@frontmcp/sdk 0.6.1 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{src/auth → auth}/instances/instance.local-primary-auth.d.ts +1 -1
- package/{src/auth → auth}/instances/instance.remote-primary-auth.d.ts +1 -1
- package/{src/common → common}/interfaces/internal/primary-auth-provider.interface.d.ts +1 -4
- package/{src/common → common}/metadata/front-mcp.metadata.d.ts +1074 -44
- package/common/types/options/auth/app-auth.schema.d.ts +275 -0
- package/common/types/options/auth/auth.interfaces.d.ts +461 -0
- package/common/types/options/auth/auth.schema.d.ts +284 -0
- package/common/types/options/auth/auth.utils.d.ts +32 -0
- package/common/types/options/auth/index.d.ts +16 -0
- package/common/types/options/auth/orchestrated.schema.d.ts +381 -0
- package/common/types/options/auth/public.schema.d.ts +42 -0
- package/common/types/options/auth/shared.schemas.d.ts +120 -0
- package/common/types/options/auth/transparent.schema.d.ts +56 -0
- package/common/types/options/auth/transport.deprecated.d.ts +63 -0
- package/{src/common → common}/types/options/index.d.ts +1 -1
- package/{src/common → common}/types/options/transport.options.d.ts +6 -1
- package/{src/common → common}/utils/decide-request-intent.utils.d.ts +6 -7
- package/esm/index.mjs +22664 -0
- package/esm/mcp-apps/index.mjs +723 -0
- package/esm/package.json +81 -0
- package/index.js +22957 -0
- package/logger/logger.tokens.d.ts +1 -0
- package/mcp-apps/index.js +799 -0
- package/package.json +26 -13
- package/README.md +0 -461
- package/src/adapter/adapter.instance.js +0 -70
- package/src/adapter/adapter.instance.js.map +0 -1
- package/src/adapter/adapter.regsitry.js +0 -54
- package/src/adapter/adapter.regsitry.js.map +0 -1
- package/src/adapter/adapter.utils.js +0 -83
- package/src/adapter/adapter.utils.js.map +0 -1
- package/src/app/app.registry.js +0 -66
- package/src/app/app.registry.js.map +0 -1
- package/src/app/app.utils.js +0 -58
- package/src/app/app.utils.js.map +0 -1
- package/src/app/instances/app.local.instance.js +0 -67
- package/src/app/instances/app.local.instance.js.map +0 -1
- package/src/app/instances/app.remote.instance.js +0 -36
- package/src/app/instances/app.remote.instance.js.map +0 -1
- package/src/app/instances/index.js +0 -6
- package/src/app/instances/index.js.map +0 -1
- package/src/auth/auth.registry.js +0 -219
- package/src/auth/auth.registry.js.map +0 -1
- package/src/auth/auth.utils.js +0 -84
- package/src/auth/auth.utils.js.map +0 -1
- package/src/auth/authorization/authorization.class.js +0 -217
- package/src/auth/authorization/authorization.class.js.map +0 -1
- package/src/auth/authorization/authorization.types.js +0 -79
- package/src/auth/authorization/authorization.types.js.map +0 -1
- package/src/auth/authorization/index.js +0 -19
- package/src/auth/authorization/index.js.map +0 -1
- package/src/auth/authorization/orchestrated.authorization.js +0 -306
- package/src/auth/authorization/orchestrated.authorization.js.map +0 -1
- package/src/auth/authorization/public.authorization.js +0 -132
- package/src/auth/authorization/public.authorization.js.map +0 -1
- package/src/auth/authorization/transparent.authorization.js +0 -147
- package/src/auth/authorization/transparent.authorization.js.map +0 -1
- package/src/auth/consent/consent.types.js +0 -119
- package/src/auth/consent/consent.types.js.map +0 -1
- package/src/auth/consent/index.js +0 -13
- package/src/auth/consent/index.js.map +0 -1
- package/src/auth/detection/auth-provider-detection.js +0 -230
- package/src/auth/detection/auth-provider-detection.js.map +0 -1
- package/src/auth/detection/index.js +0 -15
- package/src/auth/detection/index.js.map +0 -1
- package/src/auth/flows/auth.verify.flow.js +0 -379
- package/src/auth/flows/auth.verify.flow.js.map +0 -1
- package/src/auth/flows/oauth.authorize.flow.js +0 -822
- package/src/auth/flows/oauth.authorize.flow.js.map +0 -1
- package/src/auth/flows/oauth.callback.flow.js +0 -357
- package/src/auth/flows/oauth.callback.flow.js.map +0 -1
- package/src/auth/flows/oauth.register.flow.js +0 -201
- package/src/auth/flows/oauth.register.flow.js.map +0 -1
- package/src/auth/flows/oauth.token.flow.js +0 -319
- package/src/auth/flows/oauth.token.flow.js.map +0 -1
- package/src/auth/flows/session.verify.flow.js +0 -304
- package/src/auth/flows/session.verify.flow.js.map +0 -1
- package/src/auth/flows/well-known.jwks.flow.js +0 -89
- package/src/auth/flows/well-known.jwks.flow.js.map +0 -1
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js +0 -122
- package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +0 -1
- package/src/auth/flows/well-known.prm.flow.js +0 -106
- package/src/auth/flows/well-known.prm.flow.js.map +0 -1
- package/src/auth/instances/instance.local-primary-auth.js +0 -308
- package/src/auth/instances/instance.local-primary-auth.js.map +0 -1
- package/src/auth/instances/instance.remote-primary-auth.js +0 -49
- package/src/auth/instances/instance.remote-primary-auth.js.map +0 -1
- package/src/auth/jwks/dev-key-persistence.js +0 -219
- package/src/auth/jwks/dev-key-persistence.js.map +0 -1
- package/src/auth/jwks/index.js +0 -7
- package/src/auth/jwks/index.js.map +0 -1
- package/src/auth/jwks/jwks.service.js +0 -303
- package/src/auth/jwks/jwks.service.js.map +0 -1
- package/src/auth/jwks/jwks.types.js +0 -3
- package/src/auth/jwks/jwks.types.js.map +0 -1
- package/src/auth/jwks/jwks.utils.js +0 -32
- package/src/auth/jwks/jwks.utils.js.map +0 -1
- package/src/auth/machine-id.js +0 -32
- package/src/auth/machine-id.js.map +0 -1
- package/src/auth/oauth/flows/oauth.authorize.flow.js +0 -33
- package/src/auth/oauth/flows/oauth.authorize.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js +0 -48
- package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.introspect.flow.js +0 -28
- package/src/auth/oauth/flows/oauth.introspect.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.par.flow.js +0 -29
- package/src/auth/oauth/flows/oauth.par.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.revoke.flow.js +0 -27
- package/src/auth/oauth/flows/oauth.revoke.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.token.flow.js +0 -59
- package/src/auth/oauth/flows/oauth.token.flow.js.map +0 -1
- package/src/auth/oauth/flows/oauth.userinfo.flow.js +0 -24
- package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +0 -1
- package/src/auth/oauth/flows/oidc.logout.flow.js +0 -20
- package/src/auth/oauth/flows/oidc.logout.flow.js.map +0 -1
- package/src/auth/session/authorization-vault.js +0 -817
- package/src/auth/session/authorization-vault.js.map +0 -1
- package/src/auth/session/authorization.store.js +0 -323
- package/src/auth/session/authorization.store.js.map +0 -1
- package/src/auth/session/encrypted-authorization-vault.js +0 -493
- package/src/auth/session/encrypted-authorization-vault.js.map +0 -1
- package/src/auth/session/index.js +0 -18
- package/src/auth/session/index.js.map +0 -1
- package/src/auth/session/record/session.base.js +0 -125
- package/src/auth/session/record/session.base.js.map +0 -1
- package/src/auth/session/record/session.stateful.js +0 -55
- package/src/auth/session/record/session.stateful.js.map +0 -1
- package/src/auth/session/record/session.stateless.js +0 -32
- package/src/auth/session/record/session.stateless.js.map +0 -1
- package/src/auth/session/record/session.transparent.js +0 -22
- package/src/auth/session/record/session.transparent.js.map +0 -1
- package/src/auth/session/redis-session.store.js +0 -204
- package/src/auth/session/redis-session.store.js.map +0 -1
- package/src/auth/session/session.crypto.js +0 -47
- package/src/auth/session/session.crypto.js.map +0 -1
- package/src/auth/session/session.schema.js +0 -13
- package/src/auth/session/session.schema.js.map +0 -1
- package/src/auth/session/session.service.js +0 -105
- package/src/auth/session/session.service.js.map +0 -1
- package/src/auth/session/session.transport.js +0 -20
- package/src/auth/session/session.transport.js.map +0 -1
- package/src/auth/session/session.types.js +0 -4
- package/src/auth/session/session.types.js.map +0 -1
- package/src/auth/session/token.refresh.js +0 -63
- package/src/auth/session/token.refresh.js.map +0 -1
- package/src/auth/session/token.store.js +0 -53
- package/src/auth/session/token.store.js.map +0 -1
- package/src/auth/session/token.vault.js +0 -54
- package/src/auth/session/token.vault.js.map +0 -1
- package/src/auth/session/transport-session.manager.js +0 -298
- package/src/auth/session/transport-session.manager.js.map +0 -1
- package/src/auth/session/transport-session.types.js +0 -111
- package/src/auth/session/transport-session.types.js.map +0 -1
- package/src/auth/session/utils/auth-token.utils.js +0 -57
- package/src/auth/session/utils/auth-token.utils.js.map +0 -1
- package/src/auth/session/utils/session-id.utils.js +0 -217
- package/src/auth/session/utils/session-id.utils.js.map +0 -1
- package/src/auth/session/utils/tiny-ttl-cache.js +0 -26
- package/src/auth/session/utils/tiny-ttl-cache.js.map +0 -1
- package/src/auth/session/vault-encryption.js +0 -263
- package/src/auth/session/vault-encryption.js.map +0 -1
- package/src/auth/session/vercel-kv-session.store.js +0 -216
- package/src/auth/session/vercel-kv-session.store.js.map +0 -1
- package/src/auth/ui/base-layout.js +0 -279
- package/src/auth/ui/base-layout.js.map +0 -1
- package/src/auth/ui/index.js +0 -34
- package/src/auth/ui/index.js.map +0 -1
- package/src/auth/ui/templates.js +0 -426
- package/src/auth/ui/templates.js.map +0 -1
- package/src/auth/utils/audience.validator.js +0 -196
- package/src/auth/utils/audience.validator.js.map +0 -1
- package/src/auth/utils/index.js +0 -7
- package/src/auth/utils/index.js.map +0 -1
- package/src/auth/utils/www-authenticate.utils.js +0 -183
- package/src/auth/utils/www-authenticate.utils.js.map +0 -1
- package/src/common/common.schema.js +0 -35
- package/src/common/common.schema.js.map +0 -1
- package/src/common/constants.js +0 -13
- package/src/common/constants.js.map +0 -1
- package/src/common/decorators/adapter.decorator.js +0 -20
- package/src/common/decorators/adapter.decorator.js.map +0 -1
- package/src/common/decorators/app.decorator.js +0 -44
- package/src/common/decorators/app.decorator.js.map +0 -1
- package/src/common/decorators/auth-provider.decorator.js +0 -20
- package/src/common/decorators/auth-provider.decorator.js.map +0 -1
- package/src/common/decorators/decorator-utils.js +0 -195
- package/src/common/decorators/decorator-utils.js.map +0 -1
- package/src/common/decorators/flow.decorator.js +0 -19
- package/src/common/decorators/flow.decorator.js.map +0 -1
- package/src/common/decorators/front-mcp.decorator.js +0 -64
- package/src/common/decorators/front-mcp.decorator.js.map +0 -1
- package/src/common/decorators/hook.decorator.js +0 -178
- package/src/common/decorators/hook.decorator.js.map +0 -1
- package/src/common/decorators/index.js +0 -16
- package/src/common/decorators/index.js.map +0 -1
- package/src/common/decorators/logger.decorator.js +0 -20
- package/src/common/decorators/logger.decorator.js.map +0 -1
- package/src/common/decorators/plugin.decorator.js +0 -39
- package/src/common/decorators/plugin.decorator.js.map +0 -1
- package/src/common/decorators/prompt.decorator.js +0 -38
- package/src/common/decorators/prompt.decorator.js.map +0 -1
- package/src/common/decorators/provider.decorator.js +0 -20
- package/src/common/decorators/provider.decorator.js.map +0 -1
- package/src/common/decorators/resource.decorator.js +0 -94
- package/src/common/decorators/resource.decorator.js.map +0 -1
- package/src/common/decorators/tool.decorator.js +0 -45
- package/src/common/decorators/tool.decorator.js.map +0 -1
- package/src/common/dynamic/dynamic.adapter.js +0 -28
- package/src/common/dynamic/dynamic.adapter.js.map +0 -1
- package/src/common/dynamic/dynamic.plugin.js +0 -42
- package/src/common/dynamic/dynamic.plugin.js.map +0 -1
- package/src/common/dynamic/dynamic.utils.js +0 -27
- package/src/common/dynamic/dynamic.utils.js.map +0 -1
- package/src/common/dynamic/index.js +0 -6
- package/src/common/dynamic/index.js.map +0 -1
- package/src/common/entries/adapter.entry.js +0 -8
- package/src/common/entries/adapter.entry.js.map +0 -1
- package/src/common/entries/app.entry.js +0 -9
- package/src/common/entries/app.entry.js.map +0 -1
- package/src/common/entries/auth-provider.entry.js +0 -8
- package/src/common/entries/auth-provider.entry.js.map +0 -1
- package/src/common/entries/base.entry.js +0 -17
- package/src/common/entries/base.entry.js.map +0 -1
- package/src/common/entries/flow.entry.js +0 -21
- package/src/common/entries/flow.entry.js.map +0 -1
- package/src/common/entries/hook.entry.js +0 -20
- package/src/common/entries/hook.entry.js.map +0 -1
- package/src/common/entries/index.js +0 -17
- package/src/common/entries/index.js.map +0 -1
- package/src/common/entries/logger.entry.js +0 -8
- package/src/common/entries/logger.entry.js.map +0 -1
- package/src/common/entries/plugin.entry.js +0 -8
- package/src/common/entries/plugin.entry.js.map +0 -1
- package/src/common/entries/prompt.entry.js +0 -18
- package/src/common/entries/prompt.entry.js.map +0 -1
- package/src/common/entries/provider.entry.js +0 -8
- package/src/common/entries/provider.entry.js.map +0 -1
- package/src/common/entries/resource.entry.js +0 -35
- package/src/common/entries/resource.entry.js.map +0 -1
- package/src/common/entries/scope.entry.js +0 -14
- package/src/common/entries/scope.entry.js.map +0 -1
- package/src/common/entries/tool.entry.js +0 -31
- package/src/common/entries/tool.entry.js.map +0 -1
- package/src/common/flow/flow.utils.js +0 -96
- package/src/common/flow/flow.utils.js.map +0 -1
- package/src/common/index.js +0 -20
- package/src/common/index.js.map +0 -1
- package/src/common/interfaces/adapter.interface.js +0 -3
- package/src/common/interfaces/adapter.interface.js.map +0 -1
- package/src/common/interfaces/app.interface.js +0 -3
- package/src/common/interfaces/app.interface.js.map +0 -1
- package/src/common/interfaces/auth-hook.interface.js +0 -135
- package/src/common/interfaces/auth-hook.interface.js.map +0 -1
- package/src/common/interfaces/auth-provider.interface.js +0 -18
- package/src/common/interfaces/auth-provider.interface.js.map +0 -1
- package/src/common/interfaces/base.interface.js +0 -3
- package/src/common/interfaces/base.interface.js.map +0 -1
- package/src/common/interfaces/execution-context.interface.js +0 -166
- package/src/common/interfaces/execution-context.interface.js.map +0 -1
- package/src/common/interfaces/flow.interface.js +0 -95
- package/src/common/interfaces/flow.interface.js.map +0 -1
- package/src/common/interfaces/front-mcp.interface.js +0 -3
- package/src/common/interfaces/front-mcp.interface.js.map +0 -1
- package/src/common/interfaces/hook.interface.js +0 -3
- package/src/common/interfaces/hook.interface.js.map +0 -1
- package/src/common/interfaces/index.js +0 -21
- package/src/common/interfaces/index.js.map +0 -1
- package/src/common/interfaces/internal/flow.utils.js +0 -83
- package/src/common/interfaces/internal/flow.utils.js.map +0 -1
- package/src/common/interfaces/internal/index.js +0 -7
- package/src/common/interfaces/internal/index.js.map +0 -1
- package/src/common/interfaces/internal/primary-auth-provider.interface.js +0 -81
- package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
- package/src/common/interfaces/internal/registry.interface.js +0 -3
- package/src/common/interfaces/internal/registry.interface.js.map +0 -1
- package/src/common/interfaces/logger.interface.js +0 -10
- package/src/common/interfaces/logger.interface.js.map +0 -1
- package/src/common/interfaces/plugin.interface.js +0 -3
- package/src/common/interfaces/plugin.interface.js.map +0 -1
- package/src/common/interfaces/prompt.interface.js +0 -81
- package/src/common/interfaces/prompt.interface.js.map +0 -1
- package/src/common/interfaces/provider.interface.js +0 -18
- package/src/common/interfaces/provider.interface.js.map +0 -1
- package/src/common/interfaces/resource.interface.js +0 -56
- package/src/common/interfaces/resource.interface.js.map +0 -1
- package/src/common/interfaces/scope.interface.js +0 -3
- package/src/common/interfaces/scope.interface.js.map +0 -1
- package/src/common/interfaces/server.interface.js +0 -18
- package/src/common/interfaces/server.interface.js.map +0 -1
- package/src/common/interfaces/session-hook.interface.js +0 -140
- package/src/common/interfaces/session-hook.interface.js.map +0 -1
- package/src/common/interfaces/tool-hook.interface.js +0 -92
- package/src/common/interfaces/tool-hook.interface.js.map +0 -1
- package/src/common/interfaces/tool.interface.js +0 -117
- package/src/common/interfaces/tool.interface.js.map +0 -1
- package/src/common/metadata/adapter.metadata.js +0 -10
- package/src/common/metadata/adapter.metadata.js.map +0 -1
- package/src/common/metadata/app.metadata.js +0 -30
- package/src/common/metadata/app.metadata.js.map +0 -1
- package/src/common/metadata/auth-provider.metadata.js +0 -19
- package/src/common/metadata/auth-provider.metadata.js.map +0 -1
- package/src/common/metadata/flow.metadata.js +0 -15
- package/src/common/metadata/flow.metadata.js.map +0 -1
- package/src/common/metadata/front-mcp.metadata.js +0 -30
- package/src/common/metadata/front-mcp.metadata.js.map +0 -1
- package/src/common/metadata/hook.metadata.js +0 -3
- package/src/common/metadata/hook.metadata.js.map +0 -1
- package/src/common/metadata/index.js +0 -17
- package/src/common/metadata/index.js.map +0 -1
- package/src/common/metadata/logger.metadata.js +0 -10
- package/src/common/metadata/logger.metadata.js.map +0 -1
- package/src/common/metadata/plugin.metadata.js +0 -18
- package/src/common/metadata/plugin.metadata.js.map +0 -1
- package/src/common/metadata/prompt.metadata.js +0 -27
- package/src/common/metadata/prompt.metadata.js.map +0 -1
- package/src/common/metadata/provider.metadata.js +0 -36
- package/src/common/metadata/provider.metadata.js.map +0 -1
- package/src/common/metadata/resource.metadata.js +0 -31
- package/src/common/metadata/resource.metadata.js.map +0 -1
- package/src/common/metadata/tool-ui.metadata.js +0 -12
- package/src/common/metadata/tool-ui.metadata.js.map +0 -1
- package/src/common/metadata/tool.metadata.js +0 -55
- package/src/common/metadata/tool.metadata.js.map +0 -1
- package/src/common/migrate/auth-transport.migrate.js +0 -140
- package/src/common/migrate/auth-transport.migrate.js.map +0 -1
- package/src/common/migrate/index.js +0 -6
- package/src/common/migrate/index.js.map +0 -1
- package/src/common/providers/base-config.provider.js +0 -128
- package/src/common/providers/base-config.provider.js.map +0 -1
- package/src/common/records/adapter.record.js +0 -11
- package/src/common/records/adapter.record.js.map +0 -1
- package/src/common/records/app.record.js +0 -9
- package/src/common/records/app.record.js.map +0 -1
- package/src/common/records/auth-provider.record.js +0 -12
- package/src/common/records/auth-provider.record.js.map +0 -1
- package/src/common/records/flow.record.js +0 -8
- package/src/common/records/flow.record.js.map +0 -1
- package/src/common/records/hook.record.js +0 -8
- package/src/common/records/hook.record.js.map +0 -1
- package/src/common/records/index.js +0 -16
- package/src/common/records/index.js.map +0 -1
- package/src/common/records/logger.record.js +0 -8
- package/src/common/records/logger.record.js.map +0 -1
- package/src/common/records/plugin.record.js +0 -11
- package/src/common/records/plugin.record.js.map +0 -1
- package/src/common/records/prompt.record.js +0 -9
- package/src/common/records/prompt.record.js.map +0 -1
- package/src/common/records/provider.record.js +0 -14
- package/src/common/records/provider.record.js.map +0 -1
- package/src/common/records/resource.record.js +0 -20
- package/src/common/records/resource.record.js.map +0 -1
- package/src/common/records/scope.record.js +0 -9
- package/src/common/records/scope.record.js.map +0 -1
- package/src/common/records/tool.record.js +0 -9
- package/src/common/records/tool.record.js.map +0 -1
- package/src/common/schemas/annotated-class.schema.js +0 -109
- package/src/common/schemas/annotated-class.schema.js.map +0 -1
- package/src/common/schemas/http-input.schema.js +0 -13
- package/src/common/schemas/http-input.schema.js.map +0 -1
- package/src/common/schemas/http-output.schema.js +0 -321
- package/src/common/schemas/http-output.schema.js.map +0 -1
- package/src/common/schemas/index.js +0 -8
- package/src/common/schemas/index.js.map +0 -1
- package/src/common/schemas/session-header.schema.js +0 -42
- package/src/common/schemas/session-header.schema.js.map +0 -1
- package/src/common/tokens/adapter.tokens.js +0 -11
- package/src/common/tokens/adapter.tokens.js.map +0 -1
- package/src/common/tokens/app.tokens.js +0 -30
- package/src/common/tokens/app.tokens.js.map +0 -1
- package/src/common/tokens/auth-provider.tokens.js +0 -12
- package/src/common/tokens/auth-provider.tokens.js.map +0 -1
- package/src/common/tokens/base.tokens.js +0 -9
- package/src/common/tokens/base.tokens.js.map +0 -1
- package/src/common/tokens/flow-hook.tokens.js +0 -9
- package/src/common/tokens/flow-hook.tokens.js.map +0 -1
- package/src/common/tokens/flow.tokens.js +0 -16
- package/src/common/tokens/flow.tokens.js.map +0 -1
- package/src/common/tokens/front-mcp.tokens.js +0 -25
- package/src/common/tokens/front-mcp.tokens.js.map +0 -1
- package/src/common/tokens/index.js +0 -17
- package/src/common/tokens/index.js.map +0 -1
- package/src/common/tokens/logger.tokens.js +0 -11
- package/src/common/tokens/logger.tokens.js.map +0 -1
- package/src/common/tokens/plugin.tokens.js +0 -18
- package/src/common/tokens/plugin.tokens.js.map +0 -1
- package/src/common/tokens/prompt.tokens.js +0 -14
- package/src/common/tokens/prompt.tokens.js.map +0 -1
- package/src/common/tokens/provider.tokens.js +0 -12
- package/src/common/tokens/provider.tokens.js.map +0 -1
- package/src/common/tokens/resource.tokens.js +0 -28
- package/src/common/tokens/resource.tokens.js.map +0 -1
- package/src/common/tokens/server.tokens.js +0 -11
- package/src/common/tokens/server.tokens.js.map +0 -1
- package/src/common/tokens/tool.tokens.js +0 -21
- package/src/common/tokens/tool.tokens.js.map +0 -1
- package/src/common/types/auth/index.js +0 -6
- package/src/common/types/auth/index.js.map +0 -1
- package/src/common/types/auth/jwt.types.js +0 -36
- package/src/common/types/auth/jwt.types.js.map +0 -1
- package/src/common/types/auth/session.types.js +0 -53
- package/src/common/types/auth/session.types.js.map +0 -1
- package/src/common/types/common.types.js +0 -3
- package/src/common/types/common.types.js.map +0 -1
- package/src/common/types/index.js +0 -7
- package/src/common/types/index.js.map +0 -1
- package/src/common/types/options/auth.options.d.ts +0 -1266
- package/src/common/types/options/auth.options.js +0 -560
- package/src/common/types/options/auth.options.js.map +0 -1
- package/src/common/types/options/http.options.js +0 -10
- package/src/common/types/options/http.options.js.map +0 -1
- package/src/common/types/options/index.js +0 -11
- package/src/common/types/options/index.js.map +0 -1
- package/src/common/types/options/logging.options.js +0 -33
- package/src/common/types/options/logging.options.js.map +0 -1
- package/src/common/types/options/redis.options.js +0 -191
- package/src/common/types/options/redis.options.js.map +0 -1
- package/src/common/types/options/server-info.options.js +0 -13
- package/src/common/types/options/server-info.options.js.map +0 -1
- package/src/common/types/options/session.options.js +0 -32
- package/src/common/types/options/session.options.js.map +0 -1
- package/src/common/types/options/transport.options.js +0 -121
- package/src/common/types/options/transport.options.js.map +0 -1
- package/src/common/utils/decide-request-intent.utils.js +0 -391
- package/src/common/utils/decide-request-intent.utils.js.map +0 -1
- package/src/common/utils/global-config.utils.js +0 -44
- package/src/common/utils/global-config.utils.js.map +0 -1
- package/src/common/utils/index.js +0 -7
- package/src/common/utils/index.js.map +0 -1
- package/src/common/utils/path.utils.js +0 -66
- package/src/common/utils/path.utils.js.map +0 -1
- package/src/completion/flows/complete.flow.js +0 -199
- package/src/completion/flows/complete.flow.js.map +0 -1
- package/src/context/frontmcp-context-storage.js +0 -183
- package/src/context/frontmcp-context-storage.js.map +0 -1
- package/src/context/frontmcp-context.js +0 -360
- package/src/context/frontmcp-context.js.map +0 -1
- package/src/context/frontmcp-context.provider.js +0 -61
- package/src/context/frontmcp-context.provider.js.map +0 -1
- package/src/context/index.js +0 -64
- package/src/context/index.js.map +0 -1
- package/src/context/request-context-storage.js +0 -183
- package/src/context/request-context-storage.js.map +0 -1
- package/src/context/request-context.js +0 -209
- package/src/context/request-context.js.map +0 -1
- package/src/context/request-context.provider.js +0 -51
- package/src/context/request-context.provider.js.map +0 -1
- package/src/context/session-key.provider.js +0 -65
- package/src/context/session-key.provider.js.map +0 -1
- package/src/context/trace-context.js +0 -142
- package/src/context/trace-context.js.map +0 -1
- package/src/errors/authorization-required.error.js +0 -274
- package/src/errors/authorization-required.error.js.map +0 -1
- package/src/errors/error-handler.js +0 -107
- package/src/errors/error-handler.js.map +0 -1
- package/src/errors/index.js +0 -45
- package/src/errors/index.js.map +0 -1
- package/src/errors/mcp.error.js +0 -416
- package/src/errors/mcp.error.js.map +0 -1
- package/src/exceptions/mcp-exceptions/session-missing.exception.js +0 -11
- package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +0 -1
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +0 -15
- package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +0 -1
- package/src/flows/flow.instance.js +0 -420
- package/src/flows/flow.instance.js.map +0 -1
- package/src/flows/flow.registry.js +0 -121
- package/src/flows/flow.registry.js.map +0 -1
- package/src/flows/flow.stages.js +0 -113
- package/src/flows/flow.stages.js.map +0 -1
- package/src/flows/flow.utils.js +0 -36
- package/src/flows/flow.utils.js.map +0 -1
- package/src/front-mcp/front-mcp.js +0 -63
- package/src/front-mcp/front-mcp.js.map +0 -1
- package/src/front-mcp/front-mcp.providers.js +0 -29
- package/src/front-mcp/front-mcp.providers.js.map +0 -1
- package/src/front-mcp/front-mcp.tokens.js +0 -5
- package/src/front-mcp/front-mcp.tokens.js.map +0 -1
- package/src/front-mcp/index.js +0 -8
- package/src/front-mcp/index.js.map +0 -1
- package/src/front-mcp/serverless-handler.js +0 -61
- package/src/front-mcp/serverless-handler.js.map +0 -1
- package/src/hooks/hook.instance.js +0 -26
- package/src/hooks/hook.instance.js.map +0 -1
- package/src/hooks/hook.registry.js +0 -152
- package/src/hooks/hook.registry.js.map +0 -1
- package/src/hooks/hooks.utils.js +0 -34
- package/src/hooks/hooks.utils.js.map +0 -1
- package/src/index.js +0 -37
- package/src/index.js.map +0 -1
- package/src/logger/instances/instance.console-logger.js +0 -75
- package/src/logger/instances/instance.console-logger.js.map +0 -1
- package/src/logger/instances/instance.logger.js +0 -77
- package/src/logger/instances/instance.logger.js.map +0 -1
- package/src/logger/logger.registry.js +0 -96
- package/src/logger/logger.registry.js.map +0 -1
- package/src/logger/logger.tokens.js +0 -3
- package/src/logger/logger.tokens.js.map +0 -1
- package/src/logger/logger.types.js +0 -8
- package/src/logger/logger.types.js.map +0 -1
- package/src/logger/logger.utils.js +0 -42
- package/src/logger/logger.utils.js.map +0 -1
- package/src/logging/flows/set-level.flow.js +0 -108
- package/src/logging/flows/set-level.flow.js.map +0 -1
- package/src/mcp-apps/csp.js +0 -267
- package/src/mcp-apps/csp.js.map +0 -1
- package/src/mcp-apps/index.js +0 -91
- package/src/mcp-apps/index.js.map +0 -1
- package/src/mcp-apps/schemas.js +0 -345
- package/src/mcp-apps/schemas.js.map +0 -1
- package/src/mcp-apps/template.js +0 -419
- package/src/mcp-apps/template.js.map +0 -1
- package/src/mcp-apps/types.js +0 -59
- package/src/mcp-apps/types.js.map +0 -1
- package/src/notification/index.js +0 -13
- package/src/notification/index.js.map +0 -1
- package/src/notification/notification.service.js +0 -731
- package/src/notification/notification.service.js.map +0 -1
- package/src/plugin/plugin.registry.js +0 -152
- package/src/plugin/plugin.registry.js.map +0 -1
- package/src/plugin/plugin.utils.js +0 -88
- package/src/plugin/plugin.utils.js.map +0 -1
- package/src/prompt/flows/get-prompt.flow.js +0 -214
- package/src/prompt/flows/get-prompt.flow.js.map +0 -1
- package/src/prompt/flows/prompts-list.flow.js +0 -176
- package/src/prompt/flows/prompts-list.flow.js.map +0 -1
- package/src/prompt/index.js +0 -17
- package/src/prompt/index.js.map +0 -1
- package/src/prompt/prompt.events.js +0 -25
- package/src/prompt/prompt.events.js.map +0 -1
- package/src/prompt/prompt.instance.js +0 -120
- package/src/prompt/prompt.instance.js.map +0 -1
- package/src/prompt/prompt.registry.js +0 -380
- package/src/prompt/prompt.registry.js.map +0 -1
- package/src/prompt/prompt.types.js +0 -11
- package/src/prompt/prompt.types.js.map +0 -1
- package/src/prompt/prompt.utils.js +0 -136
- package/src/prompt/prompt.utils.js.map +0 -1
- package/src/provider/provider.registry.js +0 -868
- package/src/provider/provider.registry.js.map +0 -1
- package/src/provider/provider.types.js +0 -3
- package/src/provider/provider.types.js.map +0 -1
- package/src/provider/provider.utils.js +0 -103
- package/src/provider/provider.utils.js.map +0 -1
- package/src/regsitry/index.js +0 -5
- package/src/regsitry/index.js.map +0 -1
- package/src/regsitry/registry.base.js +0 -32
- package/src/regsitry/registry.base.js.map +0 -1
- package/src/resource/flows/read-resource.flow.js +0 -270
- package/src/resource/flows/read-resource.flow.js.map +0 -1
- package/src/resource/flows/resource-templates-list.flow.js +0 -191
- package/src/resource/flows/resource-templates-list.flow.js.map +0 -1
- package/src/resource/flows/resources-list.flow.js +0 -196
- package/src/resource/flows/resources-list.flow.js.map +0 -1
- package/src/resource/flows/subscribe-resource.flow.js +0 -123
- package/src/resource/flows/subscribe-resource.flow.js.map +0 -1
- package/src/resource/flows/unsubscribe-resource.flow.js +0 -107
- package/src/resource/flows/unsubscribe-resource.flow.js.map +0 -1
- package/src/resource/index.js +0 -20
- package/src/resource/index.js.map +0 -1
- package/src/resource/resource.events.js +0 -17
- package/src/resource/resource.events.js.map +0 -1
- package/src/resource/resource.instance.js +0 -163
- package/src/resource/resource.instance.js.map +0 -1
- package/src/resource/resource.registry.js +0 -468
- package/src/resource/resource.registry.js.map +0 -1
- package/src/resource/resource.types.js +0 -11
- package/src/resource/resource.types.js.map +0 -1
- package/src/resource/resource.utils.js +0 -151
- package/src/resource/resource.utils.js.map +0 -1
- package/src/scope/flows/http.request.flow.js +0 -474
- package/src/scope/flows/http.request.flow.js.map +0 -1
- package/src/scope/index.js +0 -6
- package/src/scope/index.js.map +0 -1
- package/src/scope/scope.instance.js +0 -263
- package/src/scope/scope.instance.js.map +0 -1
- package/src/scope/scope.registry.js +0 -94
- package/src/scope/scope.registry.js.map +0 -1
- package/src/scope/scope.utils.js +0 -61
- package/src/scope/scope.utils.js.map +0 -1
- package/src/server/adapters/base.host.adapter.js +0 -8
- package/src/server/adapters/base.host.adapter.js.map +0 -1
- package/src/server/adapters/express.host.adapter.js +0 -70
- package/src/server/adapters/express.host.adapter.js.map +0 -1
- package/src/server/server.instance.js +0 -54
- package/src/server/server.instance.js.map +0 -1
- package/src/server/server.types.js +0 -3
- package/src/server/server.types.js.map +0 -1
- package/src/server/server.validation.js +0 -192
- package/src/server/server.validation.js.map +0 -1
- package/src/store/adapters/store.base.adapter.js +0 -16
- package/src/store/adapters/store.base.adapter.js.map +0 -1
- package/src/store/adapters/store.memory.adapter.js +0 -89
- package/src/store/adapters/store.memory.adapter.js.map +0 -1
- package/src/store/adapters/store.redis.adapter.js +0 -104
- package/src/store/adapters/store.redis.adapter.js.map +0 -1
- package/src/store/adapters/store.vercel-kv.adapter.js +0 -155
- package/src/store/adapters/store.vercel-kv.adapter.js.map +0 -1
- package/src/store/index.js +0 -14
- package/src/store/index.js.map +0 -1
- package/src/store/store.factory.js +0 -194
- package/src/store/store.factory.js.map +0 -1
- package/src/store/store.helpers.js +0 -67
- package/src/store/store.helpers.js.map +0 -1
- package/src/store/store.registry.js +0 -37
- package/src/store/store.registry.js.map +0 -1
- package/src/store/store.tokens.js +0 -7
- package/src/store/store.tokens.js.map +0 -1
- package/src/store/store.types.js +0 -11
- package/src/store/store.types.js.map +0 -1
- package/src/store/store.utils.js +0 -18
- package/src/store/store.utils.js.map +0 -1
- package/src/tool/flows/call-tool.flow.js +0 -616
- package/src/tool/flows/call-tool.flow.js.map +0 -1
- package/src/tool/flows/tools-list.flow.js +0 -328
- package/src/tool/flows/tools-list.flow.js.map +0 -1
- package/src/tool/tool.events.js +0 -16
- package/src/tool/tool.events.js.map +0 -1
- package/src/tool/tool.instance.js +0 -117
- package/src/tool/tool.instance.js.map +0 -1
- package/src/tool/tool.registry.js +0 -353
- package/src/tool/tool.registry.js.map +0 -1
- package/src/tool/tool.types.js +0 -10
- package/src/tool/tool.types.js.map +0 -1
- package/src/tool/tool.utils.js +0 -366
- package/src/tool/tool.utils.js.map +0 -1
- package/src/tool/ui/index.js +0 -63
- package/src/tool/ui/index.js.map +0 -1
- package/src/tool/ui/platform-adapters.js +0 -18
- package/src/tool/ui/platform-adapters.js.map +0 -1
- package/src/tool/ui/template-helpers.js +0 -95
- package/src/tool/ui/template-helpers.js.map +0 -1
- package/src/tool/ui/ui-resource-template.js +0 -64
- package/src/tool/ui/ui-resource-template.js.map +0 -1
- package/src/tool/ui/ui-resource.handler.js +0 -129
- package/src/tool/ui/ui-resource.handler.js.map +0 -1
- package/src/transport/adapters/transport.local.adapter.js +0 -148
- package/src/transport/adapters/transport.local.adapter.js.map +0 -1
- package/src/transport/adapters/transport.sse.adapter.js +0 -65
- package/src/transport/adapters/transport.sse.adapter.js.map +0 -1
- package/src/transport/adapters/transport.streamable-http.adapter.js +0 -112
- package/src/transport/adapters/transport.streamable-http.adapter.js.map +0 -1
- package/src/transport/flows/handle.sse.flow.js +0 -197
- package/src/transport/flows/handle.sse.flow.js.map +0 -1
- package/src/transport/flows/handle.stateless-http.flow.js +0 -102
- package/src/transport/flows/handle.stateless-http.flow.js.map +0 -1
- package/src/transport/flows/handle.streamable-http.flow.js +0 -315
- package/src/transport/flows/handle.streamable-http.flow.js.map +0 -1
- package/src/transport/legacy/legacy.sse.tranporter.js +0 -185
- package/src/transport/legacy/legacy.sse.tranporter.js.map +0 -1
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +0 -14
- package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +0 -1
- package/src/transport/mcp-handlers/call-tool-request.handler.js +0 -46
- package/src/transport/mcp-handlers/call-tool-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/complete-request.handler.js +0 -11
- package/src/transport/mcp-handlers/complete-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/get-prompt-request.handler.js +0 -11
- package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/index.js +0 -57
- package/src/transport/mcp-handlers/index.js.map +0 -1
- package/src/transport/mcp-handlers/initialize-request.handler.js +0 -109
- package/src/transport/mcp-handlers/initialize-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-prompts-request.handler.js +0 -11
- package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +0 -12
- package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-resources-request.handler.js +0 -12
- package/src/transport/mcp-handlers/list-resources-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/list-tools-request.handler.js +0 -11
- package/src/transport/mcp-handlers/list-tools-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/logging-set-level-request.handler.js +0 -34
- package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/mcp-handlers.types.js +0 -3
- package/src/transport/mcp-handlers/mcp-handlers.types.js.map +0 -1
- package/src/transport/mcp-handlers/read-resource-request.handler.js +0 -12
- package/src/transport/mcp-handlers/read-resource-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +0 -26
- package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +0 -1
- package/src/transport/mcp-handlers/subscribe-request.handler.js +0 -34
- package/src/transport/mcp-handlers/subscribe-request.handler.js.map +0 -1
- package/src/transport/mcp-handlers/unsubscribe-request.handler.js +0 -34
- package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +0 -1
- package/src/transport/transport.error.js +0 -25
- package/src/transport/transport.error.js.map +0 -1
- package/src/transport/transport.event-store.js +0 -36
- package/src/transport/transport.event-store.js.map +0 -1
- package/src/transport/transport.local.js +0 -71
- package/src/transport/transport.local.js.map +0 -1
- package/src/transport/transport.registry.js +0 -552
- package/src/transport/transport.registry.js.map +0 -1
- package/src/transport/transport.remote.js +0 -31
- package/src/transport/transport.remote.js.map +0 -1
- package/src/transport/transport.types.js +0 -3
- package/src/transport/transport.types.js.map +0 -1
- package/src/types/drinen-hooks.types.js +0 -3
- package/src/types/drinen-hooks.types.js.map +0 -1
- package/src/types/invoke.type.js +0 -34
- package/src/types/invoke.type.js.map +0 -1
- package/src/types/token.types.js +0 -3
- package/src/types/token.types.js.map +0 -1
- package/src/utils/content.utils.js +0 -194
- package/src/utils/content.utils.js.map +0 -1
- package/src/utils/index.js +0 -55
- package/src/utils/index.js.map +0 -1
- package/src/utils/lineage.utils.js +0 -82
- package/src/utils/lineage.utils.js.map +0 -1
- package/src/utils/metadata.utils.js +0 -26
- package/src/utils/metadata.utils.js.map +0 -1
- package/src/utils/naming.utils.js +0 -136
- package/src/utils/naming.utils.js.map +0 -1
- package/src/utils/server.utils.js +0 -59
- package/src/utils/server.utils.js.map +0 -1
- package/src/utils/string.utils.js +0 -10
- package/src/utils/string.utils.js.map +0 -1
- package/src/utils/token.utils.js +0 -65
- package/src/utils/token.utils.js.map +0 -1
- package/src/utils/types.utils.js +0 -3
- package/src/utils/types.utils.js.map +0 -1
- package/src/utils/uri-template.utils.js +0 -113
- package/src/utils/uri-template.utils.js.map +0 -1
- package/src/utils/uri-validation.utils.js +0 -76
- package/src/utils/uri-validation.utils.js.map +0 -1
- package/{src/adapter → adapter}/adapter.instance.d.ts +0 -0
- package/{src/adapter → adapter}/adapter.regsitry.d.ts +0 -0
- package/{src/adapter → adapter}/adapter.utils.d.ts +0 -0
- package/{src/app → app}/app.registry.d.ts +0 -0
- package/{src/app → app}/app.utils.d.ts +0 -0
- package/{src/app → app}/instances/app.local.instance.d.ts +0 -0
- package/{src/app → app}/instances/app.remote.instance.d.ts +0 -0
- package/{src/app → app}/instances/index.d.ts +0 -0
- package/{src/auth → auth}/auth.registry.d.ts +0 -0
- package/{src/auth → auth}/auth.utils.d.ts +0 -0
- package/{src/auth → auth}/authorization/authorization.class.d.ts +0 -0
- package/{src/auth → auth}/authorization/authorization.types.d.ts +0 -0
- package/{src/auth → auth}/authorization/index.d.ts +0 -0
- package/{src/auth → auth}/authorization/orchestrated.authorization.d.ts +0 -0
- package/{src/auth → auth}/authorization/public.authorization.d.ts +0 -0
- package/{src/auth → auth}/authorization/transparent.authorization.d.ts +0 -0
- package/{src/auth → auth}/consent/consent.types.d.ts +0 -0
- package/{src/auth → auth}/consent/index.d.ts +0 -0
- package/{src/auth → auth}/detection/auth-provider-detection.d.ts +0 -0
- package/{src/auth → auth}/detection/index.d.ts +0 -0
- package/{src/auth → auth}/flows/auth.verify.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.authorize.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.callback.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.register.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/oauth.token.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/session.verify.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.jwks.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.oauth-authorization-server.flow.d.ts +0 -0
- package/{src/auth → auth}/flows/well-known.prm.flow.d.ts +0 -0
- package/{src/auth → auth}/jwks/dev-key-persistence.d.ts +0 -0
- package/{src/auth → auth}/jwks/index.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.service.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.types.d.ts +0 -0
- package/{src/auth → auth}/jwks/jwks.utils.d.ts +0 -0
- package/{src/auth → auth}/machine-id.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.authorize.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.device-authorization.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.introspect.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.par.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.revoke.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.token.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oauth.userinfo.flow.d.ts +0 -0
- package/{src/auth → auth}/oauth/flows/oidc.logout.flow.d.ts +0 -0
- package/{src/auth → auth}/session/authorization-vault.d.ts +0 -0
- package/{src/auth → auth}/session/authorization.store.d.ts +0 -0
- package/{src/auth → auth}/session/encrypted-authorization-vault.d.ts +0 -0
- package/{src/auth → auth}/session/index.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.base.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.stateful.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.stateless.d.ts +0 -0
- package/{src/auth → auth}/session/record/session.transparent.d.ts +0 -0
- package/{src/auth → auth}/session/redis-session.store.d.ts +0 -0
- package/{src/auth → auth}/session/session.crypto.d.ts +0 -0
- package/{src/auth → auth}/session/session.schema.d.ts +0 -0
- package/{src/auth → auth}/session/session.service.d.ts +0 -0
- package/{src/auth → auth}/session/session.transport.d.ts +0 -0
- package/{src/auth → auth}/session/session.types.d.ts +0 -0
- package/{src/auth → auth}/session/token.refresh.d.ts +0 -0
- package/{src/auth → auth}/session/token.store.d.ts +0 -0
- package/{src/auth → auth}/session/token.vault.d.ts +0 -0
- package/{src/auth → auth}/session/transport-session.manager.d.ts +0 -0
- package/{src/auth → auth}/session/transport-session.types.d.ts +0 -0
- package/{src/auth → auth}/session/utils/auth-token.utils.d.ts +0 -0
- package/{src/auth → auth}/session/utils/session-id.utils.d.ts +0 -0
- package/{src/auth → auth}/session/utils/tiny-ttl-cache.d.ts +0 -0
- package/{src/auth → auth}/session/vault-encryption.d.ts +0 -0
- package/{src/auth → auth}/session/vercel-kv-session.store.d.ts +0 -0
- package/{src/auth → auth}/ui/base-layout.d.ts +0 -0
- package/{src/auth → auth}/ui/index.d.ts +0 -0
- package/{src/auth → auth}/ui/templates.d.ts +0 -0
- package/{src/auth → auth}/utils/audience.validator.d.ts +0 -0
- package/{src/auth → auth}/utils/index.d.ts +0 -0
- package/{src/auth → auth}/utils/www-authenticate.utils.d.ts +0 -0
- package/{src/common → common}/common.schema.d.ts +0 -0
- package/{src/common → common}/constants.d.ts +0 -0
- package/{src/common → common}/decorators/adapter.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/app.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/auth-provider.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/decorator-utils.d.ts +0 -0
- package/{src/common → common}/decorators/flow.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/front-mcp.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/hook.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/index.d.ts +0 -0
- package/{src/common → common}/decorators/logger.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/plugin.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/prompt.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/provider.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/resource.decorator.d.ts +0 -0
- package/{src/common → common}/decorators/tool.decorator.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.adapter.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.plugin.d.ts +0 -0
- package/{src/common → common}/dynamic/dynamic.utils.d.ts +0 -0
- package/{src/common → common}/dynamic/index.d.ts +0 -0
- package/{src/common → common}/entries/adapter.entry.d.ts +0 -0
- package/{src/common → common}/entries/app.entry.d.ts +0 -0
- package/{src/common → common}/entries/auth-provider.entry.d.ts +0 -0
- package/{src/common → common}/entries/base.entry.d.ts +0 -0
- package/{src/common → common}/entries/flow.entry.d.ts +0 -0
- package/{src/common → common}/entries/hook.entry.d.ts +0 -0
- package/{src/common → common}/entries/index.d.ts +0 -0
- package/{src/common → common}/entries/logger.entry.d.ts +0 -0
- package/{src/common → common}/entries/plugin.entry.d.ts +0 -0
- package/{src/common → common}/entries/prompt.entry.d.ts +0 -0
- package/{src/common → common}/entries/provider.entry.d.ts +0 -0
- package/{src/common → common}/entries/resource.entry.d.ts +0 -0
- package/{src/common → common}/entries/scope.entry.d.ts +0 -0
- package/{src/common → common}/entries/tool.entry.d.ts +0 -0
- package/{src/common → common}/flow/flow.utils.d.ts +0 -0
- package/{src/common → common}/index.d.ts +0 -0
- package/{src/common → common}/interfaces/adapter.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/app.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/auth-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/auth-provider.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/base.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/execution-context.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/flow.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/front-mcp.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/index.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/flow.utils.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/index.d.ts +0 -0
- package/{src/common → common}/interfaces/internal/registry.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/logger.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/plugin.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/prompt.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/provider.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/resource.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/scope.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/server.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/session-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/tool-hook.interface.d.ts +0 -0
- package/{src/common → common}/interfaces/tool.interface.d.ts +0 -0
- package/{src/common → common}/metadata/adapter.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/app.metadata.d.ts +42 -42
- package/{src/common → common}/metadata/auth-provider.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/flow.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/hook.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/index.d.ts +0 -0
- package/{src/common → common}/metadata/logger.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/plugin.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/prompt.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/provider.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/resource.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/tool-ui.metadata.d.ts +0 -0
- package/{src/common → common}/metadata/tool.metadata.d.ts +0 -0
- package/{src/common → common}/migrate/auth-transport.migrate.d.ts +0 -0
- package/{src/common → common}/migrate/index.d.ts +0 -0
- package/{src/common → common}/providers/base-config.provider.d.ts +0 -0
- package/{src/common → common}/records/adapter.record.d.ts +0 -0
- package/{src/common → common}/records/app.record.d.ts +0 -0
- package/{src/common → common}/records/auth-provider.record.d.ts +0 -0
- package/{src/common → common}/records/flow.record.d.ts +0 -0
- package/{src/common → common}/records/hook.record.d.ts +0 -0
- package/{src/common → common}/records/index.d.ts +0 -0
- package/{src/common → common}/records/logger.record.d.ts +0 -0
- package/{src/common → common}/records/plugin.record.d.ts +0 -0
- package/{src/common → common}/records/prompt.record.d.ts +0 -0
- package/{src/common → common}/records/provider.record.d.ts +0 -0
- package/{src/common → common}/records/resource.record.d.ts +0 -0
- package/{src/common → common}/records/scope.record.d.ts +0 -0
- package/{src/common → common}/records/tool.record.d.ts +0 -0
- package/{src/common → common}/schemas/annotated-class.schema.d.ts +0 -0
- package/{src/common → common}/schemas/http-input.schema.d.ts +0 -0
- package/{src/common → common}/schemas/http-output.schema.d.ts +0 -0
- package/{src/common → common}/schemas/index.d.ts +0 -0
- package/{src/common → common}/schemas/session-header.schema.d.ts +0 -0
- package/{src/common → common}/tokens/adapter.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/app.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/auth-provider.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/base.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/flow-hook.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/flow.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/front-mcp.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/index.d.ts +0 -0
- package/{src/common → common}/tokens/logger.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/plugin.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/prompt.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/provider.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/resource.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/server.tokens.d.ts +0 -0
- package/{src/common → common}/tokens/tool.tokens.d.ts +0 -0
- package/{src/common → common}/types/auth/index.d.ts +0 -0
- package/{src/common → common}/types/auth/jwt.types.d.ts +0 -0
- package/{src/common → common}/types/auth/session.types.d.ts +0 -0
- package/{src/common → common}/types/common.types.d.ts +0 -0
- package/{src/common → common}/types/index.d.ts +0 -0
- package/{src/logger/logger.tokens.d.ts → common/types/options/auth/auth.typecheck.d.ts} +0 -0
- package/{src/common → common}/types/options/http.options.d.ts +0 -0
- package/{src/common → common}/types/options/logging.options.d.ts +0 -0
- package/{src/common → common}/types/options/redis.options.d.ts +0 -0
- package/{src/common → common}/types/options/server-info.options.d.ts +0 -0
- package/{src/common → common}/types/options/session.options.d.ts +0 -0
- package/{src/common → common}/utils/global-config.utils.d.ts +0 -0
- package/{src/common → common}/utils/index.d.ts +0 -0
- package/{src/common → common}/utils/path.utils.d.ts +0 -0
- package/{src/completion → completion}/flows/complete.flow.d.ts +0 -0
- package/{src/context → context}/frontmcp-context-storage.d.ts +0 -0
- package/{src/context → context}/frontmcp-context.d.ts +0 -0
- package/{src/context → context}/frontmcp-context.provider.d.ts +0 -0
- package/{src/context → context}/index.d.ts +0 -0
- package/{src/context → context}/request-context-storage.d.ts +0 -0
- package/{src/context → context}/request-context.d.ts +0 -0
- package/{src/context → context}/request-context.provider.d.ts +0 -0
- package/{src/context → context}/session-key.provider.d.ts +0 -0
- package/{src/context → context}/trace-context.d.ts +0 -0
- package/{src/errors → errors}/authorization-required.error.d.ts +0 -0
- package/{src/errors → errors}/error-handler.d.ts +0 -0
- package/{src/errors → errors}/index.d.ts +0 -0
- package/{src/errors → errors}/mcp.error.d.ts +0 -0
- package/{src/exceptions → exceptions}/mcp-exceptions/session-missing.exception.d.ts +0 -0
- package/{src/exceptions → exceptions}/mcp-exceptions/unsupported-client-version.exception.d.ts +0 -0
- package/{src/flows → flows}/flow.instance.d.ts +0 -0
- package/{src/flows → flows}/flow.registry.d.ts +0 -0
- package/{src/flows → flows}/flow.stages.d.ts +0 -0
- package/{src/flows → flows}/flow.utils.d.ts +0 -0
- package/{src/front-mcp → front-mcp}/front-mcp.d.ts +0 -0
- package/{src/front-mcp → front-mcp}/front-mcp.providers.d.ts +38 -38
- /package/{src/front-mcp → front-mcp}/front-mcp.tokens.d.ts +0 -0
- /package/{src/front-mcp → front-mcp}/index.d.ts +0 -0
- /package/{src/front-mcp → front-mcp}/serverless-handler.d.ts +0 -0
- /package/{src/hooks → hooks}/hook.instance.d.ts +0 -0
- /package/{src/hooks → hooks}/hook.registry.d.ts +0 -0
- /package/{src/hooks → hooks}/hooks.utils.d.ts +0 -0
- /package/{src/index.d.ts → index.d.ts} +0 -0
- /package/{src/logger → logger}/instances/instance.console-logger.d.ts +0 -0
- /package/{src/logger → logger}/instances/instance.logger.d.ts +0 -0
- /package/{src/logger → logger}/logger.registry.d.ts +0 -0
- /package/{src/logger → logger}/logger.types.d.ts +0 -0
- /package/{src/logger → logger}/logger.utils.d.ts +0 -0
- /package/{src/logging → logging}/flows/set-level.flow.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/csp.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/index.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/schemas.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/template.d.ts +0 -0
- /package/{src/mcp-apps → mcp-apps}/types.d.ts +0 -0
- /package/{src/notification → notification}/index.d.ts +0 -0
- /package/{src/notification → notification}/notification.service.d.ts +0 -0
- /package/{src/plugin → plugin}/plugin.registry.d.ts +0 -0
- /package/{src/plugin → plugin}/plugin.utils.d.ts +0 -0
- /package/{src/prompt → prompt}/flows/get-prompt.flow.d.ts +0 -0
- /package/{src/prompt → prompt}/flows/prompts-list.flow.d.ts +0 -0
- /package/{src/prompt → prompt}/index.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.events.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.instance.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.registry.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.types.d.ts +0 -0
- /package/{src/prompt → prompt}/prompt.utils.d.ts +0 -0
- /package/{src/provider → provider}/provider.registry.d.ts +0 -0
- /package/{src/provider → provider}/provider.types.d.ts +0 -0
- /package/{src/provider → provider}/provider.utils.d.ts +0 -0
- /package/{src/regsitry → regsitry}/index.d.ts +0 -0
- /package/{src/regsitry → regsitry}/registry.base.d.ts +0 -0
- /package/{src/resource → resource}/flows/read-resource.flow.d.ts +0 -0
- /package/{src/resource → resource}/flows/resource-templates-list.flow.d.ts +0 -0
- /package/{src/resource → resource}/flows/resources-list.flow.d.ts +0 -0
- /package/{src/resource → resource}/flows/subscribe-resource.flow.d.ts +0 -0
- /package/{src/resource → resource}/flows/unsubscribe-resource.flow.d.ts +0 -0
- /package/{src/resource → resource}/index.d.ts +0 -0
- /package/{src/resource → resource}/resource.events.d.ts +0 -0
- /package/{src/resource → resource}/resource.instance.d.ts +0 -0
- /package/{src/resource → resource}/resource.registry.d.ts +0 -0
- /package/{src/resource → resource}/resource.types.d.ts +0 -0
- /package/{src/resource → resource}/resource.utils.d.ts +0 -0
- /package/{src/scope → scope}/flows/http.request.flow.d.ts +0 -0
- /package/{src/scope → scope}/index.d.ts +0 -0
- /package/{src/scope → scope}/scope.instance.d.ts +0 -0
- /package/{src/scope → scope}/scope.registry.d.ts +0 -0
- /package/{src/scope → scope}/scope.utils.d.ts +0 -0
- /package/{src/server → server}/adapters/base.host.adapter.d.ts +0 -0
- /package/{src/server → server}/adapters/express.host.adapter.d.ts +0 -0
- /package/{src/server → server}/server.instance.d.ts +0 -0
- /package/{src/server → server}/server.types.d.ts +0 -0
- /package/{src/server → server}/server.validation.d.ts +0 -0
- /package/{src/store → store}/adapters/store.base.adapter.d.ts +0 -0
- /package/{src/store → store}/adapters/store.memory.adapter.d.ts +0 -0
- /package/{src/store → store}/adapters/store.redis.adapter.d.ts +0 -0
- /package/{src/store → store}/adapters/store.vercel-kv.adapter.d.ts +0 -0
- /package/{src/store → store}/index.d.ts +0 -0
- /package/{src/store → store}/store.factory.d.ts +0 -0
- /package/{src/store → store}/store.helpers.d.ts +0 -0
- /package/{src/store → store}/store.registry.d.ts +0 -0
- /package/{src/store → store}/store.tokens.d.ts +0 -0
- /package/{src/store → store}/store.types.d.ts +0 -0
- /package/{src/store → store}/store.utils.d.ts +0 -0
- /package/{src/tool → tool}/flows/call-tool.flow.d.ts +0 -0
- /package/{src/tool → tool}/flows/tools-list.flow.d.ts +0 -0
- /package/{src/tool → tool}/tool.events.d.ts +0 -0
- /package/{src/tool → tool}/tool.instance.d.ts +0 -0
- /package/{src/tool → tool}/tool.registry.d.ts +0 -0
- /package/{src/tool → tool}/tool.types.d.ts +0 -0
- /package/{src/tool → tool}/tool.utils.d.ts +0 -0
- /package/{src/tool → tool}/ui/index.d.ts +0 -0
- /package/{src/tool → tool}/ui/platform-adapters.d.ts +0 -0
- /package/{src/tool → tool}/ui/template-helpers.d.ts +0 -0
- /package/{src/tool → tool}/ui/ui-resource-template.d.ts +0 -0
- /package/{src/tool → tool}/ui/ui-resource.handler.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.local.adapter.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.sse.adapter.d.ts +0 -0
- /package/{src/transport → transport}/adapters/transport.streamable-http.adapter.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.sse.flow.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.stateless-http.flow.d.ts +0 -0
- /package/{src/transport → transport}/flows/handle.streamable-http.flow.d.ts +0 -0
- /package/{src/transport → transport}/legacy/legacy.sse.tranporter.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/Initialized-notification.hanlder.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/call-tool-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/complete-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/get-prompt-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/index.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/initialize-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/list-prompts-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/list-resource-templates-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/list-resources-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/list-tools-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/logging-set-level-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/mcp-handlers.types.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/read-resource-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/roots-list-changed-notification.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/subscribe-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/mcp-handlers/unsubscribe-request.handler.d.ts +0 -0
- /package/{src/transport → transport}/transport.error.d.ts +0 -0
- /package/{src/transport → transport}/transport.event-store.d.ts +0 -0
- /package/{src/transport → transport}/transport.local.d.ts +0 -0
- /package/{src/transport → transport}/transport.registry.d.ts +0 -0
- /package/{src/transport → transport}/transport.remote.d.ts +0 -0
- /package/{src/transport → transport}/transport.types.d.ts +0 -0
- /package/{src/types → types}/drinen-hooks.types.d.ts +0 -0
- /package/{src/types → types}/invoke.type.d.ts +0 -0
- /package/{src/types → types}/token.types.d.ts +0 -0
- /package/{src/utils → utils}/content.utils.d.ts +0 -0
- /package/{src/utils → utils}/index.d.ts +0 -0
- /package/{src/utils → utils}/lineage.utils.d.ts +0 -0
- /package/{src/utils → utils}/metadata.utils.d.ts +0 -0
- /package/{src/utils → utils}/naming.utils.d.ts +0 -0
- /package/{src/utils → utils}/server.utils.d.ts +0 -0
- /package/{src/utils → utils}/string.utils.d.ts +0 -0
- /package/{src/utils → utils}/token.utils.d.ts +0 -0
- /package/{src/utils → utils}/types.utils.d.ts +0 -0
- /package/{src/utils → utils}/uri-template.utils.d.ts +0 -0
- /package/{src/utils → utils}/uri-validation.utils.d.ts +0 -0
|
@@ -1,196 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
// auth/utils/audience.validator.ts
|
|
3
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
-
exports.AudienceValidator = void 0;
|
|
5
|
-
exports.validateAudience = validateAudience;
|
|
6
|
-
exports.createAudienceValidator = createAudienceValidator;
|
|
7
|
-
exports.deriveExpectedAudience = deriveExpectedAudience;
|
|
8
|
-
/**
|
|
9
|
-
* Validate JWT audience claim
|
|
10
|
-
*
|
|
11
|
-
* @param tokenAudience - The audience claim from the JWT (can be string or array)
|
|
12
|
-
* @param options - Validation options
|
|
13
|
-
* @returns Validation result
|
|
14
|
-
*
|
|
15
|
-
* @example
|
|
16
|
-
* ```typescript
|
|
17
|
-
* // Single expected audience
|
|
18
|
-
* validateAudience('https://api.example.com', {
|
|
19
|
-
* expectedAudiences: ['https://api.example.com'],
|
|
20
|
-
* });
|
|
21
|
-
* // => { valid: true, matchedAudience: 'https://api.example.com' }
|
|
22
|
-
*
|
|
23
|
-
* // Multiple audiences in token
|
|
24
|
-
* validateAudience(['aud1', 'aud2', 'aud3'], {
|
|
25
|
-
* expectedAudiences: ['aud2'],
|
|
26
|
-
* });
|
|
27
|
-
* // => { valid: true, matchedAudience: 'aud2' }
|
|
28
|
-
*
|
|
29
|
-
* // No match
|
|
30
|
-
* validateAudience('wrong-aud', {
|
|
31
|
-
* expectedAudiences: ['expected-aud'],
|
|
32
|
-
* });
|
|
33
|
-
* // => { valid: false, error: 'Token audience does not match expected audiences' }
|
|
34
|
-
* ```
|
|
35
|
-
*/
|
|
36
|
-
function validateAudience(tokenAudience, options) {
|
|
37
|
-
const { expectedAudiences, allowNoAudience = false, caseSensitive = true, allowWildcards = false } = options;
|
|
38
|
-
// Handle missing audience
|
|
39
|
-
if (tokenAudience === undefined || tokenAudience === null) {
|
|
40
|
-
if (allowNoAudience) {
|
|
41
|
-
return { valid: true };
|
|
42
|
-
}
|
|
43
|
-
return {
|
|
44
|
-
valid: false,
|
|
45
|
-
error: 'Token is missing audience claim',
|
|
46
|
-
};
|
|
47
|
-
}
|
|
48
|
-
// Handle empty expected audiences (accept any)
|
|
49
|
-
if (expectedAudiences.length === 0) {
|
|
50
|
-
const firstAud = Array.isArray(tokenAudience) ? tokenAudience[0] : tokenAudience;
|
|
51
|
-
return {
|
|
52
|
-
valid: false,
|
|
53
|
-
error: 'No expected audiences configured - cannot validate token',
|
|
54
|
-
};
|
|
55
|
-
}
|
|
56
|
-
// Normalize token audience to array
|
|
57
|
-
const tokenAuds = Array.isArray(tokenAudience) ? tokenAudience : [tokenAudience];
|
|
58
|
-
// Check each token audience against expected audiences
|
|
59
|
-
for (const tokenAud of tokenAuds) {
|
|
60
|
-
for (const expectedAud of expectedAudiences) {
|
|
61
|
-
if (matchesAudience(tokenAud, expectedAud, caseSensitive, allowWildcards)) {
|
|
62
|
-
return { valid: true, matchedAudience: tokenAud };
|
|
63
|
-
}
|
|
64
|
-
}
|
|
65
|
-
}
|
|
66
|
-
return {
|
|
67
|
-
valid: false,
|
|
68
|
-
error: `Token audience does not match expected audiences. Got: ${tokenAuds.join(', ')}. Expected one of: ${expectedAudiences.join(', ')}`,
|
|
69
|
-
};
|
|
70
|
-
}
|
|
71
|
-
/**
|
|
72
|
-
* Check if a token audience matches an expected audience
|
|
73
|
-
*/
|
|
74
|
-
function matchesAudience(tokenAud, expectedAud, caseSensitive, allowWildcards) {
|
|
75
|
-
// Direct match
|
|
76
|
-
if (caseSensitive) {
|
|
77
|
-
if (tokenAud === expectedAud)
|
|
78
|
-
return true;
|
|
79
|
-
}
|
|
80
|
-
else {
|
|
81
|
-
if (tokenAud.toLowerCase() === expectedAud.toLowerCase())
|
|
82
|
-
return true;
|
|
83
|
-
}
|
|
84
|
-
// Wildcard matching with ReDoS protection
|
|
85
|
-
if (allowWildcards && expectedAud.includes('*')) {
|
|
86
|
-
// Limit wildcards to prevent potential ReDoS from complex patterns
|
|
87
|
-
const wildcardCount = (expectedAud.match(/\*/g) || []).length;
|
|
88
|
-
if (wildcardCount > 2) {
|
|
89
|
-
// Reject patterns with more than 2 wildcards for safety
|
|
90
|
-
return false;
|
|
91
|
-
}
|
|
92
|
-
const pattern = expectedAud
|
|
93
|
-
.replace(/[.+?^${}()|[\]\\]/g, '\\$&') // Escape regex special chars
|
|
94
|
-
.replace(/\*/g, '[^.]*'); // Convert * to non-greedy segment match (safer than .*)
|
|
95
|
-
const regex = new RegExp(`^${pattern}$`, caseSensitive ? '' : 'i');
|
|
96
|
-
if (regex.test(tokenAud))
|
|
97
|
-
return true;
|
|
98
|
-
}
|
|
99
|
-
return false;
|
|
100
|
-
}
|
|
101
|
-
/**
|
|
102
|
-
* Create an audience validator function
|
|
103
|
-
*
|
|
104
|
-
* @param options - Validator options
|
|
105
|
-
* @returns A validation function that takes token audience and returns validation result
|
|
106
|
-
*
|
|
107
|
-
* @example
|
|
108
|
-
* ```typescript
|
|
109
|
-
* const validator = createAudienceValidator({
|
|
110
|
-
* expectedAudiences: ['https://api.example.com', 'https://api.example.org'],
|
|
111
|
-
* });
|
|
112
|
-
*
|
|
113
|
-
* validator('https://api.example.com'); // => { valid: true, ... }
|
|
114
|
-
* validator('wrong-aud'); // => { valid: false, ... }
|
|
115
|
-
* ```
|
|
116
|
-
*/
|
|
117
|
-
function createAudienceValidator(options) {
|
|
118
|
-
return (audience) => validateAudience(audience, options);
|
|
119
|
-
}
|
|
120
|
-
/**
|
|
121
|
-
* Derive expected audience from the resource URL
|
|
122
|
-
*
|
|
123
|
-
* Per MCP Authorization spec, the audience should typically be the
|
|
124
|
-
* resource server URL (the MCP server URL).
|
|
125
|
-
*
|
|
126
|
-
* @param resourceUrl - The resource server URL
|
|
127
|
-
* @returns Array of expected audiences
|
|
128
|
-
*
|
|
129
|
-
* @example
|
|
130
|
-
* ```typescript
|
|
131
|
-
* deriveExpectedAudience('https://api.example.com/v1/mcp');
|
|
132
|
-
* // => ['https://api.example.com/v1/mcp', 'https://api.example.com', 'api.example.com']
|
|
133
|
-
* ```
|
|
134
|
-
*/
|
|
135
|
-
function deriveExpectedAudience(resourceUrl) {
|
|
136
|
-
const audiences = [];
|
|
137
|
-
try {
|
|
138
|
-
const url = new URL(resourceUrl);
|
|
139
|
-
// Full URL (most specific)
|
|
140
|
-
audiences.push(resourceUrl.replace(/\/$/, ''));
|
|
141
|
-
// Origin only (e.g., https://api.example.com)
|
|
142
|
-
if (url.pathname !== '/' && url.pathname !== '') {
|
|
143
|
-
audiences.push(url.origin);
|
|
144
|
-
}
|
|
145
|
-
// Host only (e.g., api.example.com)
|
|
146
|
-
audiences.push(url.host);
|
|
147
|
-
}
|
|
148
|
-
catch {
|
|
149
|
-
// If not a valid URL, use as-is
|
|
150
|
-
audiences.push(resourceUrl);
|
|
151
|
-
}
|
|
152
|
-
return audiences;
|
|
153
|
-
}
|
|
154
|
-
/**
|
|
155
|
-
* AudienceValidator class for reusable validation with configuration
|
|
156
|
-
*/
|
|
157
|
-
class AudienceValidator {
|
|
158
|
-
options;
|
|
159
|
-
constructor(options = {}) {
|
|
160
|
-
this.options = {
|
|
161
|
-
expectedAudiences: [...(options.expectedAudiences ?? [])],
|
|
162
|
-
allowNoAudience: options.allowNoAudience ?? false,
|
|
163
|
-
caseSensitive: options.caseSensitive ?? true,
|
|
164
|
-
allowWildcards: options.allowWildcards ?? false,
|
|
165
|
-
};
|
|
166
|
-
}
|
|
167
|
-
/**
|
|
168
|
-
* Validate an audience claim
|
|
169
|
-
*/
|
|
170
|
-
validate(audience) {
|
|
171
|
-
return validateAudience(audience, this.options);
|
|
172
|
-
}
|
|
173
|
-
/**
|
|
174
|
-
* Add expected audiences
|
|
175
|
-
*/
|
|
176
|
-
addAudiences(...audiences) {
|
|
177
|
-
this.options.expectedAudiences.push(...audiences);
|
|
178
|
-
}
|
|
179
|
-
/**
|
|
180
|
-
* Set expected audiences (replace existing)
|
|
181
|
-
*/
|
|
182
|
-
setAudiences(audiences) {
|
|
183
|
-
this.options.expectedAudiences = audiences;
|
|
184
|
-
}
|
|
185
|
-
/**
|
|
186
|
-
* Create validator from resource URL
|
|
187
|
-
*/
|
|
188
|
-
static fromResourceUrl(resourceUrl, options = {}) {
|
|
189
|
-
return new AudienceValidator({
|
|
190
|
-
...options,
|
|
191
|
-
expectedAudiences: deriveExpectedAudience(resourceUrl),
|
|
192
|
-
});
|
|
193
|
-
}
|
|
194
|
-
}
|
|
195
|
-
exports.AudienceValidator = AudienceValidator;
|
|
196
|
-
//# sourceMappingURL=audience.validator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"audience.validator.js","sourceRoot":"","sources":["../../../../src/auth/utils/audience.validator.ts"],"names":[],"mappings":";AAAA,mCAAmC;;;AA8EnC,4CA4CC;AAqDD,0DAIC;AAiBD,wDAsBC;AAxKD;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,SAAgB,gBAAgB,CAC9B,aAA4C,EAC5C,OAAiC;IAEjC,MAAM,EAAE,iBAAiB,EAAE,eAAe,GAAG,KAAK,EAAE,aAAa,GAAG,IAAI,EAAE,cAAc,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;IAE7G,0BAA0B;IAC1B,IAAI,aAAa,KAAK,SAAS,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC1D,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QACzB,CAAC;QACD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,iCAAiC;SACzC,CAAC;IACJ,CAAC;IAED,+CAA+C;IAC/C,IAAI,iBAAiB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;QACjF,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,0DAA0D;SAClE,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IAEjF,uDAAuD;IACvD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,KAAK,MAAM,WAAW,IAAI,iBAAiB,EAAE,CAAC;YAC5C,IAAI,eAAe,CAAC,QAAQ,EAAE,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC,EAAE,CAAC;gBAC1E,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,0DAA0D,SAAS,CAAC,IAAI,CAC7E,IAAI,CACL,sBAAsB,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;KACtD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,QAAgB,EAChB,WAAmB,EACnB,aAAsB,EACtB,cAAuB;IAEvB,eAAe;IACf,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,QAAQ,KAAK,WAAW;YAAE,OAAO,IAAI,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,CAAC,WAAW,EAAE,KAAK,WAAW,CAAC,WAAW,EAAE;YAAE,OAAO,IAAI,CAAC;IACxE,CAAC;IAED,0CAA0C;IAC1C,IAAI,cAAc,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,mEAAmE;QACnE,MAAM,aAAa,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAC9D,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;YACtB,wDAAwD;YACxD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,OAAO,GAAG,WAAW;aACxB,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC,6BAA6B;aACnE,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,wDAAwD;QACpF,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnE,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;IACxC,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,SAAgB,uBAAuB,CACrC,OAAiC;IAEjC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,SAAgB,sBAAsB,CAAC,WAAmB;IACxD,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QAEjC,2BAA2B;QAC3B,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;QAE/C,8CAA8C;QAC9C,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;YAChD,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAED,oCAAoC;QACpC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;QAChC,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAa,iBAAiB;IACpB,OAAO,CAA2B;IAE1C,YAAY,UAAgF,EAAE;QAC5F,IAAI,CAAC,OAAO,GAAG;YACb,iBAAiB,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC;YACzD,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,KAAK;YACjD,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,IAAI;YAC5C,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,KAAK;SAChD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,QAAuC;QAC9C,OAAO,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,GAAG,SAAmB;QACjC,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAmB;QAC9B,IAAI,CAAC,OAAO,CAAC,iBAAiB,GAAG,SAAS,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,eAAe,CACpB,WAAmB,EACnB,UAA+D,EAAE;QAEjE,OAAO,IAAI,iBAAiB,CAAC;YAC3B,GAAG,OAAO;YACV,iBAAiB,EAAE,sBAAsB,CAAC,WAAW,CAAC;SACvD,CAAC,CAAC;IACL,CAAC;CACF;AA7CD,8CA6CC","sourcesContent":["// auth/utils/audience.validator.ts\n\n/**\n * Audience Validator\n *\n * Validates JWT audience claims per RFC 7519 and MCP Authorization spec.\n * The audience (aud) claim identifies the recipients that the JWT is intended for.\n */\n\n/**\n * Validation result\n */\nexport interface AudienceValidationResult {\n /** Whether the audience is valid */\n valid: boolean;\n /** Error message if invalid */\n error?: string;\n /** Matched audience value (if valid) */\n matchedAudience?: string;\n}\n\n/**\n * Audience validator options\n */\nexport interface AudienceValidatorOptions {\n /**\n * Expected audience values\n * Token must contain at least one of these audiences\n */\n expectedAudiences: string[];\n\n /**\n * Whether to allow tokens with no audience claim\n * @default false\n */\n allowNoAudience?: boolean;\n\n /**\n * Case-sensitive comparison\n * @default true\n */\n caseSensitive?: boolean;\n\n /**\n * Allow wildcard matching (e.g., *.example.com)\n * @default false\n */\n allowWildcards?: boolean;\n}\n\n/**\n * Validate JWT audience claim\n *\n * @param tokenAudience - The audience claim from the JWT (can be string or array)\n * @param options - Validation options\n * @returns Validation result\n *\n * @example\n * ```typescript\n * // Single expected audience\n * validateAudience('https://api.example.com', {\n * expectedAudiences: ['https://api.example.com'],\n * });\n * // => { valid: true, matchedAudience: 'https://api.example.com' }\n *\n * // Multiple audiences in token\n * validateAudience(['aud1', 'aud2', 'aud3'], {\n * expectedAudiences: ['aud2'],\n * });\n * // => { valid: true, matchedAudience: 'aud2' }\n *\n * // No match\n * validateAudience('wrong-aud', {\n * expectedAudiences: ['expected-aud'],\n * });\n * // => { valid: false, error: 'Token audience does not match expected audiences' }\n * ```\n */\nexport function validateAudience(\n tokenAudience: string | string[] | undefined,\n options: AudienceValidatorOptions,\n): AudienceValidationResult {\n const { expectedAudiences, allowNoAudience = false, caseSensitive = true, allowWildcards = false } = options;\n\n // Handle missing audience\n if (tokenAudience === undefined || tokenAudience === null) {\n if (allowNoAudience) {\n return { valid: true };\n }\n return {\n valid: false,\n error: 'Token is missing audience claim',\n };\n }\n\n // Handle empty expected audiences (accept any)\n if (expectedAudiences.length === 0) {\n const firstAud = Array.isArray(tokenAudience) ? tokenAudience[0] : tokenAudience;\n return {\n valid: false,\n error: 'No expected audiences configured - cannot validate token',\n };\n }\n\n // Normalize token audience to array\n const tokenAuds = Array.isArray(tokenAudience) ? tokenAudience : [tokenAudience];\n\n // Check each token audience against expected audiences\n for (const tokenAud of tokenAuds) {\n for (const expectedAud of expectedAudiences) {\n if (matchesAudience(tokenAud, expectedAud, caseSensitive, allowWildcards)) {\n return { valid: true, matchedAudience: tokenAud };\n }\n }\n }\n\n return {\n valid: false,\n error: `Token audience does not match expected audiences. Got: ${tokenAuds.join(\n ', ',\n )}. Expected one of: ${expectedAudiences.join(', ')}`,\n };\n}\n\n/**\n * Check if a token audience matches an expected audience\n */\nfunction matchesAudience(\n tokenAud: string,\n expectedAud: string,\n caseSensitive: boolean,\n allowWildcards: boolean,\n): boolean {\n // Direct match\n if (caseSensitive) {\n if (tokenAud === expectedAud) return true;\n } else {\n if (tokenAud.toLowerCase() === expectedAud.toLowerCase()) return true;\n }\n\n // Wildcard matching with ReDoS protection\n if (allowWildcards && expectedAud.includes('*')) {\n // Limit wildcards to prevent potential ReDoS from complex patterns\n const wildcardCount = (expectedAud.match(/\\*/g) || []).length;\n if (wildcardCount > 2) {\n // Reject patterns with more than 2 wildcards for safety\n return false;\n }\n\n const pattern = expectedAud\n .replace(/[.+?^${}()|[\\]\\\\]/g, '\\\\$&') // Escape regex special chars\n .replace(/\\*/g, '[^.]*'); // Convert * to non-greedy segment match (safer than .*)\n const regex = new RegExp(`^${pattern}$`, caseSensitive ? '' : 'i');\n if (regex.test(tokenAud)) return true;\n }\n\n return false;\n}\n\n/**\n * Create an audience validator function\n *\n * @param options - Validator options\n * @returns A validation function that takes token audience and returns validation result\n *\n * @example\n * ```typescript\n * const validator = createAudienceValidator({\n * expectedAudiences: ['https://api.example.com', 'https://api.example.org'],\n * });\n *\n * validator('https://api.example.com'); // => { valid: true, ... }\n * validator('wrong-aud'); // => { valid: false, ... }\n * ```\n */\nexport function createAudienceValidator(\n options: AudienceValidatorOptions,\n): (audience: string | string[] | undefined) => AudienceValidationResult {\n return (audience) => validateAudience(audience, options);\n}\n\n/**\n * Derive expected audience from the resource URL\n *\n * Per MCP Authorization spec, the audience should typically be the\n * resource server URL (the MCP server URL).\n *\n * @param resourceUrl - The resource server URL\n * @returns Array of expected audiences\n *\n * @example\n * ```typescript\n * deriveExpectedAudience('https://api.example.com/v1/mcp');\n * // => ['https://api.example.com/v1/mcp', 'https://api.example.com', 'api.example.com']\n * ```\n */\nexport function deriveExpectedAudience(resourceUrl: string): string[] {\n const audiences: string[] = [];\n\n try {\n const url = new URL(resourceUrl);\n\n // Full URL (most specific)\n audiences.push(resourceUrl.replace(/\\/$/, ''));\n\n // Origin only (e.g., https://api.example.com)\n if (url.pathname !== '/' && url.pathname !== '') {\n audiences.push(url.origin);\n }\n\n // Host only (e.g., api.example.com)\n audiences.push(url.host);\n } catch {\n // If not a valid URL, use as-is\n audiences.push(resourceUrl);\n }\n\n return audiences;\n}\n\n/**\n * AudienceValidator class for reusable validation with configuration\n */\nexport class AudienceValidator {\n private options: AudienceValidatorOptions;\n\n constructor(options: Partial<AudienceValidatorOptions> & { expectedAudiences?: string[] } = {}) {\n this.options = {\n expectedAudiences: [...(options.expectedAudiences ?? [])],\n allowNoAudience: options.allowNoAudience ?? false,\n caseSensitive: options.caseSensitive ?? true,\n allowWildcards: options.allowWildcards ?? false,\n };\n }\n\n /**\n * Validate an audience claim\n */\n validate(audience: string | string[] | undefined): AudienceValidationResult {\n return validateAudience(audience, this.options);\n }\n\n /**\n * Add expected audiences\n */\n addAudiences(...audiences: string[]): void {\n this.options.expectedAudiences.push(...audiences);\n }\n\n /**\n * Set expected audiences (replace existing)\n */\n setAudiences(audiences: string[]): void {\n this.options.expectedAudiences = audiences;\n }\n\n /**\n * Create validator from resource URL\n */\n static fromResourceUrl(\n resourceUrl: string,\n options: Omit<AudienceValidatorOptions, 'expectedAudiences'> = {},\n ): AudienceValidator {\n return new AudienceValidator({\n ...options,\n expectedAudiences: deriveExpectedAudience(resourceUrl),\n });\n }\n}\n"]}
|
package/src/auth/utils/index.js
DELETED
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
// auth/utils/index.ts
|
|
3
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
-
const tslib_1 = require("tslib");
|
|
5
|
-
tslib_1.__exportStar(require("./www-authenticate.utils"), exports);
|
|
6
|
-
tslib_1.__exportStar(require("./audience.validator"), exports);
|
|
7
|
-
//# sourceMappingURL=index.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/auth/utils/index.ts"],"names":[],"mappings":";AAAA,sBAAsB;;;AAEtB,mEAAyC;AACzC,+DAAqC","sourcesContent":["// auth/utils/index.ts\n\nexport * from './www-authenticate.utils';\nexport * from './audience.validator';\n"]}
|
|
@@ -1,183 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
// auth/utils/www-authenticate.utils.ts
|
|
3
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
-
exports.buildWwwAuthenticate = buildWwwAuthenticate;
|
|
5
|
-
exports.buildPrmUrl = buildPrmUrl;
|
|
6
|
-
exports.buildUnauthorizedHeader = buildUnauthorizedHeader;
|
|
7
|
-
exports.buildInvalidTokenHeader = buildInvalidTokenHeader;
|
|
8
|
-
exports.buildInsufficientScopeHeader = buildInsufficientScopeHeader;
|
|
9
|
-
exports.buildInvalidRequestHeader = buildInvalidRequestHeader;
|
|
10
|
-
exports.parseWwwAuthenticate = parseWwwAuthenticate;
|
|
11
|
-
/**
|
|
12
|
-
* Build a WWW-Authenticate header for Bearer authentication
|
|
13
|
-
*
|
|
14
|
-
* @param options - Header options
|
|
15
|
-
* @returns The formatted WWW-Authenticate header value
|
|
16
|
-
*
|
|
17
|
-
* @example
|
|
18
|
-
* ```typescript
|
|
19
|
-
* // Basic protected resource metadata header
|
|
20
|
-
* buildWwwAuthenticate({
|
|
21
|
-
* resourceMetadataUrl: 'https://api.example.com/.well-known/oauth-protected-resource',
|
|
22
|
-
* });
|
|
23
|
-
* // => 'Bearer resource_metadata="https://api.example.com/.well-known/oauth-protected-resource"'
|
|
24
|
-
*
|
|
25
|
-
* // With error information
|
|
26
|
-
* buildWwwAuthenticate({
|
|
27
|
-
* resourceMetadataUrl: 'https://api.example.com/.well-known/oauth-protected-resource',
|
|
28
|
-
* error: 'insufficient_scope',
|
|
29
|
-
* scope: ['read', 'write'],
|
|
30
|
-
* errorDescription: 'Additional permissions required',
|
|
31
|
-
* });
|
|
32
|
-
* // => 'Bearer resource_metadata="...", error="insufficient_scope", scope="read write", error_description="..."'
|
|
33
|
-
* ```
|
|
34
|
-
*/
|
|
35
|
-
function buildWwwAuthenticate(options = {}) {
|
|
36
|
-
const parts = ['Bearer'];
|
|
37
|
-
const params = [];
|
|
38
|
-
// Resource metadata URL (RFC 9728)
|
|
39
|
-
if (options.resourceMetadataUrl) {
|
|
40
|
-
params.push(`resource_metadata="${escapeQuotedString(options.resourceMetadataUrl)}"`);
|
|
41
|
-
}
|
|
42
|
-
// Realm (RFC 6750)
|
|
43
|
-
if (options.realm) {
|
|
44
|
-
params.push(`realm="${escapeQuotedString(options.realm)}"`);
|
|
45
|
-
}
|
|
46
|
-
// Error code (RFC 6750)
|
|
47
|
-
if (options.error) {
|
|
48
|
-
params.push(`error="${options.error}"`);
|
|
49
|
-
}
|
|
50
|
-
// Error description (RFC 6750)
|
|
51
|
-
if (options.errorDescription) {
|
|
52
|
-
params.push(`error_description="${escapeQuotedString(options.errorDescription)}"`);
|
|
53
|
-
}
|
|
54
|
-
// Error URI (RFC 6750)
|
|
55
|
-
if (options.errorUri) {
|
|
56
|
-
params.push(`error_uri="${escapeQuotedString(options.errorUri)}"`);
|
|
57
|
-
}
|
|
58
|
-
// Scope (RFC 6750) - space-delimited
|
|
59
|
-
if (options.scope) {
|
|
60
|
-
const scopeValue = Array.isArray(options.scope) ? options.scope.join(' ') : options.scope;
|
|
61
|
-
params.push(`scope="${escapeQuotedString(scopeValue)}"`);
|
|
62
|
-
}
|
|
63
|
-
if (params.length > 0) {
|
|
64
|
-
parts.push(params.join(', '));
|
|
65
|
-
}
|
|
66
|
-
return parts.join(' ');
|
|
67
|
-
}
|
|
68
|
-
/**
|
|
69
|
-
* Build the Protected Resource Metadata URL for a given base URL and path
|
|
70
|
-
*
|
|
71
|
-
* @param baseUrl - The server base URL
|
|
72
|
-
* @param entryPath - The entry path prefix
|
|
73
|
-
* @param routeBase - The route base path
|
|
74
|
-
* @returns The full PRM URL
|
|
75
|
-
*/
|
|
76
|
-
function buildPrmUrl(baseUrl, entryPath, routeBase) {
|
|
77
|
-
const normalizedEntry = normalizePathSegment(entryPath);
|
|
78
|
-
const normalizedRoute = normalizePathSegment(routeBase);
|
|
79
|
-
return `${baseUrl}/.well-known/oauth-protected-resource${normalizedEntry}${normalizedRoute}`;
|
|
80
|
-
}
|
|
81
|
-
/**
|
|
82
|
-
* Build WWW-Authenticate header for unauthorized requests (no token)
|
|
83
|
-
*/
|
|
84
|
-
function buildUnauthorizedHeader(prmUrl) {
|
|
85
|
-
return buildWwwAuthenticate({
|
|
86
|
-
resourceMetadataUrl: prmUrl,
|
|
87
|
-
});
|
|
88
|
-
}
|
|
89
|
-
/**
|
|
90
|
-
* Build WWW-Authenticate header for invalid token errors
|
|
91
|
-
*/
|
|
92
|
-
function buildInvalidTokenHeader(prmUrl, description) {
|
|
93
|
-
return buildWwwAuthenticate({
|
|
94
|
-
resourceMetadataUrl: prmUrl,
|
|
95
|
-
error: 'invalid_token',
|
|
96
|
-
errorDescription: description ?? 'The access token is invalid or expired',
|
|
97
|
-
});
|
|
98
|
-
}
|
|
99
|
-
/**
|
|
100
|
-
* Build WWW-Authenticate header for insufficient scope errors
|
|
101
|
-
*/
|
|
102
|
-
function buildInsufficientScopeHeader(prmUrl, requiredScopes, description) {
|
|
103
|
-
return buildWwwAuthenticate({
|
|
104
|
-
resourceMetadataUrl: prmUrl,
|
|
105
|
-
error: 'insufficient_scope',
|
|
106
|
-
scope: requiredScopes,
|
|
107
|
-
errorDescription: description ?? 'The request requires higher privileges',
|
|
108
|
-
});
|
|
109
|
-
}
|
|
110
|
-
/**
|
|
111
|
-
* Build WWW-Authenticate header for invalid request errors
|
|
112
|
-
*/
|
|
113
|
-
function buildInvalidRequestHeader(prmUrl, description) {
|
|
114
|
-
return buildWwwAuthenticate({
|
|
115
|
-
resourceMetadataUrl: prmUrl,
|
|
116
|
-
error: 'invalid_request',
|
|
117
|
-
errorDescription: description ?? 'The request is missing required parameters',
|
|
118
|
-
});
|
|
119
|
-
}
|
|
120
|
-
/**
|
|
121
|
-
* Parse a WWW-Authenticate header value
|
|
122
|
-
*
|
|
123
|
-
* @param header - The WWW-Authenticate header value
|
|
124
|
-
* @returns Parsed header options
|
|
125
|
-
*/
|
|
126
|
-
function parseWwwAuthenticate(header) {
|
|
127
|
-
const result = {};
|
|
128
|
-
// Check for Bearer scheme
|
|
129
|
-
if (!header.toLowerCase().startsWith('bearer')) {
|
|
130
|
-
return result;
|
|
131
|
-
}
|
|
132
|
-
// Extract parameters
|
|
133
|
-
const paramString = header.substring(6).trim();
|
|
134
|
-
const paramRegex = /(\w+)="([^"\\]*(?:\\.[^"\\]*)*)"/g;
|
|
135
|
-
let match;
|
|
136
|
-
while ((match = paramRegex.exec(paramString)) !== null) {
|
|
137
|
-
const [, key, value] = match;
|
|
138
|
-
const unescapedValue = unescapeQuotedString(value);
|
|
139
|
-
switch (key.toLowerCase()) {
|
|
140
|
-
case 'resource_metadata':
|
|
141
|
-
result.resourceMetadataUrl = unescapedValue;
|
|
142
|
-
break;
|
|
143
|
-
case 'realm':
|
|
144
|
-
result.realm = unescapedValue;
|
|
145
|
-
break;
|
|
146
|
-
case 'error':
|
|
147
|
-
result.error = unescapedValue;
|
|
148
|
-
break;
|
|
149
|
-
case 'error_description':
|
|
150
|
-
result.errorDescription = unescapedValue;
|
|
151
|
-
break;
|
|
152
|
-
case 'error_uri':
|
|
153
|
-
result.errorUri = unescapedValue;
|
|
154
|
-
break;
|
|
155
|
-
case 'scope':
|
|
156
|
-
result.scope = unescapedValue;
|
|
157
|
-
break;
|
|
158
|
-
}
|
|
159
|
-
}
|
|
160
|
-
return result;
|
|
161
|
-
}
|
|
162
|
-
/**
|
|
163
|
-
* Escape special characters for quoted-string per RFC 7230
|
|
164
|
-
*/
|
|
165
|
-
function escapeQuotedString(value) {
|
|
166
|
-
return value.replace(/\\/g, '\\\\').replace(/"/g, '\\"');
|
|
167
|
-
}
|
|
168
|
-
/**
|
|
169
|
-
* Unescape quoted-string per RFC 7230
|
|
170
|
-
*/
|
|
171
|
-
function unescapeQuotedString(value) {
|
|
172
|
-
return value.replace(/\\(.)/g, '$1');
|
|
173
|
-
}
|
|
174
|
-
/**
|
|
175
|
-
* Normalize a path segment (ensure leading slash, no trailing slash)
|
|
176
|
-
*/
|
|
177
|
-
function normalizePathSegment(path) {
|
|
178
|
-
if (!path || path === '/')
|
|
179
|
-
return '';
|
|
180
|
-
const normalized = path.startsWith('/') ? path : `/${path}`;
|
|
181
|
-
return normalized.replace(/\/+$/, '');
|
|
182
|
-
}
|
|
183
|
-
//# sourceMappingURL=www-authenticate.utils.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"www-authenticate.utils.js","sourceRoot":"","sources":["../../../../src/auth/utils/www-authenticate.utils.ts"],"names":[],"mappings":";AAAA,uCAAuC;;AA0EvC,oDAwCC;AAUD,kCAIC;AAKD,0DAIC;AAKD,0DAMC;AAKD,oEAOC;AAKD,8DAMC;AAQD,oDAwCC;AAzKD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,SAAgB,oBAAoB,CAAC,UAAkC,EAAE;IACvE,MAAM,KAAK,GAAa,CAAC,QAAQ,CAAC,CAAC;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,mCAAmC;IACnC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;QAChC,MAAM,CAAC,IAAI,CAAC,sBAAsB,kBAAkB,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;IACxF,CAAC;IAED,mBAAmB;IACnB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,UAAU,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9D,CAAC;IAED,wBAAwB;IACxB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,UAAU,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED,+BAA+B;IAC/B,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,sBAAsB,kBAAkB,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACrF,CAAC;IAED,uBAAuB;IACvB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,cAAc,kBAAkB,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACrE,CAAC;IAED,qCAAqC;IACrC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;QAC1F,MAAM,CAAC,IAAI,CAAC,UAAU,kBAAkB,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,WAAW,CAAC,OAAe,EAAE,SAAiB,EAAE,SAAiB;IAC/E,MAAM,eAAe,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;IACxD,MAAM,eAAe,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;IACxD,OAAO,GAAG,OAAO,wCAAwC,eAAe,GAAG,eAAe,EAAE,CAAC;AAC/F,CAAC;AAED;;GAEG;AACH,SAAgB,uBAAuB,CAAC,MAAc;IACpD,OAAO,oBAAoB,CAAC;QAC1B,mBAAmB,EAAE,MAAM;KAC5B,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,uBAAuB,CAAC,MAAc,EAAE,WAAoB;IAC1E,OAAO,oBAAoB,CAAC;QAC1B,mBAAmB,EAAE,MAAM;QAC3B,KAAK,EAAE,eAAe;QACtB,gBAAgB,EAAE,WAAW,IAAI,wCAAwC;KAC1E,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,4BAA4B,CAAC,MAAc,EAAE,cAAwB,EAAE,WAAoB;IACzG,OAAO,oBAAoB,CAAC;QAC1B,mBAAmB,EAAE,MAAM;QAC3B,KAAK,EAAE,oBAAoB;QAC3B,KAAK,EAAE,cAAc;QACrB,gBAAgB,EAAE,WAAW,IAAI,wCAAwC;KAC1E,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,yBAAyB,CAAC,MAAc,EAAE,WAAoB;IAC5E,OAAO,oBAAoB,CAAC;QAC1B,mBAAmB,EAAE,MAAM;QAC3B,KAAK,EAAE,iBAAiB;QACxB,gBAAgB,EAAE,WAAW,IAAI,4CAA4C;KAC9E,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,SAAgB,oBAAoB,CAAC,MAAc;IACjD,MAAM,MAAM,GAA2B,EAAE,CAAC;IAE1C,0BAA0B;IAC1B,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,UAAU,GAAG,mCAAmC,CAAC;IACvD,IAAI,KAA6B,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACvD,MAAM,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,GAAG,KAAK,CAAC;QAC7B,MAAM,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAEnD,QAAQ,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC;YAC1B,KAAK,mBAAmB;gBACtB,MAAM,CAAC,mBAAmB,GAAG,cAAc,CAAC;gBAC5C,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,CAAC,KAAK,GAAG,cAAc,CAAC;gBAC9B,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,CAAC,KAAK,GAAG,cAAiC,CAAC;gBACjD,MAAM;YACR,KAAK,mBAAmB;gBACtB,MAAM,CAAC,gBAAgB,GAAG,cAAc,CAAC;gBACzC,MAAM;YACR,KAAK,WAAW;gBACd,MAAM,CAAC,QAAQ,GAAG,cAAc,CAAC;gBACjC,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,CAAC,KAAK,GAAG,cAAc,CAAC;gBAC9B,MAAM;QACV,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,KAAa;IACzC,OAAO,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAAY;IACxC,IAAI,CAAC,IAAI,IAAI,IAAI,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IACrC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC5D,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACxC,CAAC","sourcesContent":["// auth/utils/www-authenticate.utils.ts\n\n/**\n * WWW-Authenticate Header Builder\n *\n * Implements RFC 9728 (OAuth 2.0 Protected Resource Metadata) and\n * RFC 6750 (Bearer Token Usage) compliant WWW-Authenticate headers.\n */\n\n/**\n * Error codes per RFC 6750 Section 3.1\n */\nexport type BearerErrorCode = 'invalid_request' | 'invalid_token' | 'insufficient_scope';\n\n/**\n * Options for building WWW-Authenticate header\n */\nexport interface WwwAuthenticateOptions {\n /**\n * The resource_metadata URL pointing to the PRM document\n * Per RFC 9728, this is the primary mechanism for resource discovery\n */\n resourceMetadataUrl?: string;\n\n /**\n * OAuth 2.0 realm (optional per RFC 6750)\n */\n realm?: string;\n\n /**\n * Required scopes for the resource (space-delimited)\n */\n scope?: string | string[];\n\n /**\n * Error code when authentication fails\n */\n error?: BearerErrorCode;\n\n /**\n * Human-readable error description\n */\n errorDescription?: string;\n\n /**\n * Error URI pointing to additional information\n */\n errorUri?: string;\n}\n\n/**\n * Build a WWW-Authenticate header for Bearer authentication\n *\n * @param options - Header options\n * @returns The formatted WWW-Authenticate header value\n *\n * @example\n * ```typescript\n * // Basic protected resource metadata header\n * buildWwwAuthenticate({\n * resourceMetadataUrl: 'https://api.example.com/.well-known/oauth-protected-resource',\n * });\n * // => 'Bearer resource_metadata=\"https://api.example.com/.well-known/oauth-protected-resource\"'\n *\n * // With error information\n * buildWwwAuthenticate({\n * resourceMetadataUrl: 'https://api.example.com/.well-known/oauth-protected-resource',\n * error: 'insufficient_scope',\n * scope: ['read', 'write'],\n * errorDescription: 'Additional permissions required',\n * });\n * // => 'Bearer resource_metadata=\"...\", error=\"insufficient_scope\", scope=\"read write\", error_description=\"...\"'\n * ```\n */\nexport function buildWwwAuthenticate(options: WwwAuthenticateOptions = {}): string {\n const parts: string[] = ['Bearer'];\n const params: string[] = [];\n\n // Resource metadata URL (RFC 9728)\n if (options.resourceMetadataUrl) {\n params.push(`resource_metadata=\"${escapeQuotedString(options.resourceMetadataUrl)}\"`);\n }\n\n // Realm (RFC 6750)\n if (options.realm) {\n params.push(`realm=\"${escapeQuotedString(options.realm)}\"`);\n }\n\n // Error code (RFC 6750)\n if (options.error) {\n params.push(`error=\"${options.error}\"`);\n }\n\n // Error description (RFC 6750)\n if (options.errorDescription) {\n params.push(`error_description=\"${escapeQuotedString(options.errorDescription)}\"`);\n }\n\n // Error URI (RFC 6750)\n if (options.errorUri) {\n params.push(`error_uri=\"${escapeQuotedString(options.errorUri)}\"`);\n }\n\n // Scope (RFC 6750) - space-delimited\n if (options.scope) {\n const scopeValue = Array.isArray(options.scope) ? options.scope.join(' ') : options.scope;\n params.push(`scope=\"${escapeQuotedString(scopeValue)}\"`);\n }\n\n if (params.length > 0) {\n parts.push(params.join(', '));\n }\n\n return parts.join(' ');\n}\n\n/**\n * Build the Protected Resource Metadata URL for a given base URL and path\n *\n * @param baseUrl - The server base URL\n * @param entryPath - The entry path prefix\n * @param routeBase - The route base path\n * @returns The full PRM URL\n */\nexport function buildPrmUrl(baseUrl: string, entryPath: string, routeBase: string): string {\n const normalizedEntry = normalizePathSegment(entryPath);\n const normalizedRoute = normalizePathSegment(routeBase);\n return `${baseUrl}/.well-known/oauth-protected-resource${normalizedEntry}${normalizedRoute}`;\n}\n\n/**\n * Build WWW-Authenticate header for unauthorized requests (no token)\n */\nexport function buildUnauthorizedHeader(prmUrl: string): string {\n return buildWwwAuthenticate({\n resourceMetadataUrl: prmUrl,\n });\n}\n\n/**\n * Build WWW-Authenticate header for invalid token errors\n */\nexport function buildInvalidTokenHeader(prmUrl: string, description?: string): string {\n return buildWwwAuthenticate({\n resourceMetadataUrl: prmUrl,\n error: 'invalid_token',\n errorDescription: description ?? 'The access token is invalid or expired',\n });\n}\n\n/**\n * Build WWW-Authenticate header for insufficient scope errors\n */\nexport function buildInsufficientScopeHeader(prmUrl: string, requiredScopes: string[], description?: string): string {\n return buildWwwAuthenticate({\n resourceMetadataUrl: prmUrl,\n error: 'insufficient_scope',\n scope: requiredScopes,\n errorDescription: description ?? 'The request requires higher privileges',\n });\n}\n\n/**\n * Build WWW-Authenticate header for invalid request errors\n */\nexport function buildInvalidRequestHeader(prmUrl: string, description?: string): string {\n return buildWwwAuthenticate({\n resourceMetadataUrl: prmUrl,\n error: 'invalid_request',\n errorDescription: description ?? 'The request is missing required parameters',\n });\n}\n\n/**\n * Parse a WWW-Authenticate header value\n *\n * @param header - The WWW-Authenticate header value\n * @returns Parsed header options\n */\nexport function parseWwwAuthenticate(header: string): WwwAuthenticateOptions {\n const result: WwwAuthenticateOptions = {};\n\n // Check for Bearer scheme\n if (!header.toLowerCase().startsWith('bearer')) {\n return result;\n }\n\n // Extract parameters\n const paramString = header.substring(6).trim();\n const paramRegex = /(\\w+)=\"([^\"\\\\]*(?:\\\\.[^\"\\\\]*)*)\"/g;\n let match: RegExpExecArray | null;\n\n while ((match = paramRegex.exec(paramString)) !== null) {\n const [, key, value] = match;\n const unescapedValue = unescapeQuotedString(value);\n\n switch (key.toLowerCase()) {\n case 'resource_metadata':\n result.resourceMetadataUrl = unescapedValue;\n break;\n case 'realm':\n result.realm = unescapedValue;\n break;\n case 'error':\n result.error = unescapedValue as BearerErrorCode;\n break;\n case 'error_description':\n result.errorDescription = unescapedValue;\n break;\n case 'error_uri':\n result.errorUri = unescapedValue;\n break;\n case 'scope':\n result.scope = unescapedValue;\n break;\n }\n }\n\n return result;\n}\n\n/**\n * Escape special characters for quoted-string per RFC 7230\n */\nfunction escapeQuotedString(value: string): string {\n return value.replace(/\\\\/g, '\\\\\\\\').replace(/\"/g, '\\\\\"');\n}\n\n/**\n * Unescape quoted-string per RFC 7230\n */\nfunction unescapeQuotedString(value: string): string {\n return value.replace(/\\\\(.)/g, '$1');\n}\n\n/**\n * Normalize a path segment (ensure leading slash, no trailing slash)\n */\nfunction normalizePathSegment(path: string): string {\n if (!path || path === '/') return '';\n const normalized = path.startsWith('/') ? path : `/${path}`;\n return normalized.replace(/\\/+$/, '');\n}\n"]}
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.commonFailResponseHandler = exports.commonSuccessResponseHandler = exports.NotFoundSchema = exports.RedirectSchema = void 0;
|
|
4
|
-
const zod_1 = require("zod");
|
|
5
|
-
exports.RedirectSchema = zod_1.z.object({
|
|
6
|
-
status: zod_1.z.literal(302),
|
|
7
|
-
location: zod_1.z.string().url(),
|
|
8
|
-
});
|
|
9
|
-
exports.NotFoundSchema = zod_1.z.object({
|
|
10
|
-
status: zod_1.z.literal(404),
|
|
11
|
-
body: zod_1.z.any(),
|
|
12
|
-
message: zod_1.z.string(),
|
|
13
|
-
});
|
|
14
|
-
const commonSuccessResponseHandler = (res, result) => {
|
|
15
|
-
if (result.status === 302) {
|
|
16
|
-
res.redirect(result.location);
|
|
17
|
-
}
|
|
18
|
-
else {
|
|
19
|
-
if (typeof result.body === 'string') {
|
|
20
|
-
res.setHeader('Content-Type', 'text/plain');
|
|
21
|
-
res.status(result.status).end(result.body);
|
|
22
|
-
}
|
|
23
|
-
else {
|
|
24
|
-
res.setHeader('Content-Type', 'application/json');
|
|
25
|
-
res.status(result.status).json(result.body);
|
|
26
|
-
}
|
|
27
|
-
}
|
|
28
|
-
};
|
|
29
|
-
exports.commonSuccessResponseHandler = commonSuccessResponseHandler;
|
|
30
|
-
const commonFailResponseHandler = (res, result) => {
|
|
31
|
-
console.log('commonFailResponseHandler', result);
|
|
32
|
-
res.status(500).json('Internal Server Error');
|
|
33
|
-
};
|
|
34
|
-
exports.commonFailResponseHandler = commonFailResponseHandler;
|
|
35
|
-
//# sourceMappingURL=common.schema.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"common.schema.js","sourceRoot":"","sources":["../../../src/common/common.schema.ts"],"names":[],"mappings":";;;AACA,6BAAwB;AAEX,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACtB,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;CAC3B,CAAC,CAAC;AACU,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IACtB,IAAI,EAAE,OAAC,CAAC,GAAG,EAAE;IACb,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE;CACpB,CAAC,CAAC;AAGI,MAAM,4BAA4B,GAAG,CAAC,GAAmB,EAAE,MAA4B,EAAE,EAAE;IAChG,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QAC1B,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACpC,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;YAC5C,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAZW,QAAA,4BAA4B,gCAYvC;AAEK,MAAM,yBAAyB,GAAG,CAAC,GAAmB,EAAE,MAAW,EAAE,EAAE;IAC5E,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,MAAM,CAAC,CAAC;IACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;AAChD,CAAC,CAAC;AAHW,QAAA,yBAAyB,6BAGpC","sourcesContent":["import { ServerResponse } from '../common';\nimport { z } from 'zod';\n\nexport const RedirectSchema = z.object({\n status: z.literal(302),\n location: z.string().url(),\n});\nexport const NotFoundSchema = z.object({\n status: z.literal(404),\n body: z.any(),\n message: z.string(),\n});\n\ntype CommonResponseResult = z.infer<typeof RedirectSchema> | z.infer<typeof NotFoundSchema> | any;\nexport const commonSuccessResponseHandler = (res: ServerResponse, result: CommonResponseResult) => {\n if (result.status === 302) {\n res.redirect(result.location);\n } else {\n if (typeof result.body === 'string') {\n res.setHeader('Content-Type', 'text/plain');\n res.status(result.status).end(result.body);\n } else {\n res.setHeader('Content-Type', 'application/json');\n res.status(result.status).json(result.body);\n }\n }\n};\n\nexport const commonFailResponseHandler = (res: ServerResponse, result: any) => {\n console.log('commonFailResponseHandler', result);\n res.status(500).json('Internal Server Error');\n};\n"]}
|
package/src/common/constants.js
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.DESIGN_PARAMTYPES = exports.META_ASYNC_WITH_TOKENS = exports.META_ASYNC_WITH = exports.MCP_AUTH_HOOKS = exports.MCP_SESSION_HOOKS = void 0;
|
|
4
|
-
// Plugin/global Tool hooks (method-level) metadata key
|
|
5
|
-
// Stored on plugin classes by @ToolHook decorator
|
|
6
|
-
exports.MCP_SESSION_HOOKS = 'mcp.plugin.sessionHooks';
|
|
7
|
-
exports.MCP_AUTH_HOOKS = 'mcp.plugin.sessionHooks';
|
|
8
|
-
// Metadata keys for async dependency injection
|
|
9
|
-
exports.META_ASYNC_WITH = Symbol('mcp.asyncWith');
|
|
10
|
-
exports.META_ASYNC_WITH_TOKENS = Symbol('mcp.asyncWithTokens');
|
|
11
|
-
// Reflect metadata key for design:paramtypes
|
|
12
|
-
exports.DESIGN_PARAMTYPES = 'design:paramtypes';
|
|
13
|
-
//# sourceMappingURL=constants.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../src/common/constants.ts"],"names":[],"mappings":";;;AAAA,uDAAuD;AACvD,kDAAkD;AACrC,QAAA,iBAAiB,GAAG,yBAAyB,CAAC;AAC9C,QAAA,cAAc,GAAG,yBAAyB,CAAC;AAExD,+CAA+C;AAClC,QAAA,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,CAAC;AAC1C,QAAA,sBAAsB,GAAG,MAAM,CAAC,qBAAqB,CAAC,CAAC;AAEpE,6CAA6C;AAChC,QAAA,iBAAiB,GAAG,mBAAmB,CAAC","sourcesContent":["// Plugin/global Tool hooks (method-level) metadata key\n// Stored on plugin classes by @ToolHook decorator\nexport const MCP_SESSION_HOOKS = 'mcp.plugin.sessionHooks';\nexport const MCP_AUTH_HOOKS = 'mcp.plugin.sessionHooks';\n\n// Metadata keys for async dependency injection\nexport const META_ASYNC_WITH = Symbol('mcp.asyncWith');\nexport const META_ASYNC_WITH_TOKENS = Symbol('mcp.asyncWithTokens');\n\n// Reflect metadata key for design:paramtypes\nexport const DESIGN_PARAMTYPES = 'design:paramtypes';\n"]}
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.FrontMcpAdapter = FrontMcpAdapter;
|
|
4
|
-
exports.Adapter = FrontMcpAdapter;
|
|
5
|
-
require("reflect-metadata");
|
|
6
|
-
const tokens_1 = require("../tokens");
|
|
7
|
-
const metadata_1 = require("../metadata");
|
|
8
|
-
/**
|
|
9
|
-
* Decorator that marks a class as a McpAdapter module and provides metadata
|
|
10
|
-
*/
|
|
11
|
-
function FrontMcpAdapter(providedMetadata) {
|
|
12
|
-
return (target) => {
|
|
13
|
-
const metadata = metadata_1.frontMcpAdapterMetadataSchema.parse(providedMetadata);
|
|
14
|
-
Reflect.defineMetadata(tokens_1.FrontMcpAdapterTokens.type, true, target);
|
|
15
|
-
for (const property in metadata) {
|
|
16
|
-
Reflect.defineMetadata(tokens_1.FrontMcpAdapterTokens[property] ?? property, metadata[property], target);
|
|
17
|
-
}
|
|
18
|
-
};
|
|
19
|
-
}
|
|
20
|
-
//# sourceMappingURL=adapter.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"adapter.decorator.js","sourceRoot":"","sources":["../../../../src/common/decorators/adapter.decorator.ts"],"names":[],"mappings":";;AAoBE,0CAAe;AACI,kCAAO;AArB5B,4BAA0B;AAC1B,sCAAkD;AAClD,0CAA6E;AAE7E;;GAEG;AACH,SAAS,eAAe,CAAC,gBAAiC;IACxD,OAAO,CAAC,MAAgB,EAAE,EAAE;QAC1B,MAAM,QAAQ,GAAG,wCAA6B,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAEvE,OAAO,CAAC,cAAc,CAAC,8BAAqB,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAEjE,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;YAChC,OAAO,CAAC,cAAc,CAAC,8BAAqB,CAAC,QAAQ,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,CAAC;QAClG,CAAC;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["import 'reflect-metadata';\nimport { FrontMcpAdapterTokens } from '../tokens';\nimport { AdapterMetadata, frontMcpAdapterMetadataSchema } from '../metadata';\n\n/**\n * Decorator that marks a class as a McpAdapter module and provides metadata\n */\nfunction FrontMcpAdapter(providedMetadata: AdapterMetadata): ClassDecorator {\n return (target: Function) => {\n const metadata = frontMcpAdapterMetadataSchema.parse(providedMetadata);\n\n Reflect.defineMetadata(FrontMcpAdapterTokens.type, true, target);\n\n for (const property in metadata) {\n Reflect.defineMetadata(FrontMcpAdapterTokens[property] ?? property, metadata[property], target);\n }\n };\n}\n\nexport {\n FrontMcpAdapter,\n FrontMcpAdapter as Adapter,\n};"]}
|
|
@@ -1,44 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.FrontMcpApp = FrontMcpApp;
|
|
4
|
-
exports.App = FrontMcpApp;
|
|
5
|
-
require("reflect-metadata");
|
|
6
|
-
const tokens_1 = require("../tokens");
|
|
7
|
-
const metadata_1 = require("../metadata");
|
|
8
|
-
/**
|
|
9
|
-
* Decorator that marks a class as a McpApp module and provides metadata
|
|
10
|
-
*/
|
|
11
|
-
function FrontMcpApp(providedMetadata) {
|
|
12
|
-
return (target) => {
|
|
13
|
-
const { error, data: metadata } = metadata_1.frontMcpLocalAppMetadataSchema.safeParse(providedMetadata);
|
|
14
|
-
if (error) {
|
|
15
|
-
if (error.format().plugins) {
|
|
16
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { plugins: [?] }: \n${JSON.stringify(error.format().plugins, null, 2)}`);
|
|
17
|
-
}
|
|
18
|
-
if (error.format().providers) {
|
|
19
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { providers: [?] }: \n${JSON.stringify(error.format().providers, null, 2)}`);
|
|
20
|
-
}
|
|
21
|
-
if (error.format().authProviders) {
|
|
22
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { authProviders: [?] }: \n${JSON.stringify(error.format().authProviders, null, 2)}`);
|
|
23
|
-
}
|
|
24
|
-
if (error.format().adapters) {
|
|
25
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { adapters: [?] }: \n${JSON.stringify(error.format().adapters, null, 2)}`);
|
|
26
|
-
}
|
|
27
|
-
if (error.format().tools) {
|
|
28
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { tools: [?] }: \n${JSON.stringify(error.format().tools, null, 2)}`);
|
|
29
|
-
}
|
|
30
|
-
if (error.format().resources) {
|
|
31
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { resources: [?] }: \n${JSON.stringify(error.format().resources, null, 2)}`);
|
|
32
|
-
}
|
|
33
|
-
if (error.format().prompts) {
|
|
34
|
-
throw new Error(`Invalid metadata provided to @FrontMcp { prompts: [?] }: \n${JSON.stringify(error.format().prompts, null, 2)}`);
|
|
35
|
-
}
|
|
36
|
-
throw error;
|
|
37
|
-
}
|
|
38
|
-
Reflect.defineMetadata(tokens_1.FrontMcpLocalAppTokens.type, true, target);
|
|
39
|
-
for (const property in metadata) {
|
|
40
|
-
Reflect.defineMetadata(tokens_1.FrontMcpLocalAppTokens[property] ?? property, metadata[property], target);
|
|
41
|
-
}
|
|
42
|
-
};
|
|
43
|
-
}
|
|
44
|
-
//# sourceMappingURL=app.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"app.decorator.js","sourceRoot":"","sources":["../../../../src/common/decorators/app.decorator.ts"],"names":[],"mappings":";;AA4CE,kCAAW;AACI,0BAAG;AA7CpB,4BAA0B;AAC1B,sCAAmD;AACnD,0CAA+E;AAE/E;;GAEG;AACH,SAAS,WAAW,CAAC,gBAAkC;IACrD,OAAO,CAAC,MAAgB,EAAE,EAAE;QAE1B,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,yCAA8B,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC7F,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,8DAA8D,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YACnI,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,gEAAgE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YACvI,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,aAAa,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,oEAAoE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/I,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CAAC,+DAA+D,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YACrI,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CAAC,4DAA4D,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/H,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,gEAAgE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YACvI,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE,CAAC;gBAC3B,MAAM,IAAI,KAAK,CAAC,8DAA8D,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YACnI,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;QAED,OAAO,CAAC,cAAc,CAAC,+BAAsB,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAClE,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;YAChC,OAAO,CAAC,cAAc,CAAC,+BAAsB,CAAC,QAAQ,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,CAAC;QACnG,CAAC;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["import 'reflect-metadata';\nimport { FrontMcpLocalAppTokens } from '../tokens';\nimport { LocalAppMetadata, frontMcpLocalAppMetadataSchema } from '../metadata';\n\n/**\n * Decorator that marks a class as a McpApp module and provides metadata\n */\nfunction FrontMcpApp(providedMetadata: LocalAppMetadata): ClassDecorator {\n return (target: Function) => {\n\n const { error, data: metadata } = frontMcpLocalAppMetadataSchema.safeParse(providedMetadata);\n if (error) {\n if (error.format().plugins) {\n throw new Error(`Invalid metadata provided to @FrontMcp { plugins: [?] }: \\n${JSON.stringify(error.format().plugins, null, 2)}`);\n }\n if (error.format().providers) {\n throw new Error(`Invalid metadata provided to @FrontMcp { providers: [?] }: \\n${JSON.stringify(error.format().providers, null, 2)}`);\n }\n if (error.format().authProviders) {\n throw new Error(`Invalid metadata provided to @FrontMcp { authProviders: [?] }: \\n${JSON.stringify(error.format().authProviders, null, 2)}`);\n }\n if (error.format().adapters) {\n throw new Error(`Invalid metadata provided to @FrontMcp { adapters: [?] }: \\n${JSON.stringify(error.format().adapters, null, 2)}`);\n }\n if (error.format().tools) {\n throw new Error(`Invalid metadata provided to @FrontMcp { tools: [?] }: \\n${JSON.stringify(error.format().tools, null, 2)}`);\n }\n if (error.format().resources) {\n throw new Error(`Invalid metadata provided to @FrontMcp { resources: [?] }: \\n${JSON.stringify(error.format().resources, null, 2)}`);\n }\n if (error.format().prompts) {\n throw new Error(`Invalid metadata provided to @FrontMcp { prompts: [?] }: \\n${JSON.stringify(error.format().prompts, null, 2)}`);\n }\n throw error;\n }\n\n Reflect.defineMetadata(FrontMcpLocalAppTokens.type, true, target);\n for (const property in metadata) {\n Reflect.defineMetadata(FrontMcpLocalAppTokens[property] ?? property, metadata[property], target);\n }\n };\n}\n\nexport {\n FrontMcpApp,\n FrontMcpApp as App,\n};"]}
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.FrontMcpAuthProvider = FrontMcpAuthProvider;
|
|
4
|
-
exports.AuthProvider = FrontMcpAuthProvider;
|
|
5
|
-
require("reflect-metadata");
|
|
6
|
-
const tokens_1 = require("../tokens");
|
|
7
|
-
const metadata_1 = require("../metadata");
|
|
8
|
-
/**
|
|
9
|
-
* Decorator that marks a class as an AuthProvider module and provides metadata
|
|
10
|
-
*/
|
|
11
|
-
function FrontMcpAuthProvider(providedMetadata) {
|
|
12
|
-
return (target) => {
|
|
13
|
-
const metadata = metadata_1.frontMcpAuthProviderMetadataSchema.parse(providedMetadata);
|
|
14
|
-
Reflect.defineMetadata(tokens_1.FrontMcpAuthProviderTokens.type, true, target);
|
|
15
|
-
for (const property in metadata) {
|
|
16
|
-
Reflect.defineMetadata(tokens_1.FrontMcpAuthProviderTokens[property] ?? property, metadata[property], target);
|
|
17
|
-
}
|
|
18
|
-
};
|
|
19
|
-
}
|
|
20
|
-
//# sourceMappingURL=auth-provider.decorator.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"auth-provider.decorator.js","sourceRoot":"","sources":["../../../../src/common/decorators/auth-provider.decorator.ts"],"names":[],"mappings":";;AAoBE,oDAAoB;AACI,4CAAY;AArBtC,4BAA0B;AAC1B,sCAAuD;AACvD,0CAAuF;AAEvF;;GAEG;AACH,SAAS,oBAAoB,CAAC,gBAAsC;IAClE,OAAO,CAAC,MAAgB,EAAE,EAAE;QAC1B,MAAM,QAAQ,GAAG,6CAAkC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAE5E,OAAO,CAAC,cAAc,CAAC,mCAA0B,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAEtE,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;YAChC,OAAO,CAAC,cAAc,CAAC,mCAA0B,CAAC,QAAQ,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,CAAC;QACvG,CAAC;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["import 'reflect-metadata';\nimport { FrontMcpAuthProviderTokens } from '../tokens';\nimport { AuthProviderMetadata, frontMcpAuthProviderMetadataSchema } from '../metadata';\n\n/**\n * Decorator that marks a class as an AuthProvider module and provides metadata\n */\nfunction FrontMcpAuthProvider(providedMetadata: AuthProviderMetadata): ClassDecorator {\n return (target: Function) => {\n const metadata = frontMcpAuthProviderMetadataSchema.parse(providedMetadata);\n\n Reflect.defineMetadata(FrontMcpAuthProviderTokens.type, true, target);\n\n for (const property in metadata) {\n Reflect.defineMetadata(FrontMcpAuthProviderTokens[property] ?? property, metadata[property], target);\n }\n };\n}\n\nexport {\n FrontMcpAuthProvider,\n FrontMcpAuthProvider as AuthProvider,\n};"]}
|