safe session context (no tokens exposed)\n */\nexport interface LLMSafeAuthContext {\n /** Authorization ID */\n authorizationId: string;\n /** Session ID */\n sessionId: string;\n /** Auth mode */\n mode: AuthMode;\n /** Whether anonymous */\n isAnonymous: boolean;\n /** User (sub and name only) */\n user: { sub: string; name?: string };\n /** Granted scopes */\n scopes: string[];\n /** Authorized tool IDs */\n authorizedToolIds: string[];\n /** Authorized prompt IDs */\n authorizedPromptIds: string[];\n}\n\n// ============================================\n// Zod Schemas\n// ============================================\n\nexport const authUserSchema = z.object({\n sub: z.string(),\n name: z.string().optional(),\n email: z.string().email().optional(),\n picture: z.string().url().optional(),\n anonymous: z.boolean().optional(),\n});\n\nexport const authorizedToolSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authorizedPromptSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authModeSchema = z.enum(['public', 'transparent', 'orchestrated']);\n\nexport const llmSafeAuthContextSchema = z.object({\n authorizationId: z.string(),\n sessionId: z.string(),\n mode: authModeSchema,\n isAnonymous: z.boolean(),\n user: z.object({\n sub: z.string(),\n name: z.string().optional(),\n }),\n scopes: z.array(z.string()),\n authorizedToolIds: z.array(z.string()),\n authorizedPromptIds: z.array(z.string()),\n});\n\n// ============================================\n// Progressive/Incremental Authorization Types\n// ============================================\n\n/**\n * State of app authorization within a session.\n * Used for progressive authorization flow.\n */\nexport enum AppAuthState {\n /** App has been fully authorized with tokens stored */\n AUTHORIZED = 'authorized',\n /** User explicitly skipped this app during initial auth */\n SKIPPED = 'skipped',\n /** App authorization is pending (not yet presented to user) */\n PENDING = 'pending',\n}\n\n/**\n * App authorization record with state tracking.\n * Stored server-side, NOT in JWT.\n */\nexport interface AppAuthorizationRecord {\n /** App ID */\n appId: string;\n /** Current authorization state */\n state: AppAuthState;\n /** When the state was last changed (epoch ms) */\n stateChangedAt: number;\n /** Scopes granted for this app */\n grantedScopes?: string[];\n /** Auth provider ID used for this app */\n authProviderId?: string;\n /** Tool IDs accessible through this app authorization */\n toolIds: string[];\n}\n\n/**\n * Progressive auth session state.\n * Tracks which apps are authorized, skipped, or pending.\n * Stored server-side for security.\n */\nexport interface ProgressiveAuthState {\n /** App authorization records by app ID */\n apps: Record<string, AppAuthorizationRecord>;\n /** Apps authorized during initial auth */\n initiallyAuthorized: string[];\n /** Apps skipped during initial auth */\n initiallySkipped: string[];\n}\n\n/**\n * Zod schema for AppAuthState enum\n */\nexport const appAuthStateSchema = z.nativeEnum(AppAuthState);\n\n/**\n * Zod schema for AppAuthorizationRecord\n */\nexport const appAuthorizationRecordSchema = z.object({\n appId: z.string(),\n state: appAuthStateSchema,\n stateChangedAt: z.number(),\n grantedScopes: z.array(z.string()).optional(),\n authProviderId: z.string().optional(),\n toolIds: z.array(z.string()),\n});\n\n/**\n * Zod schema for ProgressiveAuthState\n */\nexport const progressiveAuthStateSchema = z.object({\n apps: z.record(z.string(), appAuthorizationRecordSchema),\n initiallyAuthorized: z.array(z.string()),\n initiallySkipped: z.array(z.string()),\n});\n"]}
package/src/auth/authorization/index.js DELETED
@@ -1,19 +0,0 @@
1
- "use strict";
2
- // auth/authorization/index.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.OrchestratedAuthorization = exports.TransparentAuthorization = exports.PublicAuthorization = exports.getMachineId = exports.AuthorizationBase = void 0;
5
- const tslib_1 = require("tslib");
6
- // Types
7
- tslib_1.__exportStar(require("./authorization.types"), exports);
8
- // Base class
9
- var authorization_class_1 = require("./authorization.class");
10
- Object.defineProperty(exports, "AuthorizationBase", { enumerable: true, get: function () { return authorization_class_1.AuthorizationBase; } });
11
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return authorization_class_1.getMachineId; } });
12
- // Mode-specific implementations
13
- var public_authorization_1 = require("./public.authorization");
14
- Object.defineProperty(exports, "PublicAuthorization", { enumerable: true, get: function () { return public_authorization_1.PublicAuthorization; } });
15
- var transparent_authorization_1 = require("./transparent.authorization");
16
- Object.defineProperty(exports, "TransparentAuthorization", { enumerable: true, get: function () { return transparent_authorization_1.TransparentAuthorization; } });
17
- var orchestrated_authorization_1 = require("./orchestrated.authorization");
18
- Object.defineProperty(exports, "OrchestratedAuthorization", { enumerable: true, get: function () { return orchestrated_authorization_1.OrchestratedAuthorization; } });
19
- //# sourceMappingURL=index.js.map
package/src/auth/authorization/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/auth/authorization/index.ts"],"names":[],"mappings":";AAAA,8BAA8B;;;;AAE9B,QAAQ;AACR,gEAAsC;AAEtC,aAAa;AACb,6DAAwE;AAA/D,wHAAA,iBAAiB,OAAA;AAAE,mHAAA,YAAY,OAAA;AAExC,gCAAgC;AAChC,+DAA2F;AAAlF,2HAAA,mBAAmB,OAAA;AAC5B,yEAIqC;AAHnC,qIAAA,wBAAwB,OAAA;AAI1B,2EAMsC;AALpC,uIAAA,yBAAyB,OAAA","sourcesContent":["// auth/authorization/index.ts\n\n// Types\nexport * from './authorization.types';\n\n// Base class\nexport { AuthorizationBase, getMachineId } from './authorization.class';\n\n// Mode-specific implementations\nexport { PublicAuthorization, PublicAuthorizationCreateCtx } from './public.authorization';\nexport {\n TransparentAuthorization,\n TransparentAuthorizationCreateCtx,\n TransparentVerifiedPayload,\n} from './transparent.authorization';\nexport {\n OrchestratedAuthorization,\n OrchestratedAuthorizationCreateCtx,\n OrchestratedProviderState,\n TokenStore,\n TokenRefreshCallback,\n} from './orchestrated.authorization';\n"]}