@frontmcp/sdk 0.9.0 → 0.11.0

package/auth/ui/base-layout.d.ts

@@ -1,181 +0,0 @@
-/**
- * Base Layout for Server-Rendered Pages
- *
- * Provides a consistent HTML shell with all CDN resources pre-configured:
- * - Tailwind CSS v4 (Browser CDN) - Utility-first CSS framework with @theme support
- * - Google Fonts (Inter) - Modern UI typography
- *
- * No build step required - all resources loaded from CDN at runtime.
- *
- * @example
- * ```typescript
- * // Basic usage
- * const html = baseLayout('<div>content</div>', { title: 'Page' });
- *
- * // With custom theme
- * const html = baseLayout('<div>content</div>', {
- *   title: 'Page',
- *   theme: {
- *     colors: {
- *       primary: '#3b82f6',
- *       'primary-dark': '#2563eb',
- *     },
- *   },
- * });
- * ```
- */
-/**
- * CDN URLs and versions - centralized for easy updates
- */
-export declare const CDN: {
-    /** Tailwind CSS v4 Browser CDN - generates styles on-the-fly with @theme support */
-    readonly tailwind: "https://cdn.jsdelivr.net/npm/@tailwindcss/browser@4";
-    /** Google Fonts - Inter for modern UI */
-    readonly fonts: {
-        readonly preconnect: readonly ["https://fonts.googleapis.com", "https://fonts.gstatic.com"];
-        readonly stylesheet: "https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap";
-    };
-};
-/**
- * Theme color configuration
- * Keys become CSS custom properties: --color-{key}
- */
-export interface ThemeColors {
-    /** Primary brand color */
-    primary?: string;
-    /** Darker primary for hover states */
-    'primary-dark'?: string;
-    /** Secondary brand color */
-    secondary?: string;
-    /** Accent color for highlights */
-    accent?: string;
-    /** Success state color */
-    success?: string;
-    /** Warning state color */
-    warning?: string;
-    /** Error/danger state color */
-    danger?: string;
-    /** Custom colors (any additional colors) */
-    [key: string]: string | undefined;
-}
-/**
- * Theme font configuration
- * Keys become CSS custom properties: --font-{key}
- */
-export interface ThemeFonts {
-    /** Sans-serif font family */
-    sans?: string;
-    /** Serif font family */
-    serif?: string;
-    /** Monospace font family */
-    mono?: string;
-    /** Custom fonts */
-    [key: string]: string | undefined;
-}
-/**
- * Complete theme configuration for FrontMCP UI
- */
-export interface ThemeConfig {
-    /** Custom colors */
-    colors?: ThemeColors;
-    /** Custom fonts */
-    fonts?: ThemeFonts;
-    /** Additional custom CSS variables (raw @theme content) */
-    customVars?: string;
-    /** Additional custom CSS (outside @theme) */
-    customCss?: string;
-}
-/**
- * Default theme with FrontMCP branding
- */
-export declare const DEFAULT_THEME: ThemeConfig;
-/**
- * Options for the base layout
- */
-export interface BaseLayoutOptions {
-    /** Page title (will be suffixed with " - FrontMCP") */
-    title: string;
-    /** Optional description for meta tag */
-    description?: string;
-    /** Include Tailwind CSS (default: true) */
-    includeTailwind?: boolean;
-    /** Include Google Fonts (default: true) */
-    includeFonts?: boolean;
-    /** Additional head content (scripts, styles, meta tags) */
-    headExtra?: string;
-    /** Body classes (default: 'bg-gray-50 min-h-screen font-sans antialiased') */
-    bodyClass?: string;
-    /** Theme configuration - colors, fonts, and custom CSS */
-    theme?: ThemeConfig;
-}
-/**
- * Escape HTML special characters to prevent XSS
- * Per OWASP guidelines, escapes: & < > " ' /
- *
- * @param str - The string to escape
- * @returns The escaped string safe for HTML content and attributes
- *
- * @example
- * escapeHtml('<script>alert("xss")</script>')
- * // => '&lt;script&gt;alert(&quot;xss&quot;)&lt;&#x2F;script&gt;'
- */
-export declare function escapeHtml(str: string): string;
-/**
- * Build the complete HTML document with CDN resources
- *
- * @param content - The page content (HTML string)
- * @param options - Layout configuration options
- * @returns Complete HTML document string
- *
- * @example
- * ```typescript
- * const html = baseLayout('<div>My content</div>', {
- *   title: 'Sign In',
- *   description: 'Sign in to your account',
- *   theme: {
- *     colors: {
- *       primary: '#ff6b6b',
- *     },
- *   },
- * });
- * ```
- */
-export declare function baseLayout(content: string, options: BaseLayoutOptions): string;
-/**
- * Create a layout wrapper function with preset options
- *
- * @param defaultOptions - Default options to apply to all pages
- * @returns A function that wraps content with the layout
- *
- * @example
- * ```typescript
- * const brandedLayout = createLayout({
- *   theme: {
- *     colors: {
- *       primary: '#ff6b6b',
- *       'primary-dark': '#ee5a5a',
- *     },
- *   },
- * });
- *
- * const html = brandedLayout('<div>Content</div>', { title: 'Page' });
- * ```
- */
-export declare function createLayout(defaultOptions: Partial<BaseLayoutOptions>): (content: string, options: BaseLayoutOptions) => string;
-/**
- * Default auth layout with standard styling
- */
-export declare const authLayout: (content: string, options: BaseLayoutOptions) => string;
-/**
- * Centered card layout for login/auth pages
- */
-export declare function centeredCardLayout(content: string, options: BaseLayoutOptions): string;
-/**
- * Wide layout for consent/selection pages
- */
-export declare function wideLayout(content: string, options: BaseLayoutOptions): string;
-/**
- * Extra wide layout for tool selection pages
- */
-export declare function extraWideLayout(content: string, options: BaseLayoutOptions): string;
-//# sourceMappingURL=base-layout.d.ts.map

package/auth/ui/base-layout.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"base-layout.d.ts","sourceRoot":"","sources":["../../../src/auth/ui/base-layout.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAMH;;GAEG;AACH,eAAO,MAAM,GAAG;IACd,oFAAoF;;IAGpF,yCAAyC;;;;;CAKjC,CAAC;AAMX;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,0BAA0B;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,sCAAsC;IACtC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,4BAA4B;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kCAAkC;IAClC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,0BAA0B;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0BAA0B;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,4CAA4C;IAC5C,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,6BAA6B;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,wBAAwB;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,mBAAmB;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,oBAAoB;IACpB,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,mBAAmB;IACnB,KAAK,CAAC,EAAE,UAAU,CAAC;IACnB,2DAA2D;IAC3D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,6CAA6C;IAC7C,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,WAa3B,CAAC;AAMF;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,uDAAuD;IACvD,KAAK,EAAE,MAAM,CAAC;IAEd,wCAAwC;IACxC,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,2CAA2C;IAC3C,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B,2CAA2C;IAC3C,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,2DAA2D;IAC3D,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,8EAA8E;IAC9E,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,0DAA0D;IAC1D,KAAK,CAAC,EAAE,WAAW,CAAC;CACrB;AAMD;;;;;;;;;;GAUG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAQ9C;AAsCD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAkE9E;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,YAAY,CAC1B,cAAc,EAAE,OAAO,CAAC,iBAAiB,CAAC,GACzC,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,KAAK,MAAM,CAmBzD;AAMD;;GAEG;AACH,eAAO,MAAM,UAAU,YA5BV,MAAM,WAAW,iBAAiB,KAAK,MA8BlD,CAAC;AAEH;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAYtF;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAS9E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,GAAG,MAAM,CASnF"}

package/auth/ui/index.d.ts

@@ -1,11 +0,0 @@
-/**
- * Auth UI Module
- *
- * Server-rendered UI templates for OAuth flows with Tailwind CSS (CDN)
- * and Google Fonts.
- *
- * No build step required - all rendering is done at runtime.
- */
-export { CDN, DEFAULT_THEME, type ThemeColors, type ThemeFonts, type ThemeConfig, type BaseLayoutOptions, baseLayout, createLayout, authLayout, centeredCardLayout, wideLayout, extraWideLayout, escapeHtml, } from './base-layout';
-export { type AppAuthCard, type ProviderCard, type ToolCard, buildConsentPage, buildIncrementalAuthPage, buildFederatedLoginPage, buildToolConsentPage, buildLoginPage, buildErrorPage, renderToHtml, } from './templates';
-//# sourceMappingURL=index.d.ts.map

package/auth/ui/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/ui/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EACL,GAAG,EACH,aAAa,EACb,KAAK,WAAW,EAChB,KAAK,UAAU,EACf,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,UAAU,EACV,YAAY,EACZ,UAAU,EACV,kBAAkB,EAClB,UAAU,EACV,eAAe,EACf,UAAU,GACX,MAAM,eAAe,CAAC;AAGvB,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,QAAQ,EAEb,gBAAgB,EAChB,wBAAwB,EACxB,uBAAuB,EACvB,oBAAoB,EACpB,cAAc,EACd,cAAc,EAEd,YAAY,GACb,MAAM,aAAa,CAAC"}

package/auth/ui/templates.d.ts

@@ -1,135 +0,0 @@
-/**
- * Template Builders for OAuth UI
- *
- * Server-side HTML rendering with Tailwind CSS for OAuth authorization flows.
- * No build step required - pure runtime rendering with Tailwind CSS CDN.
- *
- * Features:
- * - OAuth consent page with multiple apps
- * - Incremental authorization page for single app
- * - Federated login page for multi-provider selection
- * - All pages use Tailwind CSS from CDN (no build required)
- * - Google Fonts (Inter) for modern typography
- *
- * Uses base-layout.ts for consistent HTML shell with CDN resources.
- */
-import { escapeHtml as baseEscapeHtml } from './base-layout';
-/**
- * App information for authorization cards
- */
-export interface AppAuthCard {
-    /** App identifier */
-    appId: string;
-    /** Display name */
-    appName: string;
-    /** App description */
-    description?: string;
-    /** Icon URL (optional, will use initials fallback) */
-    iconUrl?: string;
-    /** Scopes required by this app */
-    requiredScopes?: string[];
-}
-/**
- * Provider information for federated login
- */
-export interface ProviderCard {
-    /** Provider identifier */
-    providerId: string;
-    /** Display name */
-    providerName: string;
-    /** Provider URL (for remote providers) */
-    providerUrl?: string;
-    /** Auth mode */
-    mode: string;
-    /** App IDs associated with this provider */
-    appIds: string[];
-    /** Whether this is the parent/primary provider */
-    isPrimary?: boolean;
-}
-/**
- * Tool information for consent page
- */
-export interface ToolCard {
-    /** Tool identifier */
-    toolId: string;
-    /** Display name */
-    toolName: string;
-    /** Tool description */
-    description?: string;
-    /** Parent app ID */
-    appId: string;
-    /** Parent app name */
-    appName: string;
-}
-/**
- * Escape HTML special characters
- * Re-exported from base-layout for convenience
- */
-export declare const escapeHtml: typeof baseEscapeHtml;
-/**
- * Build OAuth consent page with Tailwind
- * Shows all apps at once with Authorize/Skip buttons
- */
-export declare function buildConsentPage(params: {
-    apps: AppAuthCard[];
-    clientName: string;
-    pendingAuthId: string;
-    csrfToken: string;
-    callbackPath: string;
-}): string;
-/**
- * Build incremental auth page (single app) with Tailwind
- * Used when a tool requires authorization for a skipped app
- */
-export declare function buildIncrementalAuthPage(params: {
-    app: AppAuthCard;
-    toolId: string;
-    sessionHint: string;
-    callbackPath: string;
-}): string;
-/**
- * Build federated login page for multi-provider selection
- */
-export declare function buildFederatedLoginPage(params: {
-    providers: ProviderCard[];
-    clientName: string;
-    pendingAuthId: string;
-    csrfToken: string;
-    callbackPath: string;
-}): string;
-/**
- * Build consent page for tool selection
- */
-export declare function buildToolConsentPage(params: {
-    tools: ToolCard[];
-    clientName: string;
-    pendingAuthId: string;
-    csrfToken: string;
-    callbackPath: string;
-    userName?: string;
-    userEmail?: string;
-}): string;
-/**
- * Build simple login page
- */
-export declare function buildLoginPage(params: {
-    clientName: string;
-    scope: string;
-    pendingAuthId: string;
-    callbackPath: string;
-}): string;
-/**
- * Build error page
- */
-export declare function buildErrorPage(params: {
-    error: string;
-    description: string;
-}): string;
-/**
- * Simple wrapper for compatibility - just returns the HTML string
- * (Templates are already complete HTML documents)
- */
-export declare function renderToHtml(html: string, _options?: {
-    title?: string;
-}): string;
-//# sourceMappingURL=templates.d.ts.map

package/auth/ui/templates.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"templates.d.ts","sourceRoot":"","sources":["../../../src/auth/ui/templates.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAKL,UAAU,IAAI,cAAc,EAC7B,MAAM,eAAe,CAAC;AAMvB;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,qBAAqB;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,sBAAsB;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,sDAAsD;IACtD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,kDAAkD;IAClD,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,sBAAsB;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,mBAAmB;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,oBAAoB;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;CACjB;AAMD;;;GAGG;AACH,eAAO,MAAM,UAAU,uBAAiB,CAAC;AAMzC;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE;IACvC,IAAI,EAAE,WAAW,EAAE,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,MAAM,CAoBT;AA6DD;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE;IAC/C,GAAG,EAAE,WAAW,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,MAAM,CAwDT;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE;IAC9C,SAAS,EAAE,YAAY,EAAE,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,MAAM,CAkFT;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC3C,KAAK,EAAE,QAAQ,EAAE,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,MAAM,CAgHT;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE;IACrC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,GAAG,MAAM,CAkDT;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAsBrF;AAMD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAEhF"}

package/auth/utils/authorization-id.utils.d.ts

@@ -1,12 +0,0 @@
-/**
- * Derive a consistent authorization ID from a JWT token.
- *
- * Uses the token's signature (third part) to generate a deterministic
- * ID that uniquely identifies this authorization without exposing
- * the full token.
- *
- * @param token - JWT token string
- * @returns 16-character hex string authorization ID
- */
-export declare function deriveAuthorizationId(token: string): string;
-//# sourceMappingURL=authorization-id.utils.d.ts.map

package/auth/utils/authorization-id.utils.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"authorization-id.utils.d.ts","sourceRoot":"","sources":["../../../src/auth/utils/authorization-id.utils.ts"],"names":[],"mappings":"AAIA;;;;;;;;;GASG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAI3D"}

package/auth/utils/index.d.ts

@@ -1,2 +0,0 @@
-export * from './authorization-id.utils';
-//# sourceMappingURL=index.d.ts.map

package/auth/utils/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/utils/index.ts"],"names":[],"mappings":"AAEA,cAAc,0BAA0B,CAAC"}

package/auth/vault/auth-providers.accessor.d.ts

@@ -1,153 +0,0 @@
-/**
- * AuthProvidersAccessor - Interface for accessing auth provider credentials
- *
- * This interface provides the runtime API for tools to access credentials
- * from registered auth providers. It supports:
- * - Credential retrieval by provider name
- * - Lazy loading with session-scoped caching
- * - Automatic token refresh for OAuth providers
- * - Headers generation for HTTP requests
- */
-import { Token } from '@frontmcp/di';
-import type { Credential, ResolvedCredential, GetCredentialOptions } from '@frontmcp/auth';
-/**
- * AuthProvidersAccessor - Runtime accessor for auth providers in tool contexts.
- *
- * Available in tool execution via `this.authProviders`:
- * ```typescript
- * @Tool({ name: 'my_tool' })
- * class MyTool extends ToolContext {
- *   async execute(input: Input) {
- *     const github = await this.authProviders.get('github');
- *     const headers = await this.authProviders.headers('github');
- *   }
- * }
- * ```
- */
-export interface AuthProvidersAccessor {
-    /**
-     * Get a credential by provider name.
-     *
-     * @param providerName - Registered provider name (e.g., 'github', 'google')
-     * @param options - Retrieval options (forceRefresh, scopes, timeout)
-     * @returns Resolved credential or null if not available
-     *
-     * @example
-     * ```typescript
-     * const cred = await this.authProviders.get('github');
-     * if (cred?.credential.type === 'oauth') {
-     *   const token = cred.credential.accessToken;
-     * }
-     * ```
-     *
-     * @example Force refresh
-     * ```typescript
-     * const cred = await this.authProviders.get('github', { forceRefresh: true });
-     * ```
-     */
-    get<T extends Credential = Credential>(providerName: string, options?: GetCredentialOptions): Promise<ResolvedCredential<T> | null>;
-    /**
-     * Get multiple credentials by provider names.
-     * Executes all retrievals in parallel for efficiency.
-     *
-     * @param providerNames - Array of provider names
-     * @param options - Retrieval options applied to all providers
-     * @returns Map of provider name to resolved credential (null if not available)
-     *
-     * @example
-     * ```typescript
-     * const creds = await this.authProviders.getMany(['github', 'jira']);
-     * const github = creds.get('github');
-     * const jira = creds.get('jira');
-     * ```
-     */
-    getMany(providerNames: string[], options?: GetCredentialOptions): Promise<Map<string, ResolvedCredential | null>>;
-    /**
-     * Get headers for a provider (convenience method).
-     * Automatically handles different credential types:
-     * - OAuth/Bearer: `Authorization: Bearer <token>`
-     * - API Key: Uses configured header name
-     * - Basic: `Authorization: Basic <base64>`
-     *
-     * @param providerName - Provider name
-     * @returns Headers record or empty object if not available
-     *
-     * @example
-     * ```typescript
-     * const headers = await this.authProviders.headers('github');
-     * const response = await fetch(url, { headers });
-     * ```
-     */
-    headers(providerName: string): Promise<Record<string, string>>;
-    /**
-     * Get headers for multiple providers merged into a single object.
-     * Later providers override earlier ones if headers conflict.
-     *
-     * @param providerNames - Array of provider names
-     * @returns Merged headers from all providers
-     */
-    headersMany(providerNames: string[]): Promise<Record<string, string>>;
-    /**
-     * Force refresh a credential (for OAuth token refresh).
-     * Uses the provider's refresh function if available, otherwise calls factory.
-     *
-     * @param providerName - Provider name to refresh
-     * @returns New credential or null if refresh failed
-     *
-     * @example
-     * ```typescript
-     * // On 401 response, try refreshing
-     * if (response.status === 401) {
-     *   const newCred = await this.authProviders.refresh('github');
-     *   if (newCred) {
-     *     // Retry request with new credential
-     *   }
-     * }
-     * ```
-     */
-    refresh(providerName: string): Promise<ResolvedCredential | null>;
-    /**
-     * Check if a provider credential is available and valid.
-     * Does not trigger credential loading.
-     *
-     * @param providerName - Provider name
-     * @returns true if credential exists in cache/vault and is valid
-     */
-    has(providerName: string): Promise<boolean>;
-    /**
-     * Check if a provider is registered (regardless of credential availability).
-     *
-     * @param providerName - Provider name
-     * @returns true if provider is registered
-     */
-    isRegistered(providerName: string): boolean;
-    /**
-     * Invalidate cached credential (triggers reload on next access).
-     * Does not remove from persistent vault storage.
-     *
-     * @param providerName - Provider name to invalidate
-     */
-    invalidate(providerName: string): void;
-    /**
-     * Invalidate all cached credentials for this session.
-     */
-    invalidateAll(): void;
-    /**
-     * List all registered provider names.
-     */
-    listProviders(): string[];
-    /**
-     * List all available credentials (loaded in cache or vault).
-     */
-    listAvailable(): Promise<string[]>;
-}
-/**
- * DI Token for AuthProvidersAccessor
- *
- * Used to resolve the accessor in tool contexts:
- * ```typescript
- * const accessor = this.get(AUTH_PROVIDERS_ACCESSOR);
- * ```
- */
-export declare const AUTH_PROVIDERS_ACCESSOR: Token<AuthProvidersAccessor>;
-//# sourceMappingURL=auth-providers.accessor.d.ts.map

package/auth/vault/auth-providers.accessor.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-providers.accessor.d.ts","sourceRoot":"","sources":["../../../src/auth/vault/auth-providers.accessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AACrC,OAAO,KAAK,EAAE,UAAU,EAAE,kBAAkB,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAE3F;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,GAAG,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACnC,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAEzC;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,GAAG,IAAI,CAAC,CAAC,CAAC;IAElH;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAE/D;;;;;;OAMG;IACH,WAAW,CAAC,aAAa,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAEtE;;;;;;;;;;;;;;;;;OAiBG;IACH,OAAO,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAElE;;;;;;OAMG;IACH,GAAG,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAE5C;;;;;OAKG;IACH,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC;IAE5C;;;;;OAKG;IACH,UAAU,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAEvC;;OAEG;IACH,aAAa,IAAI,IAAI,CAAC;IAEtB;;OAEG;IACH,aAAa,IAAI,MAAM,EAAE,CAAC;IAE1B;;OAEG;IACH,aAAa,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CACpC;AAED;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB,EAAqD,KAAK,CAAC,qBAAqB,CAAC,CAAC"}

package/auth/vault/auth-providers.accessor.impl.d.ts

@@ -1,52 +0,0 @@
-/**
- * AuthProvidersAccessorImpl - Implementation of AuthProvidersAccessor
- *
- * Provides runtime access to credential providers in tool contexts.
- * Handles caching, vault storage, lazy loading, and credential refresh.
- */
-import type { Credential, CredentialCache, CredentialFactoryContext, GetCredentialOptions, ResolvedCredential } from '@frontmcp/auth';
-import type { AuthProvidersAccessor } from './auth-providers.accessor';
-import type { AuthProvidersRegistry } from './auth-providers.registry';
-import type { AuthProvidersVault } from './auth-providers.vault';
-import type { LazyCredentialLoader } from './credential-loaders/lazy-loader';
-import { FrontMcpLogger } from '../../common';
-/**
- * AuthProvidersAccessorImpl - Runtime implementation
- */
-export declare class AuthProvidersAccessorImpl implements AuthProvidersAccessor {
-    private readonly registry;
-    private readonly vault;
-    private readonly cache;
-    private readonly loader;
-    private readonly context;
-    private readonly logger?;
-    constructor(registry: AuthProvidersRegistry, vault: AuthProvidersVault, cache: CredentialCache, loader: LazyCredentialLoader, context: CredentialFactoryContext, logger?: FrontMcpLogger);
-    get<T extends Credential = Credential>(providerName: string, options?: GetCredentialOptions): Promise<ResolvedCredential<T> | null>;
-    getMany(providerNames: string[], options?: GetCredentialOptions): Promise<Map<string, ResolvedCredential | null>>;
-    headers(providerName: string): Promise<Record<string, string>>;
-    headersMany(providerNames: string[]): Promise<Record<string, string>>;
-    refresh(providerName: string): Promise<ResolvedCredential | null>;
-    has(providerName: string): Promise<boolean>;
-    isRegistered(providerName: string): boolean;
-    invalidate(providerName: string): void;
-    invalidateAll(): void;
-    listProviders(): string[];
-    listAvailable(): Promise<string[]>;
-    /**
-     * Load credential from vault storage
-     */
-    private loadFromVault;
-    /**
-     * Store credential in vault storage
-     */
-    private storeInVault;
-    /**
-     * Check if a resolved credential is still valid
-     */
-    private isValid;
-    /**
-     * Generate default headers for a credential type
-     */
-    private defaultHeaders;
-}
-//# sourceMappingURL=auth-providers.accessor.impl.d.ts.map

package/auth/vault/auth-providers.accessor.impl.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-providers.accessor.impl.d.ts","sourceRoot":"","sources":["../../../src/auth/vault/auth-providers.accessor.impl.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,UAAU,EACV,eAAe,EACf,wBAAwB,EACxB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACvE,OAAO,KAAK,EAAE,qBAAqB,EAA4B,MAAM,2BAA2B,CAAC;AACjG,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AACjE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE9C;;GAEG;AACH,qBAAa,yBAA0B,YAAW,qBAAqB;IAInE,OAAO,CAAC,QAAQ,CAAC,QAAQ;IACzB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAP1B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAiB;gBAGtB,QAAQ,EAAE,qBAAqB,EAC/B,KAAK,EAAE,kBAAkB,EACzB,KAAK,EAAE,eAAe,EACtB,MAAM,EAAE,oBAAoB,EAC5B,OAAO,EAAE,wBAAwB,EAClD,MAAM,CAAC,EAAE,cAAc;IAKnB,GAAG,CAAC,CAAC,SAAS,UAAU,GAAG,UAAU,EACzC,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAwClC,OAAO,CACX,aAAa,EAAE,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,GAAG,IAAI,CAAC,CAAC;IAuB5C,OAAO,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAc9D,WAAW,CAAC,aAAa,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAWrE,OAAO,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC;IAgCjE,GAAG,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAqBjD,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAI3C,UAAU,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAKtC,aAAa,IAAI,IAAI;IAKrB,aAAa,IAAI,MAAM,EAAE;IAInB,aAAa,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAYxC;;OAEG;YACW,aAAa;IA8B3B;;OAEG;YACW,YAAY;IAkB1B;;OAEG;IACH,OAAO,CAAC,OAAO;IAYf;;OAEG;IACH,OAAO,CAAC,cAAc;CAmCvB"}