@frontmcp/sdk 0.6.1 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1066) hide show
  1. package/{src/auth → auth}/instances/instance.local-primary-auth.d.ts +1 -1
  2. package/{src/auth → auth}/instances/instance.remote-primary-auth.d.ts +1 -1
  3. package/auth/session/index.d.ts +8 -0
  4. package/{src/auth → auth}/session/redis-session.store.d.ts +26 -3
  5. package/auth/session/session-crypto.d.ts +86 -0
  6. package/auth/session/session-rate-limiter.d.ts +113 -0
  7. package/{src/auth → auth}/session/transport-session.types.d.ts +51 -34
  8. package/{src/auth → auth}/session/vercel-kv-session.store.d.ts +22 -2
  9. package/{src/common → common}/interfaces/internal/primary-auth-provider.interface.d.ts +1 -4
  10. package/{src/common → common}/metadata/front-mcp.metadata.d.ts +1074 -44
  11. package/common/types/options/auth/app-auth.schema.d.ts +275 -0
  12. package/common/types/options/auth/auth.interfaces.d.ts +461 -0
  13. package/common/types/options/auth/auth.schema.d.ts +284 -0
  14. package/common/types/options/auth/auth.utils.d.ts +32 -0
  15. package/common/types/options/auth/index.d.ts +16 -0
  16. package/common/types/options/auth/orchestrated.schema.d.ts +381 -0
  17. package/common/types/options/auth/public.schema.d.ts +42 -0
  18. package/common/types/options/auth/shared.schemas.d.ts +120 -0
  19. package/common/types/options/auth/transparent.schema.d.ts +56 -0
  20. package/common/types/options/auth/transport.deprecated.d.ts +63 -0
  21. package/{src/common → common}/types/options/index.d.ts +1 -1
  22. package/{src/common → common}/types/options/transport.options.d.ts +6 -1
  23. package/{src/common → common}/utils/decide-request-intent.utils.d.ts +6 -7
  24. package/esm/index.mjs +23219 -0
  25. package/esm/mcp-apps/index.mjs +723 -0
  26. package/esm/package.json +89 -0
  27. package/index.js +23513 -0
  28. package/logger/logger.tokens.d.ts +1 -0
  29. package/mcp-apps/index.js +799 -0
  30. package/package.json +36 -13
  31. package/transport/adapters/sse-transport.d.ts +65 -0
  32. package/transport/adapters/streamable-http-transport.d.ts +69 -0
  33. package/{src/transport → transport}/adapters/transport.local.adapter.d.ts +15 -1
  34. package/transport/adapters/transport.sse.adapter.d.ts +27 -0
  35. package/{src/transport → transport}/adapters/transport.streamable-http.adapter.d.ts +12 -3
  36. package/transport/index.d.ts +21 -0
  37. package/{src/transport → transport}/transport.local.d.ts +6 -0
  38. package/{src/transport → transport}/transport.registry.d.ts +7 -1
  39. package/{src/transport → transport}/transport.remote.d.ts +1 -0
  40. package/{src/transport → transport}/transport.types.d.ts +6 -0
  41. package/README.md +0 -461
  42. package/src/adapter/adapter.instance.js +0 -70
  43. package/src/adapter/adapter.instance.js.map +0 -1
  44. package/src/adapter/adapter.regsitry.js +0 -54
  45. package/src/adapter/adapter.regsitry.js.map +0 -1
  46. package/src/adapter/adapter.utils.js +0 -83
  47. package/src/adapter/adapter.utils.js.map +0 -1
  48. package/src/app/app.registry.js +0 -66
  49. package/src/app/app.registry.js.map +0 -1
  50. package/src/app/app.utils.js +0 -58
  51. package/src/app/app.utils.js.map +0 -1
  52. package/src/app/instances/app.local.instance.js +0 -67
  53. package/src/app/instances/app.local.instance.js.map +0 -1
  54. package/src/app/instances/app.remote.instance.js +0 -36
  55. package/src/app/instances/app.remote.instance.js.map +0 -1
  56. package/src/app/instances/index.js +0 -6
  57. package/src/app/instances/index.js.map +0 -1
  58. package/src/auth/auth.registry.js +0 -219
  59. package/src/auth/auth.registry.js.map +0 -1
  60. package/src/auth/auth.utils.js +0 -84
  61. package/src/auth/auth.utils.js.map +0 -1
  62. package/src/auth/authorization/authorization.class.js +0 -217
  63. package/src/auth/authorization/authorization.class.js.map +0 -1
  64. package/src/auth/authorization/authorization.types.js +0 -79
  65. package/src/auth/authorization/authorization.types.js.map +0 -1
  66. package/src/auth/authorization/index.js +0 -19
  67. package/src/auth/authorization/index.js.map +0 -1
  68. package/src/auth/authorization/orchestrated.authorization.js +0 -306
  69. package/src/auth/authorization/orchestrated.authorization.js.map +0 -1
  70. package/src/auth/authorization/public.authorization.js +0 -132
  71. package/src/auth/authorization/public.authorization.js.map +0 -1
  72. package/src/auth/authorization/transparent.authorization.js +0 -147
  73. package/src/auth/authorization/transparent.authorization.js.map +0 -1
  74. package/src/auth/consent/consent.types.js +0 -119
  75. package/src/auth/consent/consent.types.js.map +0 -1
  76. package/src/auth/consent/index.js +0 -13
  77. package/src/auth/consent/index.js.map +0 -1
  78. package/src/auth/detection/auth-provider-detection.js +0 -230
  79. package/src/auth/detection/auth-provider-detection.js.map +0 -1
  80. package/src/auth/detection/index.js +0 -15
  81. package/src/auth/detection/index.js.map +0 -1
  82. package/src/auth/flows/auth.verify.flow.js +0 -379
  83. package/src/auth/flows/auth.verify.flow.js.map +0 -1
  84. package/src/auth/flows/oauth.authorize.flow.js +0 -822
  85. package/src/auth/flows/oauth.authorize.flow.js.map +0 -1
  86. package/src/auth/flows/oauth.callback.flow.js +0 -357
  87. package/src/auth/flows/oauth.callback.flow.js.map +0 -1
  88. package/src/auth/flows/oauth.register.flow.js +0 -201
  89. package/src/auth/flows/oauth.register.flow.js.map +0 -1
  90. package/src/auth/flows/oauth.token.flow.js +0 -319
  91. package/src/auth/flows/oauth.token.flow.js.map +0 -1
  92. package/src/auth/flows/session.verify.flow.js +0 -304
  93. package/src/auth/flows/session.verify.flow.js.map +0 -1
  94. package/src/auth/flows/well-known.jwks.flow.js +0 -89
  95. package/src/auth/flows/well-known.jwks.flow.js.map +0 -1
  96. package/src/auth/flows/well-known.oauth-authorization-server.flow.js +0 -122
  97. package/src/auth/flows/well-known.oauth-authorization-server.flow.js.map +0 -1
  98. package/src/auth/flows/well-known.prm.flow.js +0 -106
  99. package/src/auth/flows/well-known.prm.flow.js.map +0 -1
  100. package/src/auth/instances/instance.local-primary-auth.js +0 -308
  101. package/src/auth/instances/instance.local-primary-auth.js.map +0 -1
  102. package/src/auth/instances/instance.remote-primary-auth.js +0 -49
  103. package/src/auth/instances/instance.remote-primary-auth.js.map +0 -1
  104. package/src/auth/jwks/dev-key-persistence.js +0 -219
  105. package/src/auth/jwks/dev-key-persistence.js.map +0 -1
  106. package/src/auth/jwks/index.js +0 -7
  107. package/src/auth/jwks/index.js.map +0 -1
  108. package/src/auth/jwks/jwks.service.js +0 -303
  109. package/src/auth/jwks/jwks.service.js.map +0 -1
  110. package/src/auth/jwks/jwks.types.js +0 -3
  111. package/src/auth/jwks/jwks.types.js.map +0 -1
  112. package/src/auth/jwks/jwks.utils.js +0 -32
  113. package/src/auth/jwks/jwks.utils.js.map +0 -1
  114. package/src/auth/machine-id.js +0 -32
  115. package/src/auth/machine-id.js.map +0 -1
  116. package/src/auth/oauth/flows/oauth.authorize.flow.js +0 -33
  117. package/src/auth/oauth/flows/oauth.authorize.flow.js.map +0 -1
  118. package/src/auth/oauth/flows/oauth.device-authorization.flow.js +0 -48
  119. package/src/auth/oauth/flows/oauth.device-authorization.flow.js.map +0 -1
  120. package/src/auth/oauth/flows/oauth.introspect.flow.js +0 -28
  121. package/src/auth/oauth/flows/oauth.introspect.flow.js.map +0 -1
  122. package/src/auth/oauth/flows/oauth.par.flow.js +0 -29
  123. package/src/auth/oauth/flows/oauth.par.flow.js.map +0 -1
  124. package/src/auth/oauth/flows/oauth.revoke.flow.js +0 -27
  125. package/src/auth/oauth/flows/oauth.revoke.flow.js.map +0 -1
  126. package/src/auth/oauth/flows/oauth.token.flow.js +0 -59
  127. package/src/auth/oauth/flows/oauth.token.flow.js.map +0 -1
  128. package/src/auth/oauth/flows/oauth.userinfo.flow.js +0 -24
  129. package/src/auth/oauth/flows/oauth.userinfo.flow.js.map +0 -1
  130. package/src/auth/oauth/flows/oidc.logout.flow.js +0 -20
  131. package/src/auth/oauth/flows/oidc.logout.flow.js.map +0 -1
  132. package/src/auth/session/authorization-vault.js +0 -817
  133. package/src/auth/session/authorization-vault.js.map +0 -1
  134. package/src/auth/session/authorization.store.js +0 -323
  135. package/src/auth/session/authorization.store.js.map +0 -1
  136. package/src/auth/session/encrypted-authorization-vault.js +0 -493
  137. package/src/auth/session/encrypted-authorization-vault.js.map +0 -1
  138. package/src/auth/session/index.d.ts +0 -6
  139. package/src/auth/session/index.js +0 -18
  140. package/src/auth/session/index.js.map +0 -1
  141. package/src/auth/session/record/session.base.js +0 -125
  142. package/src/auth/session/record/session.base.js.map +0 -1
  143. package/src/auth/session/record/session.stateful.js +0 -55
  144. package/src/auth/session/record/session.stateful.js.map +0 -1
  145. package/src/auth/session/record/session.stateless.js +0 -32
  146. package/src/auth/session/record/session.stateless.js.map +0 -1
  147. package/src/auth/session/record/session.transparent.js +0 -22
  148. package/src/auth/session/record/session.transparent.js.map +0 -1
  149. package/src/auth/session/redis-session.store.js +0 -204
  150. package/src/auth/session/redis-session.store.js.map +0 -1
  151. package/src/auth/session/session.crypto.js +0 -47
  152. package/src/auth/session/session.crypto.js.map +0 -1
  153. package/src/auth/session/session.schema.js +0 -13
  154. package/src/auth/session/session.schema.js.map +0 -1
  155. package/src/auth/session/session.service.js +0 -105
  156. package/src/auth/session/session.service.js.map +0 -1
  157. package/src/auth/session/session.transport.js +0 -20
  158. package/src/auth/session/session.transport.js.map +0 -1
  159. package/src/auth/session/session.types.js +0 -4
  160. package/src/auth/session/session.types.js.map +0 -1
  161. package/src/auth/session/token.refresh.js +0 -63
  162. package/src/auth/session/token.refresh.js.map +0 -1
  163. package/src/auth/session/token.store.js +0 -53
  164. package/src/auth/session/token.store.js.map +0 -1
  165. package/src/auth/session/token.vault.js +0 -54
  166. package/src/auth/session/token.vault.js.map +0 -1
  167. package/src/auth/session/transport-session.manager.js +0 -298
  168. package/src/auth/session/transport-session.manager.js.map +0 -1
  169. package/src/auth/session/transport-session.types.js +0 -111
  170. package/src/auth/session/transport-session.types.js.map +0 -1
  171. package/src/auth/session/utils/auth-token.utils.js +0 -57
  172. package/src/auth/session/utils/auth-token.utils.js.map +0 -1
  173. package/src/auth/session/utils/session-id.utils.js +0 -217
  174. package/src/auth/session/utils/session-id.utils.js.map +0 -1
  175. package/src/auth/session/utils/tiny-ttl-cache.js +0 -26
  176. package/src/auth/session/utils/tiny-ttl-cache.js.map +0 -1
  177. package/src/auth/session/vault-encryption.js +0 -263
  178. package/src/auth/session/vault-encryption.js.map +0 -1
  179. package/src/auth/session/vercel-kv-session.store.js +0 -216
  180. package/src/auth/session/vercel-kv-session.store.js.map +0 -1
  181. package/src/auth/ui/base-layout.js +0 -279
  182. package/src/auth/ui/base-layout.js.map +0 -1
  183. package/src/auth/ui/index.js +0 -34
  184. package/src/auth/ui/index.js.map +0 -1
  185. package/src/auth/ui/templates.js +0 -426
  186. package/src/auth/ui/templates.js.map +0 -1
  187. package/src/auth/utils/audience.validator.js +0 -196
  188. package/src/auth/utils/audience.validator.js.map +0 -1
  189. package/src/auth/utils/index.js +0 -7
  190. package/src/auth/utils/index.js.map +0 -1
  191. package/src/auth/utils/www-authenticate.utils.js +0 -183
  192. package/src/auth/utils/www-authenticate.utils.js.map +0 -1
  193. package/src/common/common.schema.js +0 -35
  194. package/src/common/common.schema.js.map +0 -1
  195. package/src/common/constants.js +0 -13
  196. package/src/common/constants.js.map +0 -1
  197. package/src/common/decorators/adapter.decorator.js +0 -20
  198. package/src/common/decorators/adapter.decorator.js.map +0 -1
  199. package/src/common/decorators/app.decorator.js +0 -44
  200. package/src/common/decorators/app.decorator.js.map +0 -1
  201. package/src/common/decorators/auth-provider.decorator.js +0 -20
  202. package/src/common/decorators/auth-provider.decorator.js.map +0 -1
  203. package/src/common/decorators/decorator-utils.js +0 -195
  204. package/src/common/decorators/decorator-utils.js.map +0 -1
  205. package/src/common/decorators/flow.decorator.js +0 -19
  206. package/src/common/decorators/flow.decorator.js.map +0 -1
  207. package/src/common/decorators/front-mcp.decorator.js +0 -64
  208. package/src/common/decorators/front-mcp.decorator.js.map +0 -1
  209. package/src/common/decorators/hook.decorator.js +0 -178
  210. package/src/common/decorators/hook.decorator.js.map +0 -1
  211. package/src/common/decorators/index.js +0 -16
  212. package/src/common/decorators/index.js.map +0 -1
  213. package/src/common/decorators/logger.decorator.js +0 -20
  214. package/src/common/decorators/logger.decorator.js.map +0 -1
  215. package/src/common/decorators/plugin.decorator.js +0 -39
  216. package/src/common/decorators/plugin.decorator.js.map +0 -1
  217. package/src/common/decorators/prompt.decorator.js +0 -38
  218. package/src/common/decorators/prompt.decorator.js.map +0 -1
  219. package/src/common/decorators/provider.decorator.js +0 -20
  220. package/src/common/decorators/provider.decorator.js.map +0 -1
  221. package/src/common/decorators/resource.decorator.js +0 -94
  222. package/src/common/decorators/resource.decorator.js.map +0 -1
  223. package/src/common/decorators/tool.decorator.js +0 -45
  224. package/src/common/decorators/tool.decorator.js.map +0 -1
  225. package/src/common/dynamic/dynamic.adapter.js +0 -28
  226. package/src/common/dynamic/dynamic.adapter.js.map +0 -1
  227. package/src/common/dynamic/dynamic.plugin.js +0 -42
  228. package/src/common/dynamic/dynamic.plugin.js.map +0 -1
  229. package/src/common/dynamic/dynamic.utils.js +0 -27
  230. package/src/common/dynamic/dynamic.utils.js.map +0 -1
  231. package/src/common/dynamic/index.js +0 -6
  232. package/src/common/dynamic/index.js.map +0 -1
  233. package/src/common/entries/adapter.entry.js +0 -8
  234. package/src/common/entries/adapter.entry.js.map +0 -1
  235. package/src/common/entries/app.entry.js +0 -9
  236. package/src/common/entries/app.entry.js.map +0 -1
  237. package/src/common/entries/auth-provider.entry.js +0 -8
  238. package/src/common/entries/auth-provider.entry.js.map +0 -1
  239. package/src/common/entries/base.entry.js +0 -17
  240. package/src/common/entries/base.entry.js.map +0 -1
  241. package/src/common/entries/flow.entry.js +0 -21
  242. package/src/common/entries/flow.entry.js.map +0 -1
  243. package/src/common/entries/hook.entry.js +0 -20
  244. package/src/common/entries/hook.entry.js.map +0 -1
  245. package/src/common/entries/index.js +0 -17
  246. package/src/common/entries/index.js.map +0 -1
  247. package/src/common/entries/logger.entry.js +0 -8
  248. package/src/common/entries/logger.entry.js.map +0 -1
  249. package/src/common/entries/plugin.entry.js +0 -8
  250. package/src/common/entries/plugin.entry.js.map +0 -1
  251. package/src/common/entries/prompt.entry.js +0 -18
  252. package/src/common/entries/prompt.entry.js.map +0 -1
  253. package/src/common/entries/provider.entry.js +0 -8
  254. package/src/common/entries/provider.entry.js.map +0 -1
  255. package/src/common/entries/resource.entry.js +0 -35
  256. package/src/common/entries/resource.entry.js.map +0 -1
  257. package/src/common/entries/scope.entry.js +0 -14
  258. package/src/common/entries/scope.entry.js.map +0 -1
  259. package/src/common/entries/tool.entry.js +0 -31
  260. package/src/common/entries/tool.entry.js.map +0 -1
  261. package/src/common/flow/flow.utils.js +0 -96
  262. package/src/common/flow/flow.utils.js.map +0 -1
  263. package/src/common/index.js +0 -20
  264. package/src/common/index.js.map +0 -1
  265. package/src/common/interfaces/adapter.interface.js +0 -3
  266. package/src/common/interfaces/adapter.interface.js.map +0 -1
  267. package/src/common/interfaces/app.interface.js +0 -3
  268. package/src/common/interfaces/app.interface.js.map +0 -1
  269. package/src/common/interfaces/auth-hook.interface.js +0 -135
  270. package/src/common/interfaces/auth-hook.interface.js.map +0 -1
  271. package/src/common/interfaces/auth-provider.interface.js +0 -18
  272. package/src/common/interfaces/auth-provider.interface.js.map +0 -1
  273. package/src/common/interfaces/base.interface.js +0 -3
  274. package/src/common/interfaces/base.interface.js.map +0 -1
  275. package/src/common/interfaces/execution-context.interface.js +0 -166
  276. package/src/common/interfaces/execution-context.interface.js.map +0 -1
  277. package/src/common/interfaces/flow.interface.js +0 -95
  278. package/src/common/interfaces/flow.interface.js.map +0 -1
  279. package/src/common/interfaces/front-mcp.interface.js +0 -3
  280. package/src/common/interfaces/front-mcp.interface.js.map +0 -1
  281. package/src/common/interfaces/hook.interface.js +0 -3
  282. package/src/common/interfaces/hook.interface.js.map +0 -1
  283. package/src/common/interfaces/index.js +0 -21
  284. package/src/common/interfaces/index.js.map +0 -1
  285. package/src/common/interfaces/internal/flow.utils.js +0 -83
  286. package/src/common/interfaces/internal/flow.utils.js.map +0 -1
  287. package/src/common/interfaces/internal/index.js +0 -7
  288. package/src/common/interfaces/internal/index.js.map +0 -1
  289. package/src/common/interfaces/internal/primary-auth-provider.interface.js +0 -81
  290. package/src/common/interfaces/internal/primary-auth-provider.interface.js.map +0 -1
  291. package/src/common/interfaces/internal/registry.interface.js +0 -3
  292. package/src/common/interfaces/internal/registry.interface.js.map +0 -1
  293. package/src/common/interfaces/logger.interface.js +0 -10
  294. package/src/common/interfaces/logger.interface.js.map +0 -1
  295. package/src/common/interfaces/plugin.interface.js +0 -3
  296. package/src/common/interfaces/plugin.interface.js.map +0 -1
  297. package/src/common/interfaces/prompt.interface.js +0 -81
  298. package/src/common/interfaces/prompt.interface.js.map +0 -1
  299. package/src/common/interfaces/provider.interface.js +0 -18
  300. package/src/common/interfaces/provider.interface.js.map +0 -1
  301. package/src/common/interfaces/resource.interface.js +0 -56
  302. package/src/common/interfaces/resource.interface.js.map +0 -1
  303. package/src/common/interfaces/scope.interface.js +0 -3
  304. package/src/common/interfaces/scope.interface.js.map +0 -1
  305. package/src/common/interfaces/server.interface.js +0 -18
  306. package/src/common/interfaces/server.interface.js.map +0 -1
  307. package/src/common/interfaces/session-hook.interface.js +0 -140
  308. package/src/common/interfaces/session-hook.interface.js.map +0 -1
  309. package/src/common/interfaces/tool-hook.interface.js +0 -92
  310. package/src/common/interfaces/tool-hook.interface.js.map +0 -1
  311. package/src/common/interfaces/tool.interface.js +0 -117
  312. package/src/common/interfaces/tool.interface.js.map +0 -1
  313. package/src/common/metadata/adapter.metadata.js +0 -10
  314. package/src/common/metadata/adapter.metadata.js.map +0 -1
  315. package/src/common/metadata/app.metadata.js +0 -30
  316. package/src/common/metadata/app.metadata.js.map +0 -1
  317. package/src/common/metadata/auth-provider.metadata.js +0 -19
  318. package/src/common/metadata/auth-provider.metadata.js.map +0 -1
  319. package/src/common/metadata/flow.metadata.js +0 -15
  320. package/src/common/metadata/flow.metadata.js.map +0 -1
  321. package/src/common/metadata/front-mcp.metadata.js +0 -30
  322. package/src/common/metadata/front-mcp.metadata.js.map +0 -1
  323. package/src/common/metadata/hook.metadata.js +0 -3
  324. package/src/common/metadata/hook.metadata.js.map +0 -1
  325. package/src/common/metadata/index.js +0 -17
  326. package/src/common/metadata/index.js.map +0 -1
  327. package/src/common/metadata/logger.metadata.js +0 -10
  328. package/src/common/metadata/logger.metadata.js.map +0 -1
  329. package/src/common/metadata/plugin.metadata.js +0 -18
  330. package/src/common/metadata/plugin.metadata.js.map +0 -1
  331. package/src/common/metadata/prompt.metadata.js +0 -27
  332. package/src/common/metadata/prompt.metadata.js.map +0 -1
  333. package/src/common/metadata/provider.metadata.js +0 -36
  334. package/src/common/metadata/provider.metadata.js.map +0 -1
  335. package/src/common/metadata/resource.metadata.js +0 -31
  336. package/src/common/metadata/resource.metadata.js.map +0 -1
  337. package/src/common/metadata/tool-ui.metadata.js +0 -12
  338. package/src/common/metadata/tool-ui.metadata.js.map +0 -1
  339. package/src/common/metadata/tool.metadata.js +0 -55
  340. package/src/common/metadata/tool.metadata.js.map +0 -1
  341. package/src/common/migrate/auth-transport.migrate.js +0 -140
  342. package/src/common/migrate/auth-transport.migrate.js.map +0 -1
  343. package/src/common/migrate/index.js +0 -6
  344. package/src/common/migrate/index.js.map +0 -1
  345. package/src/common/providers/base-config.provider.js +0 -128
  346. package/src/common/providers/base-config.provider.js.map +0 -1
  347. package/src/common/records/adapter.record.js +0 -11
  348. package/src/common/records/adapter.record.js.map +0 -1
  349. package/src/common/records/app.record.js +0 -9
  350. package/src/common/records/app.record.js.map +0 -1
  351. package/src/common/records/auth-provider.record.js +0 -12
  352. package/src/common/records/auth-provider.record.js.map +0 -1
  353. package/src/common/records/flow.record.js +0 -8
  354. package/src/common/records/flow.record.js.map +0 -1
  355. package/src/common/records/hook.record.js +0 -8
  356. package/src/common/records/hook.record.js.map +0 -1
  357. package/src/common/records/index.js +0 -16
  358. package/src/common/records/index.js.map +0 -1
  359. package/src/common/records/logger.record.js +0 -8
  360. package/src/common/records/logger.record.js.map +0 -1
  361. package/src/common/records/plugin.record.js +0 -11
  362. package/src/common/records/plugin.record.js.map +0 -1
  363. package/src/common/records/prompt.record.js +0 -9
  364. package/src/common/records/prompt.record.js.map +0 -1
  365. package/src/common/records/provider.record.js +0 -14
  366. package/src/common/records/provider.record.js.map +0 -1
  367. package/src/common/records/resource.record.js +0 -20
  368. package/src/common/records/resource.record.js.map +0 -1
  369. package/src/common/records/scope.record.js +0 -9
  370. package/src/common/records/scope.record.js.map +0 -1
  371. package/src/common/records/tool.record.js +0 -9
  372. package/src/common/records/tool.record.js.map +0 -1
  373. package/src/common/schemas/annotated-class.schema.js +0 -109
  374. package/src/common/schemas/annotated-class.schema.js.map +0 -1
  375. package/src/common/schemas/http-input.schema.js +0 -13
  376. package/src/common/schemas/http-input.schema.js.map +0 -1
  377. package/src/common/schemas/http-output.schema.js +0 -321
  378. package/src/common/schemas/http-output.schema.js.map +0 -1
  379. package/src/common/schemas/index.js +0 -8
  380. package/src/common/schemas/index.js.map +0 -1
  381. package/src/common/schemas/session-header.schema.js +0 -42
  382. package/src/common/schemas/session-header.schema.js.map +0 -1
  383. package/src/common/tokens/adapter.tokens.js +0 -11
  384. package/src/common/tokens/adapter.tokens.js.map +0 -1
  385. package/src/common/tokens/app.tokens.js +0 -30
  386. package/src/common/tokens/app.tokens.js.map +0 -1
  387. package/src/common/tokens/auth-provider.tokens.js +0 -12
  388. package/src/common/tokens/auth-provider.tokens.js.map +0 -1
  389. package/src/common/tokens/base.tokens.js +0 -9
  390. package/src/common/tokens/base.tokens.js.map +0 -1
  391. package/src/common/tokens/flow-hook.tokens.js +0 -9
  392. package/src/common/tokens/flow-hook.tokens.js.map +0 -1
  393. package/src/common/tokens/flow.tokens.js +0 -16
  394. package/src/common/tokens/flow.tokens.js.map +0 -1
  395. package/src/common/tokens/front-mcp.tokens.js +0 -25
  396. package/src/common/tokens/front-mcp.tokens.js.map +0 -1
  397. package/src/common/tokens/index.js +0 -17
  398. package/src/common/tokens/index.js.map +0 -1
  399. package/src/common/tokens/logger.tokens.js +0 -11
  400. package/src/common/tokens/logger.tokens.js.map +0 -1
  401. package/src/common/tokens/plugin.tokens.js +0 -18
  402. package/src/common/tokens/plugin.tokens.js.map +0 -1
  403. package/src/common/tokens/prompt.tokens.js +0 -14
  404. package/src/common/tokens/prompt.tokens.js.map +0 -1
  405. package/src/common/tokens/provider.tokens.js +0 -12
  406. package/src/common/tokens/provider.tokens.js.map +0 -1
  407. package/src/common/tokens/resource.tokens.js +0 -28
  408. package/src/common/tokens/resource.tokens.js.map +0 -1
  409. package/src/common/tokens/server.tokens.js +0 -11
  410. package/src/common/tokens/server.tokens.js.map +0 -1
  411. package/src/common/tokens/tool.tokens.js +0 -21
  412. package/src/common/tokens/tool.tokens.js.map +0 -1
  413. package/src/common/types/auth/index.js +0 -6
  414. package/src/common/types/auth/index.js.map +0 -1
  415. package/src/common/types/auth/jwt.types.js +0 -36
  416. package/src/common/types/auth/jwt.types.js.map +0 -1
  417. package/src/common/types/auth/session.types.js +0 -53
  418. package/src/common/types/auth/session.types.js.map +0 -1
  419. package/src/common/types/common.types.js +0 -3
  420. package/src/common/types/common.types.js.map +0 -1
  421. package/src/common/types/index.js +0 -7
  422. package/src/common/types/index.js.map +0 -1
  423. package/src/common/types/options/auth.options.d.ts +0 -1266
  424. package/src/common/types/options/auth.options.js +0 -560
  425. package/src/common/types/options/auth.options.js.map +0 -1
  426. package/src/common/types/options/http.options.js +0 -10
  427. package/src/common/types/options/http.options.js.map +0 -1
  428. package/src/common/types/options/index.js +0 -11
  429. package/src/common/types/options/index.js.map +0 -1
  430. package/src/common/types/options/logging.options.js +0 -33
  431. package/src/common/types/options/logging.options.js.map +0 -1
  432. package/src/common/types/options/redis.options.js +0 -191
  433. package/src/common/types/options/redis.options.js.map +0 -1
  434. package/src/common/types/options/server-info.options.js +0 -13
  435. package/src/common/types/options/server-info.options.js.map +0 -1
  436. package/src/common/types/options/session.options.js +0 -32
  437. package/src/common/types/options/session.options.js.map +0 -1
  438. package/src/common/types/options/transport.options.js +0 -121
  439. package/src/common/types/options/transport.options.js.map +0 -1
  440. package/src/common/utils/decide-request-intent.utils.js +0 -391
  441. package/src/common/utils/decide-request-intent.utils.js.map +0 -1
  442. package/src/common/utils/global-config.utils.js +0 -44
  443. package/src/common/utils/global-config.utils.js.map +0 -1
  444. package/src/common/utils/index.js +0 -7
  445. package/src/common/utils/index.js.map +0 -1
  446. package/src/common/utils/path.utils.js +0 -66
  447. package/src/common/utils/path.utils.js.map +0 -1
  448. package/src/completion/flows/complete.flow.js +0 -199
  449. package/src/completion/flows/complete.flow.js.map +0 -1
  450. package/src/context/frontmcp-context-storage.js +0 -183
  451. package/src/context/frontmcp-context-storage.js.map +0 -1
  452. package/src/context/frontmcp-context.js +0 -360
  453. package/src/context/frontmcp-context.js.map +0 -1
  454. package/src/context/frontmcp-context.provider.js +0 -61
  455. package/src/context/frontmcp-context.provider.js.map +0 -1
  456. package/src/context/index.js +0 -64
  457. package/src/context/index.js.map +0 -1
  458. package/src/context/request-context-storage.js +0 -183
  459. package/src/context/request-context-storage.js.map +0 -1
  460. package/src/context/request-context.js +0 -209
  461. package/src/context/request-context.js.map +0 -1
  462. package/src/context/request-context.provider.js +0 -51
  463. package/src/context/request-context.provider.js.map +0 -1
  464. package/src/context/session-key.provider.js +0 -65
  465. package/src/context/session-key.provider.js.map +0 -1
  466. package/src/context/trace-context.js +0 -142
  467. package/src/context/trace-context.js.map +0 -1
  468. package/src/errors/authorization-required.error.js +0 -274
  469. package/src/errors/authorization-required.error.js.map +0 -1
  470. package/src/errors/error-handler.js +0 -107
  471. package/src/errors/error-handler.js.map +0 -1
  472. package/src/errors/index.js +0 -45
  473. package/src/errors/index.js.map +0 -1
  474. package/src/errors/mcp.error.js +0 -416
  475. package/src/errors/mcp.error.js.map +0 -1
  476. package/src/exceptions/mcp-exceptions/session-missing.exception.js +0 -11
  477. package/src/exceptions/mcp-exceptions/session-missing.exception.js.map +0 -1
  478. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js +0 -15
  479. package/src/exceptions/mcp-exceptions/unsupported-client-version.exception.js.map +0 -1
  480. package/src/flows/flow.instance.js +0 -420
  481. package/src/flows/flow.instance.js.map +0 -1
  482. package/src/flows/flow.registry.js +0 -121
  483. package/src/flows/flow.registry.js.map +0 -1
  484. package/src/flows/flow.stages.js +0 -113
  485. package/src/flows/flow.stages.js.map +0 -1
  486. package/src/flows/flow.utils.js +0 -36
  487. package/src/flows/flow.utils.js.map +0 -1
  488. package/src/front-mcp/front-mcp.js +0 -63
  489. package/src/front-mcp/front-mcp.js.map +0 -1
  490. package/src/front-mcp/front-mcp.providers.js +0 -29
  491. package/src/front-mcp/front-mcp.providers.js.map +0 -1
  492. package/src/front-mcp/front-mcp.tokens.js +0 -5
  493. package/src/front-mcp/front-mcp.tokens.js.map +0 -1
  494. package/src/front-mcp/index.js +0 -8
  495. package/src/front-mcp/index.js.map +0 -1
  496. package/src/front-mcp/serverless-handler.js +0 -61
  497. package/src/front-mcp/serverless-handler.js.map +0 -1
  498. package/src/hooks/hook.instance.js +0 -26
  499. package/src/hooks/hook.instance.js.map +0 -1
  500. package/src/hooks/hook.registry.js +0 -152
  501. package/src/hooks/hook.registry.js.map +0 -1
  502. package/src/hooks/hooks.utils.js +0 -34
  503. package/src/hooks/hooks.utils.js.map +0 -1
  504. package/src/index.js +0 -37
  505. package/src/index.js.map +0 -1
  506. package/src/logger/instances/instance.console-logger.js +0 -75
  507. package/src/logger/instances/instance.console-logger.js.map +0 -1
  508. package/src/logger/instances/instance.logger.js +0 -77
  509. package/src/logger/instances/instance.logger.js.map +0 -1
  510. package/src/logger/logger.registry.js +0 -96
  511. package/src/logger/logger.registry.js.map +0 -1
  512. package/src/logger/logger.tokens.js +0 -3
  513. package/src/logger/logger.tokens.js.map +0 -1
  514. package/src/logger/logger.types.js +0 -8
  515. package/src/logger/logger.types.js.map +0 -1
  516. package/src/logger/logger.utils.js +0 -42
  517. package/src/logger/logger.utils.js.map +0 -1
  518. package/src/logging/flows/set-level.flow.js +0 -108
  519. package/src/logging/flows/set-level.flow.js.map +0 -1
  520. package/src/mcp-apps/csp.js +0 -267
  521. package/src/mcp-apps/csp.js.map +0 -1
  522. package/src/mcp-apps/index.js +0 -91
  523. package/src/mcp-apps/index.js.map +0 -1
  524. package/src/mcp-apps/schemas.js +0 -345
  525. package/src/mcp-apps/schemas.js.map +0 -1
  526. package/src/mcp-apps/template.js +0 -419
  527. package/src/mcp-apps/template.js.map +0 -1
  528. package/src/mcp-apps/types.js +0 -59
  529. package/src/mcp-apps/types.js.map +0 -1
  530. package/src/notification/index.js +0 -13
  531. package/src/notification/index.js.map +0 -1
  532. package/src/notification/notification.service.js +0 -731
  533. package/src/notification/notification.service.js.map +0 -1
  534. package/src/plugin/plugin.registry.js +0 -152
  535. package/src/plugin/plugin.registry.js.map +0 -1
  536. package/src/plugin/plugin.utils.js +0 -88
  537. package/src/plugin/plugin.utils.js.map +0 -1
  538. package/src/prompt/flows/get-prompt.flow.js +0 -214
  539. package/src/prompt/flows/get-prompt.flow.js.map +0 -1
  540. package/src/prompt/flows/prompts-list.flow.js +0 -176
  541. package/src/prompt/flows/prompts-list.flow.js.map +0 -1
  542. package/src/prompt/index.js +0 -17
  543. package/src/prompt/index.js.map +0 -1
  544. package/src/prompt/prompt.events.js +0 -25
  545. package/src/prompt/prompt.events.js.map +0 -1
  546. package/src/prompt/prompt.instance.js +0 -120
  547. package/src/prompt/prompt.instance.js.map +0 -1
  548. package/src/prompt/prompt.registry.js +0 -380
  549. package/src/prompt/prompt.registry.js.map +0 -1
  550. package/src/prompt/prompt.types.js +0 -11
  551. package/src/prompt/prompt.types.js.map +0 -1
  552. package/src/prompt/prompt.utils.js +0 -136
  553. package/src/prompt/prompt.utils.js.map +0 -1
  554. package/src/provider/provider.registry.js +0 -868
  555. package/src/provider/provider.registry.js.map +0 -1
  556. package/src/provider/provider.types.js +0 -3
  557. package/src/provider/provider.types.js.map +0 -1
  558. package/src/provider/provider.utils.js +0 -103
  559. package/src/provider/provider.utils.js.map +0 -1
  560. package/src/regsitry/index.js +0 -5
  561. package/src/regsitry/index.js.map +0 -1
  562. package/src/regsitry/registry.base.js +0 -32
  563. package/src/regsitry/registry.base.js.map +0 -1
  564. package/src/resource/flows/read-resource.flow.js +0 -270
  565. package/src/resource/flows/read-resource.flow.js.map +0 -1
  566. package/src/resource/flows/resource-templates-list.flow.js +0 -191
  567. package/src/resource/flows/resource-templates-list.flow.js.map +0 -1
  568. package/src/resource/flows/resources-list.flow.js +0 -196
  569. package/src/resource/flows/resources-list.flow.js.map +0 -1
  570. package/src/resource/flows/subscribe-resource.flow.js +0 -123
  571. package/src/resource/flows/subscribe-resource.flow.js.map +0 -1
  572. package/src/resource/flows/unsubscribe-resource.flow.js +0 -107
  573. package/src/resource/flows/unsubscribe-resource.flow.js.map +0 -1
  574. package/src/resource/index.js +0 -20
  575. package/src/resource/index.js.map +0 -1
  576. package/src/resource/resource.events.js +0 -17
  577. package/src/resource/resource.events.js.map +0 -1
  578. package/src/resource/resource.instance.js +0 -163
  579. package/src/resource/resource.instance.js.map +0 -1
  580. package/src/resource/resource.registry.js +0 -468
  581. package/src/resource/resource.registry.js.map +0 -1
  582. package/src/resource/resource.types.js +0 -11
  583. package/src/resource/resource.types.js.map +0 -1
  584. package/src/resource/resource.utils.js +0 -151
  585. package/src/resource/resource.utils.js.map +0 -1
  586. package/src/scope/flows/http.request.flow.js +0 -474
  587. package/src/scope/flows/http.request.flow.js.map +0 -1
  588. package/src/scope/index.js +0 -6
  589. package/src/scope/index.js.map +0 -1
  590. package/src/scope/scope.instance.js +0 -263
  591. package/src/scope/scope.instance.js.map +0 -1
  592. package/src/scope/scope.registry.js +0 -94
  593. package/src/scope/scope.registry.js.map +0 -1
  594. package/src/scope/scope.utils.js +0 -61
  595. package/src/scope/scope.utils.js.map +0 -1
  596. package/src/server/adapters/base.host.adapter.js +0 -8
  597. package/src/server/adapters/base.host.adapter.js.map +0 -1
  598. package/src/server/adapters/express.host.adapter.js +0 -70
  599. package/src/server/adapters/express.host.adapter.js.map +0 -1
  600. package/src/server/server.instance.js +0 -54
  601. package/src/server/server.instance.js.map +0 -1
  602. package/src/server/server.types.js +0 -3
  603. package/src/server/server.types.js.map +0 -1
  604. package/src/server/server.validation.js +0 -192
  605. package/src/server/server.validation.js.map +0 -1
  606. package/src/store/adapters/store.base.adapter.js +0 -16
  607. package/src/store/adapters/store.base.adapter.js.map +0 -1
  608. package/src/store/adapters/store.memory.adapter.js +0 -89
  609. package/src/store/adapters/store.memory.adapter.js.map +0 -1
  610. package/src/store/adapters/store.redis.adapter.js +0 -104
  611. package/src/store/adapters/store.redis.adapter.js.map +0 -1
  612. package/src/store/adapters/store.vercel-kv.adapter.js +0 -155
  613. package/src/store/adapters/store.vercel-kv.adapter.js.map +0 -1
  614. package/src/store/index.js +0 -14
  615. package/src/store/index.js.map +0 -1
  616. package/src/store/store.factory.js +0 -194
  617. package/src/store/store.factory.js.map +0 -1
  618. package/src/store/store.helpers.js +0 -67
  619. package/src/store/store.helpers.js.map +0 -1
  620. package/src/store/store.registry.js +0 -37
  621. package/src/store/store.registry.js.map +0 -1
  622. package/src/store/store.tokens.js +0 -7
  623. package/src/store/store.tokens.js.map +0 -1
  624. package/src/store/store.types.js +0 -11
  625. package/src/store/store.types.js.map +0 -1
  626. package/src/store/store.utils.js +0 -18
  627. package/src/store/store.utils.js.map +0 -1
  628. package/src/tool/flows/call-tool.flow.js +0 -616
  629. package/src/tool/flows/call-tool.flow.js.map +0 -1
  630. package/src/tool/flows/tools-list.flow.js +0 -328
  631. package/src/tool/flows/tools-list.flow.js.map +0 -1
  632. package/src/tool/tool.events.js +0 -16
  633. package/src/tool/tool.events.js.map +0 -1
  634. package/src/tool/tool.instance.js +0 -117
  635. package/src/tool/tool.instance.js.map +0 -1
  636. package/src/tool/tool.registry.js +0 -353
  637. package/src/tool/tool.registry.js.map +0 -1
  638. package/src/tool/tool.types.js +0 -10
  639. package/src/tool/tool.types.js.map +0 -1
  640. package/src/tool/tool.utils.js +0 -366
  641. package/src/tool/tool.utils.js.map +0 -1
  642. package/src/tool/ui/index.js +0 -63
  643. package/src/tool/ui/index.js.map +0 -1
  644. package/src/tool/ui/platform-adapters.js +0 -18
  645. package/src/tool/ui/platform-adapters.js.map +0 -1
  646. package/src/tool/ui/template-helpers.js +0 -95
  647. package/src/tool/ui/template-helpers.js.map +0 -1
  648. package/src/tool/ui/ui-resource-template.js +0 -64
  649. package/src/tool/ui/ui-resource-template.js.map +0 -1
  650. package/src/tool/ui/ui-resource.handler.js +0 -129
  651. package/src/tool/ui/ui-resource.handler.js.map +0 -1
  652. package/src/transport/adapters/transport.local.adapter.js +0 -148
  653. package/src/transport/adapters/transport.local.adapter.js.map +0 -1
  654. package/src/transport/adapters/transport.sse.adapter.d.ts +0 -14
  655. package/src/transport/adapters/transport.sse.adapter.js +0 -65
  656. package/src/transport/adapters/transport.sse.adapter.js.map +0 -1
  657. package/src/transport/adapters/transport.streamable-http.adapter.js +0 -112
  658. package/src/transport/adapters/transport.streamable-http.adapter.js.map +0 -1
  659. package/src/transport/flows/handle.sse.flow.js +0 -197
  660. package/src/transport/flows/handle.sse.flow.js.map +0 -1
  661. package/src/transport/flows/handle.stateless-http.flow.js +0 -102
  662. package/src/transport/flows/handle.stateless-http.flow.js.map +0 -1
  663. package/src/transport/flows/handle.streamable-http.flow.js +0 -315
  664. package/src/transport/flows/handle.streamable-http.flow.js.map +0 -1
  665. package/src/transport/legacy/legacy.sse.tranporter.js +0 -185
  666. package/src/transport/legacy/legacy.sse.tranporter.js.map +0 -1
  667. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js +0 -14
  668. package/src/transport/mcp-handlers/Initialized-notification.hanlder.js.map +0 -1
  669. package/src/transport/mcp-handlers/call-tool-request.handler.js +0 -46
  670. package/src/transport/mcp-handlers/call-tool-request.handler.js.map +0 -1
  671. package/src/transport/mcp-handlers/complete-request.handler.js +0 -11
  672. package/src/transport/mcp-handlers/complete-request.handler.js.map +0 -1
  673. package/src/transport/mcp-handlers/get-prompt-request.handler.js +0 -11
  674. package/src/transport/mcp-handlers/get-prompt-request.handler.js.map +0 -1
  675. package/src/transport/mcp-handlers/index.js +0 -57
  676. package/src/transport/mcp-handlers/index.js.map +0 -1
  677. package/src/transport/mcp-handlers/initialize-request.handler.js +0 -109
  678. package/src/transport/mcp-handlers/initialize-request.handler.js.map +0 -1
  679. package/src/transport/mcp-handlers/list-prompts-request.handler.js +0 -11
  680. package/src/transport/mcp-handlers/list-prompts-request.handler.js.map +0 -1
  681. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js +0 -12
  682. package/src/transport/mcp-handlers/list-resource-templates-request.handler.js.map +0 -1
  683. package/src/transport/mcp-handlers/list-resources-request.handler.js +0 -12
  684. package/src/transport/mcp-handlers/list-resources-request.handler.js.map +0 -1
  685. package/src/transport/mcp-handlers/list-tools-request.handler.js +0 -11
  686. package/src/transport/mcp-handlers/list-tools-request.handler.js.map +0 -1
  687. package/src/transport/mcp-handlers/logging-set-level-request.handler.js +0 -34
  688. package/src/transport/mcp-handlers/logging-set-level-request.handler.js.map +0 -1
  689. package/src/transport/mcp-handlers/mcp-handlers.types.js +0 -3
  690. package/src/transport/mcp-handlers/mcp-handlers.types.js.map +0 -1
  691. package/src/transport/mcp-handlers/read-resource-request.handler.js +0 -12
  692. package/src/transport/mcp-handlers/read-resource-request.handler.js.map +0 -1
  693. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js +0 -26
  694. package/src/transport/mcp-handlers/roots-list-changed-notification.handler.js.map +0 -1
  695. package/src/transport/mcp-handlers/subscribe-request.handler.js +0 -34
  696. package/src/transport/mcp-handlers/subscribe-request.handler.js.map +0 -1
  697. package/src/transport/mcp-handlers/unsubscribe-request.handler.js +0 -34
  698. package/src/transport/mcp-handlers/unsubscribe-request.handler.js.map +0 -1
  699. package/src/transport/transport.error.js +0 -25
  700. package/src/transport/transport.error.js.map +0 -1
  701. package/src/transport/transport.event-store.js +0 -36
  702. package/src/transport/transport.event-store.js.map +0 -1
  703. package/src/transport/transport.local.js +0 -71
  704. package/src/transport/transport.local.js.map +0 -1
  705. package/src/transport/transport.registry.js +0 -552
  706. package/src/transport/transport.registry.js.map +0 -1
  707. package/src/transport/transport.remote.js +0 -31
  708. package/src/transport/transport.remote.js.map +0 -1
  709. package/src/transport/transport.types.js +0 -3
  710. package/src/transport/transport.types.js.map +0 -1
  711. package/src/types/drinen-hooks.types.js +0 -3
  712. package/src/types/drinen-hooks.types.js.map +0 -1
  713. package/src/types/invoke.type.js +0 -34
  714. package/src/types/invoke.type.js.map +0 -1
  715. package/src/types/token.types.js +0 -3
  716. package/src/types/token.types.js.map +0 -1
  717. package/src/utils/content.utils.js +0 -194
  718. package/src/utils/content.utils.js.map +0 -1
  719. package/src/utils/index.js +0 -55
  720. package/src/utils/index.js.map +0 -1
  721. package/src/utils/lineage.utils.js +0 -82
  722. package/src/utils/lineage.utils.js.map +0 -1
  723. package/src/utils/metadata.utils.js +0 -26
  724. package/src/utils/metadata.utils.js.map +0 -1
  725. package/src/utils/naming.utils.js +0 -136
  726. package/src/utils/naming.utils.js.map +0 -1
  727. package/src/utils/server.utils.js +0 -59
  728. package/src/utils/server.utils.js.map +0 -1
  729. package/src/utils/string.utils.js +0 -10
  730. package/src/utils/string.utils.js.map +0 -1
  731. package/src/utils/token.utils.js +0 -65
  732. package/src/utils/token.utils.js.map +0 -1
  733. package/src/utils/types.utils.js +0 -3
  734. package/src/utils/types.utils.js.map +0 -1
  735. package/src/utils/uri-template.utils.js +0 -113
  736. package/src/utils/uri-template.utils.js.map +0 -1
  737. package/src/utils/uri-validation.utils.js +0 -76
  738. package/src/utils/uri-validation.utils.js.map +0 -1
  739. package/{src/adapter → adapter}/adapter.instance.d.ts +0 -0
  740. package/{src/adapter → adapter}/adapter.regsitry.d.ts +0 -0
  741. package/{src/adapter → adapter}/adapter.utils.d.ts +0 -0
  742. package/{src/app → app}/app.registry.d.ts +0 -0
  743. package/{src/app → app}/app.utils.d.ts +0 -0
  744. package/{src/app → app}/instances/app.local.instance.d.ts +0 -0
  745. package/{src/app → app}/instances/app.remote.instance.d.ts +0 -0
  746. package/{src/app → app}/instances/index.d.ts +0 -0
  747. package/{src/auth → auth}/auth.registry.d.ts +0 -0
  748. package/{src/auth → auth}/auth.utils.d.ts +0 -0
  749. package/{src/auth → auth}/authorization/authorization.class.d.ts +0 -0
  750. package/{src/auth → auth}/authorization/authorization.types.d.ts +0 -0
  751. package/{src/auth → auth}/authorization/index.d.ts +0 -0
  752. package/{src/auth → auth}/authorization/orchestrated.authorization.d.ts +0 -0
  753. package/{src/auth → auth}/authorization/public.authorization.d.ts +0 -0
  754. package/{src/auth → auth}/authorization/transparent.authorization.d.ts +0 -0
  755. package/{src/auth → auth}/consent/consent.types.d.ts +0 -0
  756. package/{src/auth → auth}/consent/index.d.ts +0 -0
  757. package/{src/auth → auth}/detection/auth-provider-detection.d.ts +0 -0
  758. package/{src/auth → auth}/detection/index.d.ts +0 -0
  759. package/{src/auth → auth}/flows/auth.verify.flow.d.ts +0 -0
  760. package/{src/auth → auth}/flows/oauth.authorize.flow.d.ts +0 -0
  761. package/{src/auth → auth}/flows/oauth.callback.flow.d.ts +0 -0
  762. package/{src/auth → auth}/flows/oauth.register.flow.d.ts +0 -0
  763. package/{src/auth → auth}/flows/oauth.token.flow.d.ts +0 -0
  764. package/{src/auth → auth}/flows/session.verify.flow.d.ts +0 -0
  765. package/{src/auth → auth}/flows/well-known.jwks.flow.d.ts +0 -0
  766. package/{src/auth → auth}/flows/well-known.oauth-authorization-server.flow.d.ts +0 -0
  767. package/{src/auth → auth}/flows/well-known.prm.flow.d.ts +0 -0
  768. package/{src/auth → auth}/jwks/dev-key-persistence.d.ts +0 -0
  769. package/{src/auth → auth}/jwks/index.d.ts +0 -0
  770. package/{src/auth → auth}/jwks/jwks.service.d.ts +0 -0
  771. package/{src/auth → auth}/jwks/jwks.types.d.ts +0 -0
  772. package/{src/auth → auth}/jwks/jwks.utils.d.ts +0 -0
  773. package/{src/auth → auth}/machine-id.d.ts +0 -0
  774. package/{src/auth → auth}/oauth/flows/oauth.authorize.flow.d.ts +0 -0
  775. package/{src/auth → auth}/oauth/flows/oauth.device-authorization.flow.d.ts +0 -0
  776. package/{src/auth → auth}/oauth/flows/oauth.introspect.flow.d.ts +0 -0
  777. package/{src/auth → auth}/oauth/flows/oauth.par.flow.d.ts +0 -0
  778. package/{src/auth → auth}/oauth/flows/oauth.revoke.flow.d.ts +0 -0
  779. package/{src/auth → auth}/oauth/flows/oauth.token.flow.d.ts +0 -0
  780. package/{src/auth → auth}/oauth/flows/oauth.userinfo.flow.d.ts +0 -0
  781. package/{src/auth → auth}/oauth/flows/oidc.logout.flow.d.ts +0 -0
  782. package/{src/auth → auth}/session/authorization-vault.d.ts +0 -0
  783. package/{src/auth → auth}/session/authorization.store.d.ts +0 -0
  784. package/{src/auth → auth}/session/encrypted-authorization-vault.d.ts +0 -0
  785. package/{src/auth → auth}/session/record/session.base.d.ts +0 -0
  786. package/{src/auth → auth}/session/record/session.stateful.d.ts +0 -0
  787. package/{src/auth → auth}/session/record/session.stateless.d.ts +0 -0
  788. package/{src/auth → auth}/session/record/session.transparent.d.ts +0 -0
  789. package/{src/auth → auth}/session/session.crypto.d.ts +0 -0
  790. package/{src/auth → auth}/session/session.schema.d.ts +0 -0
  791. package/{src/auth → auth}/session/session.service.d.ts +0 -0
  792. package/{src/auth → auth}/session/session.transport.d.ts +0 -0
  793. package/{src/auth → auth}/session/session.types.d.ts +0 -0
  794. package/{src/auth → auth}/session/token.refresh.d.ts +0 -0
  795. package/{src/auth → auth}/session/token.store.d.ts +0 -0
  796. package/{src/auth → auth}/session/token.vault.d.ts +0 -0
  797. package/{src/auth → auth}/session/transport-session.manager.d.ts +0 -0
  798. package/{src/auth → auth}/session/utils/auth-token.utils.d.ts +0 -0
  799. package/{src/auth → auth}/session/utils/session-id.utils.d.ts +0 -0
  800. package/{src/auth → auth}/session/utils/tiny-ttl-cache.d.ts +0 -0
  801. package/{src/auth → auth}/session/vault-encryption.d.ts +0 -0
  802. package/{src/auth → auth}/ui/base-layout.d.ts +0 -0
  803. package/{src/auth → auth}/ui/index.d.ts +0 -0
  804. package/{src/auth → auth}/ui/templates.d.ts +0 -0
  805. package/{src/auth → auth}/utils/audience.validator.d.ts +0 -0
  806. package/{src/auth → auth}/utils/index.d.ts +0 -0
  807. package/{src/auth → auth}/utils/www-authenticate.utils.d.ts +0 -0
  808. package/{src/common → common}/common.schema.d.ts +0 -0
  809. package/{src/common → common}/constants.d.ts +0 -0
  810. package/{src/common → common}/decorators/adapter.decorator.d.ts +0 -0
  811. package/{src/common → common}/decorators/app.decorator.d.ts +0 -0
  812. package/{src/common → common}/decorators/auth-provider.decorator.d.ts +0 -0
  813. package/{src/common → common}/decorators/decorator-utils.d.ts +0 -0
  814. package/{src/common → common}/decorators/flow.decorator.d.ts +0 -0
  815. package/{src/common → common}/decorators/front-mcp.decorator.d.ts +0 -0
  816. package/{src/common → common}/decorators/hook.decorator.d.ts +0 -0
  817. package/{src/common → common}/decorators/index.d.ts +0 -0
  818. package/{src/common → common}/decorators/logger.decorator.d.ts +0 -0
  819. package/{src/common → common}/decorators/plugin.decorator.d.ts +0 -0
  820. package/{src/common → common}/decorators/prompt.decorator.d.ts +0 -0
  821. package/{src/common → common}/decorators/provider.decorator.d.ts +0 -0
  822. package/{src/common → common}/decorators/resource.decorator.d.ts +0 -0
  823. package/{src/common → common}/decorators/tool.decorator.d.ts +0 -0
  824. package/{src/common → common}/dynamic/dynamic.adapter.d.ts +0 -0
  825. package/{src/common → common}/dynamic/dynamic.plugin.d.ts +0 -0
  826. package/{src/common → common}/dynamic/dynamic.utils.d.ts +0 -0
  827. package/{src/common → common}/dynamic/index.d.ts +0 -0
  828. package/{src/common → common}/entries/adapter.entry.d.ts +0 -0
  829. package/{src/common → common}/entries/app.entry.d.ts +0 -0
  830. package/{src/common → common}/entries/auth-provider.entry.d.ts +0 -0
  831. package/{src/common → common}/entries/base.entry.d.ts +0 -0
  832. package/{src/common → common}/entries/flow.entry.d.ts +0 -0
  833. package/{src/common → common}/entries/hook.entry.d.ts +0 -0
  834. package/{src/common → common}/entries/index.d.ts +0 -0
  835. package/{src/common → common}/entries/logger.entry.d.ts +0 -0
  836. package/{src/common → common}/entries/plugin.entry.d.ts +0 -0
  837. package/{src/common → common}/entries/prompt.entry.d.ts +0 -0
  838. package/{src/common → common}/entries/provider.entry.d.ts +0 -0
  839. package/{src/common → common}/entries/resource.entry.d.ts +0 -0
  840. package/{src/common → common}/entries/scope.entry.d.ts +0 -0
  841. package/{src/common → common}/entries/tool.entry.d.ts +0 -0
  842. package/{src/common → common}/flow/flow.utils.d.ts +0 -0
  843. package/{src/common → common}/index.d.ts +0 -0
  844. package/{src/common → common}/interfaces/adapter.interface.d.ts +0 -0
  845. package/{src/common → common}/interfaces/app.interface.d.ts +0 -0
  846. package/{src/common → common}/interfaces/auth-hook.interface.d.ts +0 -0
  847. package/{src/common → common}/interfaces/auth-provider.interface.d.ts +0 -0
  848. package/{src/common → common}/interfaces/base.interface.d.ts +0 -0
  849. package/{src/common → common}/interfaces/execution-context.interface.d.ts +0 -0
  850. package/{src/common → common}/interfaces/flow.interface.d.ts +0 -0
  851. package/{src/common → common}/interfaces/front-mcp.interface.d.ts +0 -0
  852. package/{src/common → common}/interfaces/hook.interface.d.ts +0 -0
  853. package/{src/common → common}/interfaces/index.d.ts +0 -0
  854. package/{src/common → common}/interfaces/internal/flow.utils.d.ts +0 -0
  855. package/{src/common → common}/interfaces/internal/index.d.ts +0 -0
  856. package/{src/common → common}/interfaces/internal/registry.interface.d.ts +0 -0
  857. package/{src/common → common}/interfaces/logger.interface.d.ts +0 -0
  858. package/{src/common → common}/interfaces/plugin.interface.d.ts +0 -0
  859. package/{src/common → common}/interfaces/prompt.interface.d.ts +0 -0
  860. package/{src/common → common}/interfaces/provider.interface.d.ts +0 -0
  861. package/{src/common → common}/interfaces/resource.interface.d.ts +0 -0
  862. package/{src/common → common}/interfaces/scope.interface.d.ts +0 -0
  863. package/{src/common → common}/interfaces/server.interface.d.ts +0 -0
  864. package/{src/common → common}/interfaces/session-hook.interface.d.ts +0 -0
  865. package/{src/common → common}/interfaces/tool-hook.interface.d.ts +0 -0
  866. package/{src/common → common}/interfaces/tool.interface.d.ts +0 -0
  867. package/{src/common → common}/metadata/adapter.metadata.d.ts +0 -0
  868. package/{src/common → common}/metadata/app.metadata.d.ts +42 -42
  869. package/{src/common → common}/metadata/auth-provider.metadata.d.ts +0 -0
  870. package/{src/common → common}/metadata/flow.metadata.d.ts +0 -0
  871. package/{src/common → common}/metadata/hook.metadata.d.ts +0 -0
  872. package/{src/common → common}/metadata/index.d.ts +0 -0
  873. package/{src/common → common}/metadata/logger.metadata.d.ts +0 -0
  874. package/{src/common → common}/metadata/plugin.metadata.d.ts +0 -0
  875. package/{src/common → common}/metadata/prompt.metadata.d.ts +0 -0
  876. package/{src/common → common}/metadata/provider.metadata.d.ts +0 -0
  877. package/{src/common → common}/metadata/resource.metadata.d.ts +0 -0
  878. package/{src/common → common}/metadata/tool-ui.metadata.d.ts +0 -0
  879. package/{src/common → common}/metadata/tool.metadata.d.ts +0 -0
  880. package/{src/common → common}/migrate/auth-transport.migrate.d.ts +0 -0
  881. package/{src/common → common}/migrate/index.d.ts +0 -0
  882. package/{src/common → common}/providers/base-config.provider.d.ts +0 -0
  883. package/{src/common → common}/records/adapter.record.d.ts +0 -0
  884. package/{src/common → common}/records/app.record.d.ts +0 -0
  885. package/{src/common → common}/records/auth-provider.record.d.ts +0 -0
  886. package/{src/common → common}/records/flow.record.d.ts +0 -0
  887. package/{src/common → common}/records/hook.record.d.ts +0 -0
  888. package/{src/common → common}/records/index.d.ts +0 -0
  889. package/{src/common → common}/records/logger.record.d.ts +0 -0
  890. package/{src/common → common}/records/plugin.record.d.ts +0 -0
  891. package/{src/common → common}/records/prompt.record.d.ts +0 -0
  892. package/{src/common → common}/records/provider.record.d.ts +0 -0
  893. package/{src/common → common}/records/resource.record.d.ts +0 -0
  894. package/{src/common → common}/records/scope.record.d.ts +0 -0
  895. package/{src/common → common}/records/tool.record.d.ts +0 -0
  896. package/{src/common → common}/schemas/annotated-class.schema.d.ts +0 -0
  897. package/{src/common → common}/schemas/http-input.schema.d.ts +0 -0
  898. package/{src/common → common}/schemas/http-output.schema.d.ts +0 -0
  899. package/{src/common → common}/schemas/index.d.ts +0 -0
  900. package/{src/common → common}/schemas/session-header.schema.d.ts +0 -0
  901. package/{src/common → common}/tokens/adapter.tokens.d.ts +0 -0
  902. package/{src/common → common}/tokens/app.tokens.d.ts +0 -0
  903. package/{src/common → common}/tokens/auth-provider.tokens.d.ts +0 -0
  904. package/{src/common → common}/tokens/base.tokens.d.ts +0 -0
  905. package/{src/common → common}/tokens/flow-hook.tokens.d.ts +0 -0
  906. package/{src/common → common}/tokens/flow.tokens.d.ts +0 -0
  907. package/{src/common → common}/tokens/front-mcp.tokens.d.ts +0 -0
  908. package/{src/common → common}/tokens/index.d.ts +0 -0
  909. package/{src/common → common}/tokens/logger.tokens.d.ts +0 -0
  910. package/{src/common → common}/tokens/plugin.tokens.d.ts +0 -0
  911. package/{src/common → common}/tokens/prompt.tokens.d.ts +0 -0
  912. package/{src/common → common}/tokens/provider.tokens.d.ts +0 -0
  913. package/{src/common → common}/tokens/resource.tokens.d.ts +0 -0
  914. package/{src/common → common}/tokens/server.tokens.d.ts +0 -0
  915. package/{src/common → common}/tokens/tool.tokens.d.ts +0 -0
  916. package/{src/common → common}/types/auth/index.d.ts +0 -0
  917. package/{src/common → common}/types/auth/jwt.types.d.ts +0 -0
  918. package/{src/common → common}/types/auth/session.types.d.ts +0 -0
  919. package/{src/common → common}/types/common.types.d.ts +0 -0
  920. package/{src/common → common}/types/index.d.ts +0 -0
  921. package/{src/logger/logger.tokens.d.ts → common/types/options/auth/auth.typecheck.d.ts} +0 -0
  922. package/{src/common → common}/types/options/http.options.d.ts +0 -0
  923. package/{src/common → common}/types/options/logging.options.d.ts +0 -0
  924. package/{src/common → common}/types/options/redis.options.d.ts +0 -0
  925. package/{src/common → common}/types/options/server-info.options.d.ts +0 -0
  926. package/{src/common → common}/types/options/session.options.d.ts +0 -0
  927. package/{src/common → common}/utils/global-config.utils.d.ts +0 -0
  928. package/{src/common → common}/utils/index.d.ts +0 -0
  929. package/{src/common → common}/utils/path.utils.d.ts +0 -0
  930. package/{src/completion → completion}/flows/complete.flow.d.ts +0 -0
  931. package/{src/context → context}/frontmcp-context-storage.d.ts +0 -0
  932. package/{src/context → context}/frontmcp-context.d.ts +0 -0
  933. package/{src/context → context}/frontmcp-context.provider.d.ts +0 -0
  934. package/{src/context → context}/index.d.ts +0 -0
  935. package/{src/context → context}/request-context-storage.d.ts +0 -0
  936. package/{src/context → context}/request-context.d.ts +0 -0
  937. package/{src/context → context}/request-context.provider.d.ts +0 -0
  938. package/{src/context → context}/session-key.provider.d.ts +0 -0
  939. package/{src/context → context}/trace-context.d.ts +0 -0
  940. package/{src/errors → errors}/authorization-required.error.d.ts +0 -0
  941. package/{src/errors → errors}/error-handler.d.ts +0 -0
  942. package/{src/errors → errors}/index.d.ts +0 -0
  943. package/{src/errors → errors}/mcp.error.d.ts +0 -0
  944. package/{src/exceptions → exceptions}/mcp-exceptions/session-missing.exception.d.ts +0 -0
  945. package/{src/exceptions → exceptions}/mcp-exceptions/unsupported-client-version.exception.d.ts +0 -0
  946. package/{src/flows → flows}/flow.instance.d.ts +0 -0
  947. package/{src/flows → flows}/flow.registry.d.ts +0 -0
  948. package/{src/flows → flows}/flow.stages.d.ts +0 -0
  949. package/{src/flows → flows}/flow.utils.d.ts +0 -0
  950. package/{src/front-mcp → front-mcp}/front-mcp.d.ts +0 -0
  951. package/{src/front-mcp → front-mcp}/front-mcp.providers.d.ts +38 -38
  952. /package/{src/front-mcp → front-mcp}/front-mcp.tokens.d.ts +0 -0
  953. /package/{src/front-mcp → front-mcp}/index.d.ts +0 -0
  954. /package/{src/front-mcp → front-mcp}/serverless-handler.d.ts +0 -0
  955. /package/{src/hooks → hooks}/hook.instance.d.ts +0 -0
  956. /package/{src/hooks → hooks}/hook.registry.d.ts +0 -0
  957. /package/{src/hooks → hooks}/hooks.utils.d.ts +0 -0
  958. /package/{src/index.d.ts → index.d.ts} +0 -0
  959. /package/{src/logger → logger}/instances/instance.console-logger.d.ts +0 -0
  960. /package/{src/logger → logger}/instances/instance.logger.d.ts +0 -0
  961. /package/{src/logger → logger}/logger.registry.d.ts +0 -0
  962. /package/{src/logger → logger}/logger.types.d.ts +0 -0
  963. /package/{src/logger → logger}/logger.utils.d.ts +0 -0
  964. /package/{src/logging → logging}/flows/set-level.flow.d.ts +0 -0
  965. /package/{src/mcp-apps → mcp-apps}/csp.d.ts +0 -0
  966. /package/{src/mcp-apps → mcp-apps}/index.d.ts +0 -0
  967. /package/{src/mcp-apps → mcp-apps}/schemas.d.ts +0 -0
  968. /package/{src/mcp-apps → mcp-apps}/template.d.ts +0 -0
  969. /package/{src/mcp-apps → mcp-apps}/types.d.ts +0 -0
  970. /package/{src/notification → notification}/index.d.ts +0 -0
  971. /package/{src/notification → notification}/notification.service.d.ts +0 -0
  972. /package/{src/plugin → plugin}/plugin.registry.d.ts +0 -0
  973. /package/{src/plugin → plugin}/plugin.utils.d.ts +0 -0
  974. /package/{src/prompt → prompt}/flows/get-prompt.flow.d.ts +0 -0
  975. /package/{src/prompt → prompt}/flows/prompts-list.flow.d.ts +0 -0
  976. /package/{src/prompt → prompt}/index.d.ts +0 -0
  977. /package/{src/prompt → prompt}/prompt.events.d.ts +0 -0
  978. /package/{src/prompt → prompt}/prompt.instance.d.ts +0 -0
  979. /package/{src/prompt → prompt}/prompt.registry.d.ts +0 -0
  980. /package/{src/prompt → prompt}/prompt.types.d.ts +0 -0
  981. /package/{src/prompt → prompt}/prompt.utils.d.ts +0 -0
  982. /package/{src/provider → provider}/provider.registry.d.ts +0 -0
  983. /package/{src/provider → provider}/provider.types.d.ts +0 -0
  984. /package/{src/provider → provider}/provider.utils.d.ts +0 -0
  985. /package/{src/regsitry → regsitry}/index.d.ts +0 -0
  986. /package/{src/regsitry → regsitry}/registry.base.d.ts +0 -0
  987. /package/{src/resource → resource}/flows/read-resource.flow.d.ts +0 -0
  988. /package/{src/resource → resource}/flows/resource-templates-list.flow.d.ts +0 -0
  989. /package/{src/resource → resource}/flows/resources-list.flow.d.ts +0 -0
  990. /package/{src/resource → resource}/flows/subscribe-resource.flow.d.ts +0 -0
  991. /package/{src/resource → resource}/flows/unsubscribe-resource.flow.d.ts +0 -0
  992. /package/{src/resource → resource}/index.d.ts +0 -0
  993. /package/{src/resource → resource}/resource.events.d.ts +0 -0
  994. /package/{src/resource → resource}/resource.instance.d.ts +0 -0
  995. /package/{src/resource → resource}/resource.registry.d.ts +0 -0
  996. /package/{src/resource → resource}/resource.types.d.ts +0 -0
  997. /package/{src/resource → resource}/resource.utils.d.ts +0 -0
  998. /package/{src/scope → scope}/flows/http.request.flow.d.ts +0 -0
  999. /package/{src/scope → scope}/index.d.ts +0 -0
  1000. /package/{src/scope → scope}/scope.instance.d.ts +0 -0
  1001. /package/{src/scope → scope}/scope.registry.d.ts +0 -0
  1002. /package/{src/scope → scope}/scope.utils.d.ts +0 -0
  1003. /package/{src/server → server}/adapters/base.host.adapter.d.ts +0 -0
  1004. /package/{src/server → server}/adapters/express.host.adapter.d.ts +0 -0
  1005. /package/{src/server → server}/server.instance.d.ts +0 -0
  1006. /package/{src/server → server}/server.types.d.ts +0 -0
  1007. /package/{src/server → server}/server.validation.d.ts +0 -0
  1008. /package/{src/store → store}/adapters/store.base.adapter.d.ts +0 -0
  1009. /package/{src/store → store}/adapters/store.memory.adapter.d.ts +0 -0
  1010. /package/{src/store → store}/adapters/store.redis.adapter.d.ts +0 -0
  1011. /package/{src/store → store}/adapters/store.vercel-kv.adapter.d.ts +0 -0
  1012. /package/{src/store → store}/index.d.ts +0 -0
  1013. /package/{src/store → store}/store.factory.d.ts +0 -0
  1014. /package/{src/store → store}/store.helpers.d.ts +0 -0
  1015. /package/{src/store → store}/store.registry.d.ts +0 -0
  1016. /package/{src/store → store}/store.tokens.d.ts +0 -0
  1017. /package/{src/store → store}/store.types.d.ts +0 -0
  1018. /package/{src/store → store}/store.utils.d.ts +0 -0
  1019. /package/{src/tool → tool}/flows/call-tool.flow.d.ts +0 -0
  1020. /package/{src/tool → tool}/flows/tools-list.flow.d.ts +0 -0
  1021. /package/{src/tool → tool}/tool.events.d.ts +0 -0
  1022. /package/{src/tool → tool}/tool.instance.d.ts +0 -0
  1023. /package/{src/tool → tool}/tool.registry.d.ts +0 -0
  1024. /package/{src/tool → tool}/tool.types.d.ts +0 -0
  1025. /package/{src/tool → tool}/tool.utils.d.ts +0 -0
  1026. /package/{src/tool → tool}/ui/index.d.ts +0 -0
  1027. /package/{src/tool → tool}/ui/platform-adapters.d.ts +0 -0
  1028. /package/{src/tool → tool}/ui/template-helpers.d.ts +0 -0
  1029. /package/{src/tool → tool}/ui/ui-resource-template.d.ts +0 -0
  1030. /package/{src/tool → tool}/ui/ui-resource.handler.d.ts +0 -0
  1031. /package/{src/transport → transport}/flows/handle.sse.flow.d.ts +0 -0
  1032. /package/{src/transport → transport}/flows/handle.stateless-http.flow.d.ts +0 -0
  1033. /package/{src/transport → transport}/flows/handle.streamable-http.flow.d.ts +0 -0
  1034. /package/{src/transport → transport}/legacy/legacy.sse.tranporter.d.ts +0 -0
  1035. /package/{src/transport → transport}/mcp-handlers/Initialized-notification.hanlder.d.ts +0 -0
  1036. /package/{src/transport → transport}/mcp-handlers/call-tool-request.handler.d.ts +0 -0
  1037. /package/{src/transport → transport}/mcp-handlers/complete-request.handler.d.ts +0 -0
  1038. /package/{src/transport → transport}/mcp-handlers/get-prompt-request.handler.d.ts +0 -0
  1039. /package/{src/transport → transport}/mcp-handlers/index.d.ts +0 -0
  1040. /package/{src/transport → transport}/mcp-handlers/initialize-request.handler.d.ts +0 -0
  1041. /package/{src/transport → transport}/mcp-handlers/list-prompts-request.handler.d.ts +0 -0
  1042. /package/{src/transport → transport}/mcp-handlers/list-resource-templates-request.handler.d.ts +0 -0
  1043. /package/{src/transport → transport}/mcp-handlers/list-resources-request.handler.d.ts +0 -0
  1044. /package/{src/transport → transport}/mcp-handlers/list-tools-request.handler.d.ts +0 -0
  1045. /package/{src/transport → transport}/mcp-handlers/logging-set-level-request.handler.d.ts +0 -0
  1046. /package/{src/transport → transport}/mcp-handlers/mcp-handlers.types.d.ts +0 -0
  1047. /package/{src/transport → transport}/mcp-handlers/read-resource-request.handler.d.ts +0 -0
  1048. /package/{src/transport → transport}/mcp-handlers/roots-list-changed-notification.handler.d.ts +0 -0
  1049. /package/{src/transport → transport}/mcp-handlers/subscribe-request.handler.d.ts +0 -0
  1050. /package/{src/transport → transport}/mcp-handlers/unsubscribe-request.handler.d.ts +0 -0
  1051. /package/{src/transport → transport}/transport.error.d.ts +0 -0
  1052. /package/{src/transport → transport}/transport.event-store.d.ts +0 -0
  1053. /package/{src/types → types}/drinen-hooks.types.d.ts +0 -0
  1054. /package/{src/types → types}/invoke.type.d.ts +0 -0
  1055. /package/{src/types → types}/token.types.d.ts +0 -0
  1056. /package/{src/utils → utils}/content.utils.d.ts +0 -0
  1057. /package/{src/utils → utils}/index.d.ts +0 -0
  1058. /package/{src/utils → utils}/lineage.utils.d.ts +0 -0
  1059. /package/{src/utils → utils}/metadata.utils.d.ts +0 -0
  1060. /package/{src/utils → utils}/naming.utils.d.ts +0 -0
  1061. /package/{src/utils → utils}/server.utils.d.ts +0 -0
  1062. /package/{src/utils → utils}/string.utils.d.ts +0 -0
  1063. /package/{src/utils → utils}/token.utils.d.ts +0 -0
  1064. /package/{src/utils → utils}/types.utils.d.ts +0 -0
  1065. /package/{src/utils → utils}/uri-template.utils.d.ts +0 -0
  1066. /package/{src/utils → utils}/uri-validation.utils.d.ts +0 -0
package/src/auth/auth.utils.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"auth.utils.js","sourceRoot":"","sources":["../../../src/auth/auth.utils.ts"],"names":[],"mappings":";;AAWA,kDAMC;AAED,sCAoDC;AAQD,8CAeC;AA9FD,qBAAqB;AACrB,oCAAwE;AACxE,sCAOmB;AAEnB,SAAgB,mBAAmB,CAAC,GAAqB;IACvD,OAAO,MAAM,CAAC,OAAO,CAAC,mCAA0B,CAAC,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAClF,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE;YAC7B,CAAC,GAAG,CAAC,EAAE,IAAA,mBAAW,EAAC,KAAK,EAAE,GAAG,CAAC;SAC/B,CAAC,CAAC;IACL,CAAC,EAAE,EAA0B,CAAC,CAAC;AACjC,CAAC;AAED,SAAgB,aAAa,CAAC,IAAsB;IAClD,IAAI,IAAA,eAAO,EAAC,IAAI,CAAC,EAAE,CAAC;QAClB,kCAAkC;QAClC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,OAAO,EAAE,IAAI,EAAE,yBAAgB,CAAC,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACzE,CAAC;IACD,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAW,CAAC;QAErF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,UAAU,CAAC;YAC/C,MAAM,IAAI,KAAK,CAAC,SAAS,IAAI,yBAAyB,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,IAAA,eAAO,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,IAAA,iBAAS,EAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACjF,CAAC;YACD,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAA,iBAAS,EAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;YACtF,CAAC;YACD,MAAM,GAAG,GAAG,OAAO,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAW,CAAC;YACtE,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,OAAO;gBAC9B,OAAO;gBACP,MAAM,EAAE,GAAG;gBACX,UAAU;gBACV,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;YACvB,OAAO;gBACL,IAAI,EAAE,yBAAgB,CAAC,KAAK;gBAC5B,OAAO;gBACP,QAAQ;gBACR,QAAQ;aACT,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAI,IAAY,EAAE,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,uCAAuC,CAAC,CAAC;AAChF,CAAC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,GAAuB;IACvD,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,yBAAgB,CAAC,KAAK,CAAC;QAC5B,KAAK,yBAAgB,CAAC,OAAO;YAC3B,OAAO,EAAE,CAAC;QAEZ,KAAK,yBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9B,OAAO,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,KAAK,yBAAgB,CAAC,KAAK;YACzB,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAEhD,KAAK,yBAAgB,CAAC,WAAW;YAC/B,OAAO,IAAA,mBAAW,EAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IACjD,CAAC;AACH,CAAC","sourcesContent":["// auth/auth.utils.ts\nimport { depsOfClass, isClass, tokenName, getMetadata } from '../utils';\nimport {\n AuthProviderMetadata,\n FrontMcpAuthProviderTokens,\n AuthProviderType,\n Token,\n AuthProviderRecord,\n AuthProviderKind,\n} from '../common';\n\nexport function collectAuthMetadata(cls: AuthProviderType): AuthProviderMetadata {\n return Object.entries(FrontMcpAuthProviderTokens).reduce((metadata, [key, token]) => {\n return Object.assign(metadata, {\n [key]: getMetadata(token, cls),\n });\n }, {} as AuthProviderMetadata);\n}\n\nexport function normalizeAuth(item: AuthProviderType): AuthProviderRecord {\n if (isClass(item)) {\n // read McpAuthMetadata from class\n const metadata = collectAuthMetadata(item);\n return { kind: AuthProviderKind.CLASS_TOKEN, provide: item, metadata };\n }\n if (item && typeof item === 'object') {\n const { provide, useClass, useValue, useFactory, inject, ...metadata } = item as any;\n\n if (!provide) {\n const name = (item as any)?.name ?? '[object]';\n throw new Error(`Auth '${name}' is missing 'provide'.`);\n }\n\n if (useClass) {\n if (!isClass(useClass)) {\n throw new Error(`'useClass' on auth '${tokenName(provide)}' must be a class.`);\n }\n return {\n kind: AuthProviderKind.CLASS,\n provide,\n useClass,\n metadata,\n };\n }\n\n if (useFactory) {\n if (typeof useFactory !== 'function') {\n throw new Error(`'useFactory' on auth '${tokenName(provide)}' must be a function.`);\n }\n const inj = typeof inject === 'function' ? inject : () => [] as const;\n return {\n kind: AuthProviderKind.FACTORY,\n provide,\n inject: inj,\n useFactory,\n metadata,\n };\n }\n\n if ('useValue' in item) {\n return {\n kind: AuthProviderKind.VALUE,\n provide,\n useValue,\n metadata,\n };\n }\n }\n\n const name = (item as any)?.name ?? String(item);\n throw new Error(`Invalid auth '${name}'. Expected a class or a auth object.`);\n}\n\n/**\n * For graph/cycle detection. Returns dependency tokens that should be graphed.\n * - VALUE: no deps\n * - FACTORY: only includes deps that are registered (others will be resolved)\n * - CLASS / CLASS_TOKEN: deps come from the class constructor or static with(...)\n */\nexport function authDiscoveryDeps(rec: AuthProviderRecord): Token[] {\n switch (rec.kind) {\n case AuthProviderKind.VALUE:\n case AuthProviderKind.PRIMARY:\n return [];\n\n case AuthProviderKind.FACTORY: {\n return [...rec.inject()];\n }\n case AuthProviderKind.CLASS:\n return depsOfClass(rec.useClass, 'discovery');\n\n case AuthProviderKind.CLASS_TOKEN:\n return depsOfClass(rec.provide, 'discovery');\n }\n}\n"]}
package/src/auth/authorization/authorization.class.js DELETED
@@ -1,217 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.class.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.AuthorizationBase = exports.getMachineId = void 0;
5
- const crypto_1 = require("crypto");
6
- const session_id_utils_1 = require("../session/utils/session-id.utils");
7
- const machine_id_1 = require("../machine-id");
8
- // Re-export getMachineId for backwards compatibility
9
- var machine_id_2 = require("../machine-id");
10
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return machine_id_2.getMachineId; } });
11
- /**
12
- * Base Authorization class - represents authenticated user context
13
- * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)
14
- */
15
- class AuthorizationBase {
16
- id;
17
- isAnonymous;
18
- user;
19
- claims;
20
- expiresAt;
21
- scopes;
22
- authorizedProviders;
23
- authorizedProviderIds;
24
- authorizedApps;
25
- authorizedAppIds;
26
- authorizedTools;
27
- authorizedToolIds;
28
- authorizedPrompts;
29
- authorizedPromptIds;
30
- authorizedResources;
31
- /** The original bearer token (for transparent mode) */
32
- token;
33
- /** Active transport sessions for this authorization */
34
- #sessions = new Map();
35
- /** Creation timestamp */
36
- createdAt;
37
- constructor(ctx) {
38
- this.id = ctx.id;
39
- this.isAnonymous = ctx.isAnonymous;
40
- this.user = ctx.user;
41
- this.claims = ctx.claims;
42
- this.expiresAt = ctx.expiresAt;
43
- this.scopes = ctx.scopes ?? [];
44
- this.token = ctx.token;
45
- this.createdAt = Date.now();
46
- // Initialize authorization projections
47
- this.authorizedProviders = ctx.authorizedProviders ?? {};
48
- this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);
49
- this.authorizedApps = ctx.authorizedApps ?? {};
50
- this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);
51
- this.authorizedTools = ctx.authorizedTools ?? {};
52
- this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);
53
- this.authorizedPrompts = ctx.authorizedPrompts ?? {};
54
- this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);
55
- this.authorizedResources = ctx.authorizedResources ?? [];
56
- }
57
- /**
58
- * Create a new transport session for this authorization
59
- * @param protocol - Transport protocol (sse, streamable-http, etc.)
60
- * @param fingerprint - Optional client fingerprint for tracking
61
- */
62
- createTransportSession(protocol, fingerprint) {
63
- const sessionId = (0, crypto_1.randomUUID)();
64
- const session = {
65
- id: sessionId,
66
- authorizationId: this.id,
67
- protocol,
68
- createdAt: Date.now(),
69
- expiresAt: this.expiresAt,
70
- nodeId: (0, machine_id_1.getMachineId)(),
71
- clientFingerprint: fingerprint,
72
- };
73
- this.#sessions.set(session.id, session);
74
- return session;
75
- }
76
- /**
77
- * Get existing transport session by ID
78
- */
79
- getTransportSession(sessionId) {
80
- return this.#sessions.get(sessionId);
81
- }
82
- /**
83
- * Get all active transport sessions
84
- */
85
- getAllSessions() {
86
- return Array.from(this.#sessions.values());
87
- }
88
- /**
89
- * Remove a transport session
90
- */
91
- removeTransportSession(sessionId) {
92
- return this.#sessions.delete(sessionId);
93
- }
94
- /**
95
- * Get count of active sessions
96
- */
97
- get sessionCount() {
98
- return this.#sessions.size;
99
- }
100
- /**
101
- * Check if a scope is granted
102
- */
103
- hasScope(scope) {
104
- return this.scopes.includes(scope);
105
- }
106
- /**
107
- * Check if all scopes are granted
108
- */
109
- hasAllScopes(scopes) {
110
- return scopes.every((s) => this.scopes.includes(s));
111
- }
112
- /**
113
- * Check if any scope is granted
114
- */
115
- hasAnyScope(scopes) {
116
- return scopes.some((s) => this.scopes.includes(s));
117
- }
118
- /**
119
- * Check if a tool is authorized
120
- */
121
- canAccessTool(toolId) {
122
- return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);
123
- }
124
- /**
125
- * Check if a prompt is authorized
126
- */
127
- canAccessPrompt(promptId) {
128
- return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);
129
- }
130
- /**
131
- * Check if an app is authorized.
132
- * Used for progressive authorization to determine if tools from this app can be executed.
133
- * @param appId - App ID to check
134
- */
135
- isAppAuthorized(appId) {
136
- return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);
137
- }
138
- /**
139
- * Build URL for progressive/incremental authorization.
140
- * Used when a tool requires authorization for an app that was skipped during initial auth.
141
- * @param appId - App ID that requires authorization
142
- * @param baseUrl - Base URL of the server
143
- */
144
- getProgressiveAuthUrl(appId, baseUrl) {
145
- return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;
146
- }
147
- /**
148
- * Check if the authorization is expired
149
- */
150
- isExpired() {
151
- if (!this.expiresAt)
152
- return false;
153
- return Date.now() > this.expiresAt;
154
- }
155
- /**
156
- * Get time until expiration in milliseconds
157
- * Returns undefined if no expiration, negative if expired
158
- */
159
- getTimeToExpiry() {
160
- if (!this.expiresAt)
161
- return undefined;
162
- return this.expiresAt - Date.now();
163
- }
164
- /**
165
- * Convert a transport session to encrypted session JWT
166
- * This is what gets sent in the Mcp-Session-Id header
167
- */
168
- toSessionJwt(session) {
169
- const payload = {
170
- sid: session.id,
171
- aid: this.id,
172
- proto: session.protocol,
173
- nid: session.nodeId,
174
- iat: Math.floor(Date.now() / 1000),
175
- exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,
176
- };
177
- return (0, session_id_utils_1.encryptJson)(payload);
178
- }
179
- /**
180
- * Convert to LLM-safe context (no tokens exposed)
181
- */
182
- toLLMSafeContext(session) {
183
- return {
184
- authorizationId: this.id,
185
- sessionId: session.id,
186
- mode: this.mode,
187
- isAnonymous: this.isAnonymous,
188
- user: {
189
- sub: this.user.sub,
190
- name: this.user.name,
191
- },
192
- scopes: this.scopes,
193
- authorizedToolIds: this.authorizedToolIds,
194
- authorizedPromptIds: this.authorizedPromptIds,
195
- };
196
- }
197
- /**
198
- * Validate that no tokens are leaked in data
199
- * Throws if JWT pattern detected
200
- */
201
- static validateNoTokenLeakage(data) {
202
- const json = JSON.stringify(data);
203
- // Detect JWT pattern (header.payload.signature)
204
- if (/eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/.test(json)) {
205
- throw new Error('SECURITY: Token detected in data - potential LLM context leak');
206
- }
207
- // Detect sensitive field names
208
- const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];
209
- for (const field of sensitiveFields) {
210
- if (json.includes(`"${field}"`)) {
211
- throw new Error(`SECURITY: Sensitive field "${field}" detected - potential leak`);
212
- }
213
- }
214
- }
215
- }
216
- exports.AuthorizationBase = AuthorizationBase;
217
- //# sourceMappingURL=authorization.class.js.map
package/src/auth/authorization/authorization.class.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.class.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.class.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,mCAAoC;AAWpC,wEAAgE;AAEhE,8CAA6C;AAE7C,qDAAqD;AACrD,4CAA6C;AAApC,0GAAA,YAAY,OAAA;AAErB;;;GAGG;AACH,MAAsB,iBAAiB;IAC5B,EAAE,CAAS;IAEX,WAAW,CAAU;IACrB,IAAI,CAAW;IACf,MAAM,CAA2B;IACjC,SAAS,CAAU;IACnB,MAAM,CAAW;IACjB,mBAAmB,CAAmC;IACtD,qBAAqB,CAAW;IAChC,cAAc,CAAoD;IAClE,gBAAgB,CAAW;IAC3B,eAAe,CAAiC;IAChD,iBAAiB,CAAW;IAC5B,iBAAiB,CAAmC;IACpD,mBAAmB,CAAW;IAC9B,mBAAmB,CAAW;IAEvC,uDAAuD;IACpC,KAAK,CAAU;IAElC,uDAAuD;IAC9C,SAAS,GAAkC,IAAI,GAAG,EAAE,CAAC;IAE9D,yBAAyB;IAChB,SAAS,CAAS;IAE3B,YAAsB,GAA2B;QAC/C,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;QACnC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE5B,uCAAuC;QACvC,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;QACzD,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,qBAAqB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAChG,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC;QAC/C,IAAI,CAAC,gBAAgB,GAAG,GAAG,CAAC,gBAAgB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACjF,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACpF,IAAI,CAAC,iBAAiB,GAAG,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;QACrD,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC1F,IAAI,CAAC,mBAAmB,GAAG,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED;;;;OAIG;IACH,sBAAsB,CAAC,QAA2B,EAAE,WAAoB;QACtE,MAAM,SAAS,GAAG,IAAA,mBAAU,GAAE,CAAC;QAE/B,MAAM,OAAO,GAAqB;YAChC,EAAE,EAAE,SAAS;YACb,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,IAAA,yBAAY,GAAE;YACtB,iBAAiB,EAAE,WAAW;SAC/B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACxC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,SAAiB;QACnC,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,SAAiB;QACtC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC7B,CAAC;IAWD;;OAEG;IACH,QAAQ,CAAC,KAAa;QACpB,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAgB;QAC3B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,MAAgB;QAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,MAAc;QAC1B,OAAO,MAAM,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,QAAgB;QAC9B,OAAO,QAAQ,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3F,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,KAAa;QAC3B,OAAO,KAAK,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACH,qBAAqB,CAAC,KAAa,EAAE,OAAe;QAClD,OAAO,GAAG,OAAO,wBAAwB,kBAAkB,CAAC,KAAK,CAAC,mBAAmB,CAAC;IACxF,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QAClC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,OAAO,SAAS,CAAC;QACtC,OAAO,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,OAAyB;QACpC,MAAM,OAAO,GAAsB;YACjC,GAAG,EAAE,OAAO,CAAC,EAAE;YACf,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,KAAK,EAAE,OAAO,CAAC,QAAQ;YACvB,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;QACF,OAAO,IAAA,8BAAW,EAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,OAAyB;QACxC,OAAO;YACL,eAAe,EAAE,IAAI,CAAC,EAAE;YACxB,SAAS,EAAE,OAAO,CAAC,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,IAAI,EAAE;gBACJ,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG;gBAClB,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI;aACrB;YACD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;YACzC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;SAC9C,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,sBAAsB,CAAC,IAAa;QACzC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,gDAAgD;QAChD,IAAI,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QACD,+BAA+B;QAC/B,MAAM,eAAe,GAAG,CAAC,cAAc,EAAE,eAAe,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;QACjG,KAAK,MAAM,KAAK,IAAI,eAAe,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,8BAA8B,KAAK,6BAA6B,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAxOD,8CAwOC","sourcesContent":["// auth/authorization/authorization.class.ts\n\nimport { randomUUID } from 'crypto';\nimport {\n Authorization,\n AuthorizationCreateCtx,\n AuthorizedPrompt,\n AuthorizedTool,\n AuthUser,\n LLMSafeAuthContext,\n} from './authorization.types';\nimport { TransportSession, TransportProtocol, SessionJwtPayload } from '../session';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { encryptJson } from '../session/utils/session-id.utils';\nimport { AuthMode } from '../../common';\nimport { getMachineId } from '../machine-id';\n\n// Re-export getMachineId for backwards compatibility\nexport { getMachineId } from '../machine-id';\n\n/**\n * Base Authorization class - represents authenticated user context\n * Subclasses implement mode-specific behavior (Public, Transparent, Orchestrated)\n */\nexport abstract class AuthorizationBase implements Authorization {\n readonly id: string;\n abstract readonly mode: AuthMode;\n readonly isAnonymous: boolean;\n readonly user: AuthUser;\n readonly claims?: Record<string, unknown>;\n readonly expiresAt?: number;\n readonly scopes: string[];\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n readonly authorizedProviderIds: string[];\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n readonly authorizedAppIds: string[];\n readonly authorizedTools: Record<string, AuthorizedTool>;\n readonly authorizedToolIds: string[];\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n readonly authorizedPromptIds: string[];\n readonly authorizedResources: string[];\n\n /** The original bearer token (for transparent mode) */\n protected readonly token?: string;\n\n /** Active transport sessions for this authorization */\n readonly #sessions: Map<string, TransportSession> = new Map();\n\n /** Creation timestamp */\n readonly createdAt: number;\n\n protected constructor(ctx: AuthorizationCreateCtx) {\n this.id = ctx.id;\n this.isAnonymous = ctx.isAnonymous;\n this.user = ctx.user;\n this.claims = ctx.claims;\n this.expiresAt = ctx.expiresAt;\n this.scopes = ctx.scopes ?? [];\n this.token = ctx.token;\n this.createdAt = Date.now();\n\n // Initialize authorization projections\n this.authorizedProviders = ctx.authorizedProviders ?? {};\n this.authorizedProviderIds = ctx.authorizedProviderIds ?? Object.keys(this.authorizedProviders);\n this.authorizedApps = ctx.authorizedApps ?? {};\n this.authorizedAppIds = ctx.authorizedAppIds ?? Object.keys(this.authorizedApps);\n this.authorizedTools = ctx.authorizedTools ?? {};\n this.authorizedToolIds = ctx.authorizedToolIds ?? Object.keys(this.authorizedTools);\n this.authorizedPrompts = ctx.authorizedPrompts ?? {};\n this.authorizedPromptIds = ctx.authorizedPromptIds ?? Object.keys(this.authorizedPrompts);\n this.authorizedResources = ctx.authorizedResources ?? [];\n }\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession {\n const sessionId = randomUUID();\n\n const session: TransportSession = {\n id: sessionId,\n authorizationId: this.id,\n protocol,\n createdAt: Date.now(),\n expiresAt: this.expiresAt,\n nodeId: getMachineId(),\n clientFingerprint: fingerprint,\n };\n\n this.#sessions.set(session.id, session);\n return session;\n }\n\n /**\n * Get existing transport session by ID\n */\n getTransportSession(sessionId: string): TransportSession | undefined {\n return this.#sessions.get(sessionId);\n }\n\n /**\n * Get all active transport sessions\n */\n getAllSessions(): TransportSession[] {\n return Array.from(this.#sessions.values());\n }\n\n /**\n * Remove a transport session\n */\n removeTransportSession(sessionId: string): boolean {\n return this.#sessions.delete(sessionId);\n }\n\n /**\n * Get count of active sessions\n */\n get sessionCount(): number {\n return this.#sessions.size;\n }\n\n /**\n * Abstract: Get access token for a provider\n * Implementation varies by mode:\n * - Public: throws (no tokens)\n * - Transparent: returns the original bearer token\n * - Orchestrated: retrieves from vault/store\n */\n abstract getToken(providerId?: string): Promise<string>;\n\n /**\n * Check if a scope is granted\n */\n hasScope(scope: string): boolean {\n return this.scopes.includes(scope);\n }\n\n /**\n * Check if all scopes are granted\n */\n hasAllScopes(scopes: string[]): boolean {\n return scopes.every((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if any scope is granted\n */\n hasAnyScope(scopes: string[]): boolean {\n return scopes.some((s) => this.scopes.includes(s));\n }\n\n /**\n * Check if a tool is authorized\n */\n canAccessTool(toolId: string): boolean {\n return toolId in this.authorizedTools || this.authorizedToolIds.includes(toolId);\n }\n\n /**\n * Check if a prompt is authorized\n */\n canAccessPrompt(promptId: string): boolean {\n return promptId in this.authorizedPrompts || this.authorizedPromptIds.includes(promptId);\n }\n\n /**\n * Check if an app is authorized.\n * Used for progressive authorization to determine if tools from this app can be executed.\n * @param appId - App ID to check\n */\n isAppAuthorized(appId: string): boolean {\n return appId in this.authorizedApps || this.authorizedAppIds.includes(appId);\n }\n\n /**\n * Build URL for progressive/incremental authorization.\n * Used when a tool requires authorization for an app that was skipped during initial auth.\n * @param appId - App ID that requires authorization\n * @param baseUrl - Base URL of the server\n */\n getProgressiveAuthUrl(appId: string, baseUrl: string): string {\n return `${baseUrl}/oauth/authorize?app=${encodeURIComponent(appId)}&mode=incremental`;\n }\n\n /**\n * Check if the authorization is expired\n */\n isExpired(): boolean {\n if (!this.expiresAt) return false;\n return Date.now() > this.expiresAt;\n }\n\n /**\n * Get time until expiration in milliseconds\n * Returns undefined if no expiration, negative if expired\n */\n getTimeToExpiry(): number | undefined {\n if (!this.expiresAt) return undefined;\n return this.expiresAt - Date.now();\n }\n\n /**\n * Convert a transport session to encrypted session JWT\n * This is what gets sent in the Mcp-Session-Id header\n */\n toSessionJwt(session: TransportSession): string {\n const payload: SessionJwtPayload = {\n sid: session.id,\n aid: this.id,\n proto: session.protocol,\n nid: session.nodeId,\n iat: Math.floor(Date.now() / 1000),\n exp: this.expiresAt ? Math.floor(this.expiresAt / 1000) : undefined,\n };\n return encryptJson(payload);\n }\n\n /**\n * Convert to LLM-safe context (no tokens exposed)\n */\n toLLMSafeContext(session: TransportSession): LLMSafeAuthContext {\n return {\n authorizationId: this.id,\n sessionId: session.id,\n mode: this.mode,\n isAnonymous: this.isAnonymous,\n user: {\n sub: this.user.sub,\n name: this.user.name,\n },\n scopes: this.scopes,\n authorizedToolIds: this.authorizedToolIds,\n authorizedPromptIds: this.authorizedPromptIds,\n };\n }\n\n /**\n * Validate that no tokens are leaked in data\n * Throws if JWT pattern detected\n */\n static validateNoTokenLeakage(data: unknown): void {\n const json = JSON.stringify(data);\n // Detect JWT pattern (header.payload.signature)\n if (/eyJ[A-Za-z0-9_-]+\\.eyJ[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+/.test(json)) {\n throw new Error('SECURITY: Token detected in data - potential LLM context leak');\n }\n // Detect sensitive field names\n const sensitiveFields = ['access_token', 'refresh_token', 'id_token', 'tokenEnc', 'secretRefId'];\n for (const field of sensitiveFields) {\n if (json.includes(`\"${field}\"`)) {\n throw new Error(`SECURITY: Sensitive field \"${field}\" detected - potential leak`);\n }\n }\n }\n}\n"]}
package/src/auth/authorization/authorization.types.js DELETED
@@ -1,79 +0,0 @@
1
- "use strict";
2
- // auth/authorization/authorization.types.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.progressiveAuthStateSchema = exports.appAuthorizationRecordSchema = exports.appAuthStateSchema = exports.AppAuthState = exports.llmSafeAuthContextSchema = exports.authModeSchema = exports.authorizedPromptSchema = exports.authorizedToolSchema = exports.authUserSchema = void 0;
5
- const zod_1 = require("zod");
6
- // ============================================
7
- // Zod Schemas
8
- // ============================================
9
- exports.authUserSchema = zod_1.z.object({
10
- sub: zod_1.z.string(),
11
- name: zod_1.z.string().optional(),
12
- email: zod_1.z.string().email().optional(),
13
- picture: zod_1.z.string().url().optional(),
14
- anonymous: zod_1.z.boolean().optional(),
15
- });
16
- exports.authorizedToolSchema = zod_1.z.object({
17
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
18
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
19
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
20
- });
21
- exports.authorizedPromptSchema = zod_1.z.object({
22
- executionPath: zod_1.z.tuple([zod_1.z.string(), zod_1.z.string()]),
23
- scopes: zod_1.z.array(zod_1.z.string()).optional(),
24
- details: zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()).optional(),
25
- });
26
- exports.authModeSchema = zod_1.z.enum(['public', 'transparent', 'orchestrated']);
27
- exports.llmSafeAuthContextSchema = zod_1.z.object({
28
- authorizationId: zod_1.z.string(),
29
- sessionId: zod_1.z.string(),
30
- mode: exports.authModeSchema,
31
- isAnonymous: zod_1.z.boolean(),
32
- user: zod_1.z.object({
33
- sub: zod_1.z.string(),
34
- name: zod_1.z.string().optional(),
35
- }),
36
- scopes: zod_1.z.array(zod_1.z.string()),
37
- authorizedToolIds: zod_1.z.array(zod_1.z.string()),
38
- authorizedPromptIds: zod_1.z.array(zod_1.z.string()),
39
- });
40
- // ============================================
41
- // Progressive/Incremental Authorization Types
42
- // ============================================
43
- /**
44
- * State of app authorization within a session.
45
- * Used for progressive authorization flow.
46
- */
47
- var AppAuthState;
48
- (function (AppAuthState) {
49
- /** App has been fully authorized with tokens stored */
50
- AppAuthState["AUTHORIZED"] = "authorized";
51
- /** User explicitly skipped this app during initial auth */
52
- AppAuthState["SKIPPED"] = "skipped";
53
- /** App authorization is pending (not yet presented to user) */
54
- AppAuthState["PENDING"] = "pending";
55
- })(AppAuthState || (exports.AppAuthState = AppAuthState = {}));
56
- /**
57
- * Zod schema for AppAuthState enum
58
- */
59
- exports.appAuthStateSchema = zod_1.z.nativeEnum(AppAuthState);
60
- /**
61
- * Zod schema for AppAuthorizationRecord
62
- */
63
- exports.appAuthorizationRecordSchema = zod_1.z.object({
64
- appId: zod_1.z.string(),
65
- state: exports.appAuthStateSchema,
66
- stateChangedAt: zod_1.z.number(),
67
- grantedScopes: zod_1.z.array(zod_1.z.string()).optional(),
68
- authProviderId: zod_1.z.string().optional(),
69
- toolIds: zod_1.z.array(zod_1.z.string()),
70
- });
71
- /**
72
- * Zod schema for ProgressiveAuthState
73
- */
74
- exports.progressiveAuthStateSchema = zod_1.z.object({
75
- apps: zod_1.z.record(zod_1.z.string(), exports.appAuthorizationRecordSchema),
76
- initiallyAuthorized: zod_1.z.array(zod_1.z.string()),
77
- initiallySkipped: zod_1.z.array(zod_1.z.string()),
78
- });
79
- //# sourceMappingURL=authorization.types.js.map
package/src/auth/authorization/authorization.types.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization.types.js","sourceRoot":"","sources":["../../../../src/auth/authorization/authorization.types.ts"],"names":[],"mappings":";AAAA,4CAA4C;;;AAE5C,6BAAwB;AAiNxB,+CAA+C;AAC/C,cAAc;AACd,+CAA+C;AAElC,QAAA,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;IACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;IACpC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,SAAS,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAClC,CAAC,CAAC;AAEU,QAAA,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC3C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAChD,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEU,QAAA,cAAc,GAAG,OAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC,CAAC;AAEnE,QAAA,wBAAwB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC/C,eAAe,EAAE,OAAC,CAAC,MAAM,EAAE;IAC3B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE;IACrB,IAAI,EAAE,sBAAc;IACpB,WAAW,EAAE,OAAC,CAAC,OAAO,EAAE;IACxB,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC;QACb,GAAG,EAAE,OAAC,CAAC,MAAM,EAAE;QACf,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC5B,CAAC;IACF,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACtC,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACzC,CAAC,CAAC;AAEH,+CAA+C;AAC/C,8CAA8C;AAC9C,+CAA+C;AAE/C;;;GAGG;AACH,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,uDAAuD;IACvD,yCAAyB,CAAA;IACzB,2DAA2D;IAC3D,mCAAmB,CAAA;IACnB,+DAA+D;IAC/D,mCAAmB,CAAA;AACrB,CAAC,EAPW,YAAY,4BAAZ,YAAY,QAOvB;AAmCD;;GAEG;AACU,QAAA,kBAAkB,GAAG,OAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAE7D;;GAEG;AACU,QAAA,4BAA4B,GAAG,OAAC,CAAC,MAAM,CAAC;IACnD,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,KAAK,EAAE,0BAAkB;IACzB,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE;IAC1B,aAAa,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC7C,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CAC7B,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,0BAA0B,GAAG,OAAC,CAAC,MAAM,CAAC;IACjD,IAAI,EAAE,OAAC,CAAC,MAAM,CAAC,OAAC,CAAC,MAAM,EAAE,EAAE,oCAA4B,CAAC;IACxD,mBAAmB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;IACxC,gBAAgB,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC;CACtC,CAAC,CAAC","sourcesContent":["// auth/authorization/authorization.types.ts\n\nimport { z } from 'zod';\nimport { ProviderSnapshot } from '../session/session.types';\nimport { TransportSession, TransportProtocol } from '../session';\nimport type { AuthMode } from '../../common';\n\n/**\n * User identity from authentication\n */\nexport interface AuthUser {\n /** Subject identifier */\n sub: string;\n /** Display name */\n name?: string;\n /** Email address */\n email?: string;\n /** Profile picture URL */\n picture?: string;\n /** Whether this is an anonymous user */\n anonymous?: boolean;\n}\n\n/**\n * Authorized tool entry\n */\nexport interface AuthorizedTool {\n /** Execution path: [appId, toolId] */\n executionPath: [appId: string, toolId: string];\n /** Required scopes for this tool */\n scopes?: string[];\n /** Additional tool metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorized prompt entry\n */\nexport interface AuthorizedPrompt {\n /** Execution path: [appId, promptId] */\n executionPath: [appId: string, promptId: string];\n /** Required scopes for this prompt */\n scopes?: string[];\n /** Additional prompt metadata */\n details?: Record<string, unknown>;\n}\n\n/**\n * Authorization represents the authenticated user context.\n * Created from JWT verification, independent of transport.\n * One authorization can have multiple transport sessions.\n */\nexport interface Authorization {\n /** Unique authorization ID (derived from token signature) */\n readonly id: string;\n\n /** Auth mode that created this authorization */\n readonly mode: AuthMode;\n\n /** Whether this is an anonymous/public authorization */\n readonly isAnonymous: boolean;\n\n /** User identity */\n readonly user: AuthUser;\n\n /** JWT claims */\n readonly claims?: Record<string, unknown>;\n\n /** Token expiration (epoch ms) */\n readonly expiresAt?: number;\n\n /** Granted scopes */\n readonly scopes: string[];\n\n /** Authorized providers (for orchestrated mode) */\n readonly authorizedProviders: Record<string, ProviderSnapshot>;\n\n /** Authorized provider IDs */\n readonly authorizedProviderIds: string[];\n\n /** Authorized apps */\n readonly authorizedApps: Record<string, { id: string; toolIds: string[] }>;\n\n /** Authorized app IDs */\n readonly authorizedAppIds: string[];\n\n /** Authorized tools */\n readonly authorizedTools: Record<string, AuthorizedTool>;\n\n /** Authorized tool IDs */\n readonly authorizedToolIds: string[];\n\n /** Authorized prompts */\n readonly authorizedPrompts: Record<string, AuthorizedPrompt>;\n\n /** Authorized prompt IDs */\n readonly authorizedPromptIds: string[];\n\n /** Authorized resources */\n readonly authorizedResources: string[];\n\n /**\n * Get access token for a provider (orchestrated mode)\n * @param providerId - Provider ID, defaults to primary\n */\n getToken(providerId?: string): Promise<string>;\n\n /**\n * Create a new transport session for this authorization\n * @param protocol - Transport protocol (sse, streamable-http, etc.)\n * @param fingerprint - Optional client fingerprint for tracking\n */\n createTransportSession(protocol: TransportProtocol, fingerprint?: string): TransportSession;\n\n /**\n * Get existing transport session by ID\n * @param sessionId - Session ID to retrieve\n */\n getTransportSession(sessionId: string): TransportSession | undefined;\n\n /**\n * Check if a scope is granted\n * @param scope - Scope to check\n */\n hasScope(scope: string): boolean;\n\n /**\n * Check if all scopes are granted\n * @param scopes - Scopes to check\n */\n hasAllScopes(scopes: string[]): boolean;\n\n /**\n * Check if any scope is granted\n * @param scopes - Scopes to check\n */\n hasAnyScope(scopes: string[]): boolean;\n\n /**\n * Check if a tool is authorized\n * @param toolId - Tool ID to check\n */\n canAccessTool(toolId: string): boolean;\n\n /**\n * Check if a prompt is authorized\n * @param promptId - Prompt ID to check\n */\n canAccessPrompt(promptId: string): boolean;\n}\n\n/**\n * Context for creating an authorization\n */\nexport interface AuthorizationCreateCtx {\n /** Unique ID (typically token signature fingerprint) */\n id: string;\n /** Whether this is anonymous */\n isAnonymous: boolean;\n /** User identity */\n user: AuthUser;\n /** JWT claims */\n claims?: Record<string, unknown>;\n /** Token expiration (epoch ms) */\n expiresAt?: number;\n /** Granted scopes */\n scopes?: string[];\n /** The original token (for transparent mode) */\n token?: string;\n /** Authorized providers */\n authorizedProviders?: Record<string, ProviderSnapshot>;\n /** Authorized provider IDs */\n authorizedProviderIds?: string[];\n /** Authorized apps */\n authorizedApps?: Record<string, { id: string; toolIds: string[] }>;\n /** Authorized app IDs */\n authorizedAppIds?: string[];\n /** Authorized tools */\n authorizedTools?: Record<string, AuthorizedTool>;\n /** Authorized tool IDs */\n authorizedToolIds?: string[];\n /** Authorized prompts */\n authorizedPrompts?: Record<string, AuthorizedPrompt>;\n /** Authorized prompt IDs */\n authorizedPromptIds?: string[];\n /** Authorized resources */\n authorizedResources?: string[];\n}\n\n/**\n * LLM-safe session context (no tokens exposed)\n */\nexport interface LLMSafeAuthContext {\n /** Authorization ID */\n authorizationId: string;\n /** Session ID */\n sessionId: string;\n /** Auth mode */\n mode: AuthMode;\n /** Whether anonymous */\n isAnonymous: boolean;\n /** User (sub and name only) */\n user: { sub: string; name?: string };\n /** Granted scopes */\n scopes: string[];\n /** Authorized tool IDs */\n authorizedToolIds: string[];\n /** Authorized prompt IDs */\n authorizedPromptIds: string[];\n}\n\n// ============================================\n// Zod Schemas\n// ============================================\n\nexport const authUserSchema = z.object({\n sub: z.string(),\n name: z.string().optional(),\n email: z.string().email().optional(),\n picture: z.string().url().optional(),\n anonymous: z.boolean().optional(),\n});\n\nexport const authorizedToolSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authorizedPromptSchema = z.object({\n executionPath: z.tuple([z.string(), z.string()]),\n scopes: z.array(z.string()).optional(),\n details: z.record(z.string(), z.unknown()).optional(),\n});\n\nexport const authModeSchema = z.enum(['public', 'transparent', 'orchestrated']);\n\nexport const llmSafeAuthContextSchema = z.object({\n authorizationId: z.string(),\n sessionId: z.string(),\n mode: authModeSchema,\n isAnonymous: z.boolean(),\n user: z.object({\n sub: z.string(),\n name: z.string().optional(),\n }),\n scopes: z.array(z.string()),\n authorizedToolIds: z.array(z.string()),\n authorizedPromptIds: z.array(z.string()),\n});\n\n// ============================================\n// Progressive/Incremental Authorization Types\n// ============================================\n\n/**\n * State of app authorization within a session.\n * Used for progressive authorization flow.\n */\nexport enum AppAuthState {\n /** App has been fully authorized with tokens stored */\n AUTHORIZED = 'authorized',\n /** User explicitly skipped this app during initial auth */\n SKIPPED = 'skipped',\n /** App authorization is pending (not yet presented to user) */\n PENDING = 'pending',\n}\n\n/**\n * App authorization record with state tracking.\n * Stored server-side, NOT in JWT.\n */\nexport interface AppAuthorizationRecord {\n /** App ID */\n appId: string;\n /** Current authorization state */\n state: AppAuthState;\n /** When the state was last changed (epoch ms) */\n stateChangedAt: number;\n /** Scopes granted for this app */\n grantedScopes?: string[];\n /** Auth provider ID used for this app */\n authProviderId?: string;\n /** Tool IDs accessible through this app authorization */\n toolIds: string[];\n}\n\n/**\n * Progressive auth session state.\n * Tracks which apps are authorized, skipped, or pending.\n * Stored server-side for security.\n */\nexport interface ProgressiveAuthState {\n /** App authorization records by app ID */\n apps: Record<string, AppAuthorizationRecord>;\n /** Apps authorized during initial auth */\n initiallyAuthorized: string[];\n /** Apps skipped during initial auth */\n initiallySkipped: string[];\n}\n\n/**\n * Zod schema for AppAuthState enum\n */\nexport const appAuthStateSchema = z.nativeEnum(AppAuthState);\n\n/**\n * Zod schema for AppAuthorizationRecord\n */\nexport const appAuthorizationRecordSchema = z.object({\n appId: z.string(),\n state: appAuthStateSchema,\n stateChangedAt: z.number(),\n grantedScopes: z.array(z.string()).optional(),\n authProviderId: z.string().optional(),\n toolIds: z.array(z.string()),\n});\n\n/**\n * Zod schema for ProgressiveAuthState\n */\nexport const progressiveAuthStateSchema = z.object({\n apps: z.record(z.string(), appAuthorizationRecordSchema),\n initiallyAuthorized: z.array(z.string()),\n initiallySkipped: z.array(z.string()),\n});\n"]}
package/src/auth/authorization/index.js DELETED
@@ -1,19 +0,0 @@
1
- "use strict";
2
- // auth/authorization/index.ts
3
- Object.defineProperty(exports, "__esModule", { value: true });
4
- exports.OrchestratedAuthorization = exports.TransparentAuthorization = exports.PublicAuthorization = exports.getMachineId = exports.AuthorizationBase = void 0;
5
- const tslib_1 = require("tslib");
6
- // Types
7
- tslib_1.__exportStar(require("./authorization.types"), exports);
8
- // Base class
9
- var authorization_class_1 = require("./authorization.class");
10
- Object.defineProperty(exports, "AuthorizationBase", { enumerable: true, get: function () { return authorization_class_1.AuthorizationBase; } });
11
- Object.defineProperty(exports, "getMachineId", { enumerable: true, get: function () { return authorization_class_1.getMachineId; } });
12
- // Mode-specific implementations
13
- var public_authorization_1 = require("./public.authorization");
14
- Object.defineProperty(exports, "PublicAuthorization", { enumerable: true, get: function () { return public_authorization_1.PublicAuthorization; } });
15
- var transparent_authorization_1 = require("./transparent.authorization");
16
- Object.defineProperty(exports, "TransparentAuthorization", { enumerable: true, get: function () { return transparent_authorization_1.TransparentAuthorization; } });
17
- var orchestrated_authorization_1 = require("./orchestrated.authorization");
18
- Object.defineProperty(exports, "OrchestratedAuthorization", { enumerable: true, get: function () { return orchestrated_authorization_1.OrchestratedAuthorization; } });
19
- //# sourceMappingURL=index.js.map
package/src/auth/authorization/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/auth/authorization/index.ts"],"names":[],"mappings":";AAAA,8BAA8B;;;;AAE9B,QAAQ;AACR,gEAAsC;AAEtC,aAAa;AACb,6DAAwE;AAA/D,wHAAA,iBAAiB,OAAA;AAAE,mHAAA,YAAY,OAAA;AAExC,gCAAgC;AAChC,+DAA2F;AAAlF,2HAAA,mBAAmB,OAAA;AAC5B,yEAIqC;AAHnC,qIAAA,wBAAwB,OAAA;AAI1B,2EAMsC;AALpC,uIAAA,yBAAyB,OAAA","sourcesContent":["// auth/authorization/index.ts\n\n// Types\nexport * from './authorization.types';\n\n// Base class\nexport { AuthorizationBase, getMachineId } from './authorization.class';\n\n// Mode-specific implementations\nexport { PublicAuthorization, PublicAuthorizationCreateCtx } from './public.authorization';\nexport {\n TransparentAuthorization,\n TransparentAuthorizationCreateCtx,\n TransparentVerifiedPayload,\n} from './transparent.authorization';\nexport {\n OrchestratedAuthorization,\n OrchestratedAuthorizationCreateCtx,\n OrchestratedProviderState,\n TokenStore,\n TokenRefreshCallback,\n} from './orchestrated.authorization';\n"]}