@hexabot-ai/api 3.2.2-alpha.9 → 3.2.2-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/actions.service.d.ts +1 -0
- package/dist/actions/actions.service.js +19 -1
- package/dist/actions/actions.service.js.map +1 -1
- package/dist/actions/types.d.ts +3 -1
- package/dist/app.controller.d.ts +1 -0
- package/dist/app.controller.js +1 -0
- package/dist/app.controller.js.map +1 -1
- package/dist/app.module.js +13 -1
- package/dist/app.module.js.map +1 -1
- package/dist/config/index.js +14 -2
- package/dist/config/index.js.map +1 -1
- package/dist/config/types.d.ts +9 -0
- package/dist/extensions/actions/ai/agent.action.d.ts +1 -1
- package/dist/extensions/actions/ai/agent.action.js +6 -3
- package/dist/extensions/actions/ai/agent.action.js.map +1 -1
- package/dist/extensions/actions/ai/ai-base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/ai-base.action.js +18 -5
- package/dist/extensions/actions/ai/ai-base.action.js.map +1 -1
- package/dist/extensions/actions/ai/generate-object.base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/generate-object.base.action.js +3 -2
- package/dist/extensions/actions/ai/generate-object.base.action.js.map +1 -1
- package/dist/extensions/actions/ai/generate-text.base.action.d.ts +1 -1
- package/dist/extensions/actions/ai/generate-text.base.action.js +3 -2
- package/dist/extensions/actions/ai/generate-text.base.action.js.map +1 -1
- package/dist/extensions/actions/ai/mcp.binding.js +2 -0
- package/dist/extensions/actions/ai/mcp.binding.js.map +1 -1
- package/dist/extensions/actions/ai/memory.binding.js +2 -0
- package/dist/extensions/actions/ai/memory.binding.js.map +1 -1
- package/dist/extensions/actions/ai/retrieve-content-rag.action.js +2 -0
- package/dist/extensions/actions/ai/retrieve-content-rag.action.js.map +1 -1
- package/dist/extensions/actions/messaging/list.action.d.ts +2 -2
- package/dist/extensions/actions/messaging/list.action.js +7 -0
- package/dist/extensions/actions/messaging/list.action.js.map +1 -1
- package/dist/extensions/actions/subscriber/update-labels.action.js +3 -0
- package/dist/extensions/actions/subscriber/update-labels.action.js.map +1 -1
- package/dist/extensions/actions/web/http-request.action.js +12 -1
- package/dist/extensions/actions/web/http-request.action.js.map +1 -1
- package/dist/extensions/actions/workflow/call-workflow.action.d.ts +19 -0
- package/dist/extensions/actions/workflow/call-workflow.action.js +83 -0
- package/dist/extensions/actions/workflow/call-workflow.action.js.map +1 -0
- package/dist/extensions/actions/workflow/i18n/en.translations.json +9 -0
- package/dist/extensions/actions/workflow/i18n/fr.translations.json +9 -0
- package/dist/extensions/index.d.ts +1 -0
- package/dist/extensions/index.js +1 -0
- package/dist/extensions/index.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/mcp/controllers/mcp-token.controller.d.ts +47 -0
- package/dist/mcp/controllers/mcp-token.controller.js +70 -0
- package/dist/mcp/controllers/mcp-token.controller.js.map +1 -0
- package/dist/mcp/decorators/mcp-permission.decorator.d.ts +8 -0
- package/dist/mcp/decorators/mcp-permission.decorator.js +11 -0
- package/dist/mcp/decorators/mcp-permission.decorator.js.map +1 -0
- package/dist/mcp/dto/mcp-token.dto.d.ts +17 -0
- package/dist/mcp/dto/mcp-token.dto.js +40 -0
- package/dist/mcp/dto/mcp-token.dto.js.map +1 -0
- package/dist/mcp/entities/mcp-token.entity.d.ts +111 -0
- package/dist/mcp/entities/mcp-token.entity.js +69 -0
- package/dist/mcp/entities/mcp-token.entity.js.map +1 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.d.ts +9 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.js +49 -0
- package/dist/mcp/guards/hexabot-mcp-token.guard.js.map +1 -0
- package/dist/mcp/guards/mcp-permission.guard.d.ts +9 -0
- package/dist/mcp/guards/mcp-permission.guard.js +47 -0
- package/dist/mcp/guards/mcp-permission.guard.js.map +1 -0
- package/dist/mcp/mcp-api.module.d.ts +2 -0
- package/dist/mcp/mcp-api.module.js +65 -0
- package/dist/mcp/mcp-api.module.js.map +1 -0
- package/dist/mcp/repositories/mcp-token.repository.d.ts +8 -0
- package/dist/mcp/repositories/mcp-token.repository.js +41 -0
- package/dist/mcp/repositories/mcp-token.repository.js.map +1 -0
- package/dist/mcp/services/mcp-token.service.d.ts +24 -0
- package/dist/mcp/services/mcp-token.service.js +106 -0
- package/dist/mcp/services/mcp-token.service.js.map +1 -0
- package/dist/mcp/tools/catalog-mcp.tools.d.ts +63 -0
- package/dist/mcp/tools/catalog-mcp.tools.js +135 -0
- package/dist/mcp/tools/catalog-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/cms-mcp.tools.d.ts +128 -0
- package/dist/mcp/tools/cms-mcp.tools.js +242 -0
- package/dist/mcp/tools/cms-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/credential-mcp.tools.d.ts +19 -0
- package/dist/mcp/tools/credential-mcp.tools.js +82 -0
- package/dist/mcp/tools/credential-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.d.ts +22 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.js +48 -0
- package/dist/mcp/tools/hexabot-mcp-tool.base.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.d.ts +41 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.js +36 -0
- package/dist/mcp/tools/hexabot-mcp.schemas.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.tools.d.ts +1 -0
- package/dist/mcp/tools/hexabot-mcp.tools.js +18 -0
- package/dist/mcp/tools/hexabot-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/hexabot-mcp.utils.d.ts +2 -0
- package/dist/mcp/tools/hexabot-mcp.utils.js +21 -0
- package/dist/mcp/tools/hexabot-mcp.utils.js.map +1 -0
- package/dist/mcp/tools/index.d.ts +22 -0
- package/dist/mcp/tools/index.js +50 -0
- package/dist/mcp/tools/index.js.map +1 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.d.ts +77 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.js +130 -0
- package/dist/mcp/tools/mcp-server-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.d.ts +57 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.js +128 -0
- package/dist/mcp/tools/memory-definition-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-mcp.helper.d.ts +156 -0
- package/dist/mcp/tools/workflow-mcp.helper.js +128 -0
- package/dist/mcp/tools/workflow-mcp.helper.js.map +1 -0
- package/dist/mcp/tools/workflow-mcp.tools.d.ts +790 -0
- package/dist/mcp/tools/workflow-mcp.tools.js +227 -0
- package/dist/mcp/tools/workflow-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.d.ts +349 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.js +242 -0
- package/dist/mcp/tools/workflow-run-mcp.tools.js.map +1 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.d.ts +238 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.js +368 -0
- package/dist/mcp/tools/workflow-version-mcp.tools.js.map +1 -0
- package/dist/mcp/types.d.ts +7 -0
- package/dist/mcp/types.js +3 -0
- package/dist/mcp/types.js.map +1 -0
- package/dist/static/assets/{browser-ponyfill-Qk7qpw-i.js → browser-ponyfill-D1dKqhtP.js} +2 -2
- package/dist/static/assets/{cssMode-CdhvY6oD.js → cssMode-DplazEqd.js} +1 -1
- package/dist/static/assets/{freemarker2-BPoURZH1.js → freemarker2-oSA1bGAm.js} +1 -1
- package/dist/static/assets/{handlebars-C4oubER1.js → handlebars-CcC7EgN2.js} +1 -1
- package/dist/static/assets/{html-CDE5RgVN.js → html-CcFTB7eP.js} +1 -1
- package/dist/static/assets/{htmlMode-C8edIUUq.js → htmlMode-g5g2wCUD.js} +1 -1
- package/dist/static/assets/{index-C1NxBXuS.js → index-CMp45yDR.js} +2379 -2330
- package/dist/static/assets/{index-BI1BtkYv.css → index-D-b9KTZd.css} +1 -1
- package/dist/static/assets/{javascript-Wp5m7adK.js → javascript-Dv0J7ioP.js} +1 -1
- package/dist/static/assets/{jsonMode-0eww5Srr.js → jsonMode-CzBkKOe4.js} +1 -1
- package/dist/static/assets/{liquid-DTktXITv.js → liquid-CptRs_ZU.js} +1 -1
- package/dist/static/assets/{lspLanguageFeatures-BzIRlKhn.js → lspLanguageFeatures-DXNU_upS.js} +1 -1
- package/dist/static/assets/{mdx-D508emqD.js → mdx-af00eMTm.js} +1 -1
- package/dist/static/assets/{python-BfhIq2kX.js → python-CNcx7i3L.js} +1 -1
- package/dist/static/assets/{razor-C7F8fOds.js → razor-BL_MSmP7.js} +1 -1
- package/dist/static/assets/{tsMode-B8zPu6Wl.js → tsMode-BWD4nt2F.js} +1 -1
- package/dist/static/assets/{typescript-Dew3VavZ.js → typescript-BbKUic6G.js} +1 -1
- package/dist/static/assets/{xml-B_2tc6Mh.js → xml-DFx6l4N0.js} +1 -1
- package/dist/static/assets/{yaml-pHcw4KrS.js → yaml-BNuTzPxo.js} +1 -1
- package/dist/static/index.html +2 -2
- package/dist/static/locales/en/translation.json +89 -4
- package/dist/static/locales/fr/translation.json +90 -5
- package/dist/transfer/adapters/content-type-transfer.adapter.d.ts +14 -0
- package/dist/transfer/adapters/content-type-transfer.adapter.js +102 -0
- package/dist/transfer/adapters/content-type-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/credential-transfer.adapter.d.ts +13 -0
- package/dist/transfer/adapters/credential-transfer.adapter.js +110 -0
- package/dist/transfer/adapters/credential-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/label-transfer.adapter.d.ts +15 -0
- package/dist/transfer/adapters/label-transfer.adapter.js +189 -0
- package/dist/transfer/adapters/label-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.d.ts +16 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.js +169 -0
- package/dist/transfer/adapters/mcp-server-transfer.adapter.js.map +1 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.d.ts +14 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.js +111 -0
- package/dist/transfer/adapters/memory-definition-transfer.adapter.js.map +1 -0
- package/dist/transfer/index.d.ts +7 -0
- package/dist/transfer/index.js +24 -0
- package/dist/transfer/index.js.map +1 -0
- package/dist/transfer/workflow-transfer-adapter.registry.d.ts +27 -0
- package/dist/transfer/workflow-transfer-adapter.registry.js +164 -0
- package/dist/transfer/workflow-transfer-adapter.registry.js.map +1 -0
- package/dist/transfer/workflow-transfer-definition.service.d.ts +40 -0
- package/dist/transfer/workflow-transfer-definition.service.js +353 -0
- package/dist/transfer/workflow-transfer-definition.service.js.map +1 -0
- package/dist/transfer/workflow-transfer-resource-adapter.d.ts +33 -0
- package/dist/transfer/workflow-transfer-resource-adapter.js +81 -0
- package/dist/transfer/workflow-transfer-resource-adapter.js.map +1 -0
- package/dist/transfer/workflow-transfer.controller.d.ts +9 -0
- package/dist/transfer/workflow-transfer.controller.js +63 -0
- package/dist/transfer/workflow-transfer.controller.js.map +1 -0
- package/dist/transfer/workflow-transfer.module.d.ts +2 -0
- package/dist/transfer/workflow-transfer.module.js +47 -0
- package/dist/transfer/workflow-transfer.module.js.map +1 -0
- package/dist/transfer/workflow-transfer.service.d.ts +51 -0
- package/dist/transfer/workflow-transfer.service.js +509 -0
- package/dist/transfer/workflow-transfer.service.js.map +1 -0
- package/dist/transfer/workflow-transfer.types.d.ts +31 -0
- package/dist/transfer/workflow-transfer.types.js +35 -0
- package/dist/transfer/workflow-transfer.types.js.map +1 -0
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/types/event-emitter.d.ts +12 -5
- package/dist/user/dto/user.dto.d.ts +1 -1
- package/dist/user/guards/ability.guard.js +12 -2
- package/dist/user/guards/ability.guard.js.map +1 -1
- package/dist/utils/test/fixtures/label-group.d.ts +1 -1
- package/dist/utils/test/fixtures/label.d.ts +1 -1
- package/dist/utils/test/fixtures/subscriber.d.ts +1 -1
- package/dist/utils/test/fixtures/workflow-run.js +4 -1
- package/dist/utils/test/fixtures/workflow-run.js.map +1 -1
- package/dist/utils/test/port.d.ts +8 -0
- package/dist/utils/test/port.js +34 -0
- package/dist/utils/test/port.js.map +1 -0
- package/dist/websocket/websocket.gateway.d.ts +2 -1
- package/dist/websocket/websocket.gateway.js.map +1 -1
- package/dist/workflow/contexts/workflow-runtime.context.d.ts +3 -1
- package/dist/workflow/contexts/workflow-runtime.context.js +5 -0
- package/dist/workflow/contexts/workflow-runtime.context.js.map +1 -1
- package/dist/workflow/controllers/workflow-run.controller.js +2 -0
- package/dist/workflow/controllers/workflow-run.controller.js.map +1 -1
- package/dist/workflow/dto/workflow-run.dto.d.ts +1 -0
- package/dist/workflow/dto/workflow-run.dto.js +11 -0
- package/dist/workflow/dto/workflow-run.dto.js.map +1 -1
- package/dist/workflow/entities/memory-record.entity.d.ts +2 -0
- package/dist/workflow/entities/workflow-run.entity.d.ts +62 -0
- package/dist/workflow/entities/workflow-run.entity.js +15 -1
- package/dist/workflow/entities/workflow-run.entity.js.map +1 -1
- package/dist/workflow/index.d.ts +7 -0
- package/dist/workflow/index.js +7 -0
- package/dist/workflow/index.js.map +1 -1
- package/dist/workflow/repositories/workflow-run.repository.js +7 -1
- package/dist/workflow/repositories/workflow-run.repository.js.map +1 -1
- package/dist/workflow/resource-refs.d.ts +17 -0
- package/dist/workflow/resource-refs.js +15 -0
- package/dist/workflow/resource-refs.js.map +1 -0
- package/dist/workflow/services/agentic.service.d.ts +9 -2
- package/dist/workflow/services/agentic.service.js +142 -19
- package/dist/workflow/services/agentic.service.js.map +1 -1
- package/dist/workflow/services/workflow-run.service.d.ts +3 -0
- package/dist/workflow/services/workflow-run.service.js +75 -3
- package/dist/workflow/services/workflow-run.service.js.map +1 -1
- package/dist/workflow/services/workflow-version.service.d.ts +2 -0
- package/dist/workflow/services/workflow-version.service.js +19 -0
- package/dist/workflow/services/workflow-version.service.js.map +1 -1
- package/dist/workflow/services/workflow.service.d.ts +13 -9
- package/dist/workflow/services/workflow.service.js +64 -35
- package/dist/workflow/services/workflow.service.js.map +1 -1
- package/dist/workflow/types.d.ts +31 -0
- package/dist/workflow/types.js +2 -1
- package/dist/workflow/types.js.map +1 -1
- package/dist/workflow/workflow.module.js +3 -0
- package/dist/workflow/workflow.module.js.map +1 -1
- package/package.json +8 -6
- package/src/actions/actions.service.ts +34 -4
- package/src/actions/types.ts +6 -5
- package/src/app.controller.ts +1 -0
- package/src/app.module.ts +17 -1
- package/src/config/index.ts +17 -2
- package/src/config/types.ts +9 -0
- package/src/extensions/actions/ai/agent.action.ts +6 -1
- package/src/extensions/actions/ai/ai-base.action.ts +39 -5
- package/src/extensions/actions/ai/generate-object.base.action.ts +3 -0
- package/src/extensions/actions/ai/generate-text.base.action.ts +3 -0
- package/src/extensions/actions/ai/mcp.binding.ts +2 -0
- package/src/extensions/actions/ai/memory.binding.ts +2 -0
- package/src/extensions/actions/ai/retrieve-content-rag.action.ts +2 -0
- package/src/extensions/actions/messaging/list.action.ts +7 -0
- package/src/extensions/actions/subscriber/update-labels.action.ts +3 -0
- package/src/extensions/actions/web/http-request.action.ts +17 -1
- package/src/extensions/actions/workflow/call-workflow.action.ts +112 -0
- package/src/extensions/actions/workflow/i18n/en.translations.json +9 -0
- package/src/extensions/actions/workflow/i18n/fr.translations.json +9 -0
- package/src/extensions/index.ts +2 -0
- package/src/index.ts +2 -0
- package/src/mcp/README.md +277 -0
- package/src/mcp/controllers/mcp-token.controller.ts +64 -0
- package/src/mcp/decorators/mcp-permission.decorator.ts +23 -0
- package/src/mcp/dto/mcp-token.dto.ts +48 -0
- package/src/mcp/entities/mcp-token.entity.ts +60 -0
- package/src/mcp/guards/hexabot-mcp-token.guard.ts +55 -0
- package/src/mcp/guards/mcp-permission.guard.ts +61 -0
- package/src/mcp/mcp-api.module.ts +61 -0
- package/src/mcp/repositories/mcp-token.repository.ts +34 -0
- package/src/mcp/services/mcp-token.service.ts +138 -0
- package/src/mcp/tools/catalog-mcp.tools.ts +122 -0
- package/src/mcp/tools/cms-mcp.tools.ts +239 -0
- package/src/mcp/tools/credential-mcp.tools.ts +81 -0
- package/src/mcp/tools/hexabot-mcp-tool.base.ts +74 -0
- package/src/mcp/tools/hexabot-mcp.schemas.ts +55 -0
- package/src/mcp/tools/hexabot-mcp.tools.ts +7 -0
- package/src/mcp/tools/hexabot-mcp.utils.ts +29 -0
- package/src/mcp/tools/index.ts +51 -0
- package/src/mcp/tools/mcp-server-mcp.tools.ts +135 -0
- package/src/mcp/tools/memory-definition-mcp.tools.ts +125 -0
- package/src/mcp/tools/workflow-mcp.helper.ts +219 -0
- package/src/mcp/tools/workflow-mcp.tools.ts +271 -0
- package/src/mcp/tools/workflow-run-mcp.tools.ts +292 -0
- package/src/mcp/tools/workflow-version-mcp.tools.ts +459 -0
- package/src/mcp/types.ts +14 -0
- package/src/transfer/adapters/content-type-transfer.adapter.ts +154 -0
- package/src/transfer/adapters/credential-transfer.adapter.ts +158 -0
- package/src/transfer/adapters/label-transfer.adapter.ts +291 -0
- package/src/transfer/adapters/mcp-server-transfer.adapter.ts +255 -0
- package/src/transfer/adapters/memory-definition-transfer.adapter.ts +167 -0
- package/src/transfer/index.ts +19 -0
- package/src/transfer/workflow-transfer-adapter.registry.ts +250 -0
- package/src/transfer/workflow-transfer-definition.service.ts +587 -0
- package/src/transfer/workflow-transfer-resource-adapter.ts +132 -0
- package/src/transfer/workflow-transfer.controller.ts +86 -0
- package/src/transfer/workflow-transfer.module.ts +46 -0
- package/src/transfer/workflow-transfer.service.ts +858 -0
- package/src/transfer/workflow-transfer.types.ts +98 -0
- package/src/user/guards/ability.guard.ts +15 -3
- package/src/utils/test/fixtures/workflow-run.ts +4 -1
- package/src/utils/test/port.ts +48 -0
- package/src/websocket/websocket.gateway.ts +2 -1
- package/src/workflow/contexts/workflow-runtime.context.ts +12 -1
- package/src/workflow/controllers/workflow-run.controller.ts +2 -0
- package/src/workflow/dto/workflow-run.dto.ts +10 -0
- package/src/workflow/entities/workflow-run.entity.ts +22 -1
- package/src/workflow/index.ts +14 -0
- package/src/workflow/repositories/workflow-run.repository.ts +7 -1
- package/src/workflow/resource-refs.ts +44 -0
- package/src/workflow/services/agentic.service.ts +271 -30
- package/src/workflow/services/workflow-run.service.ts +120 -7
- package/src/workflow/services/workflow-version.service.ts +33 -0
- package/src/workflow/services/workflow.service.ts +86 -31
- package/src/workflow/types.ts +52 -0
- package/src/workflow/workflow.module.ts +3 -0
- package/types/event-emitter.d.ts +12 -5
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.McpTokenUpdateDto = exports.McpTokenCreateDto = void 0;
|
|
13
|
+
const swagger_1 = require("@nestjs/swagger");
|
|
14
|
+
const class_validator_1 = require("class-validator");
|
|
15
|
+
class McpTokenCreateDto {
|
|
16
|
+
}
|
|
17
|
+
exports.McpTokenCreateDto = McpTokenCreateDto;
|
|
18
|
+
__decorate([
|
|
19
|
+
(0, swagger_1.ApiProperty)({
|
|
20
|
+
description: 'Human-readable MCP token name',
|
|
21
|
+
type: String,
|
|
22
|
+
}),
|
|
23
|
+
(0, class_validator_1.IsNotEmpty)(),
|
|
24
|
+
(0, class_validator_1.IsString)(),
|
|
25
|
+
__metadata("design:type", String)
|
|
26
|
+
], McpTokenCreateDto.prototype, "name", void 0);
|
|
27
|
+
__decorate([
|
|
28
|
+
(0, swagger_1.ApiPropertyOptional)({
|
|
29
|
+
description: 'Optional token expiry date',
|
|
30
|
+
type: String,
|
|
31
|
+
format: 'date-time',
|
|
32
|
+
}),
|
|
33
|
+
(0, class_validator_1.IsOptional)(),
|
|
34
|
+
(0, class_validator_1.IsDateString)(),
|
|
35
|
+
__metadata("design:type", Object)
|
|
36
|
+
], McpTokenCreateDto.prototype, "expiresAt", void 0);
|
|
37
|
+
class McpTokenUpdateDto extends (0, swagger_1.PartialType)(McpTokenCreateDto) {
|
|
38
|
+
}
|
|
39
|
+
exports.McpTokenUpdateDto = McpTokenUpdateDto;
|
|
40
|
+
//# sourceMappingURL=mcp-token.dto.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-token.dto.js","sourceRoot":"","sources":["../../../src/mcp/dto/mcp-token.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAOA,6CAAgF;AAChF,qDAKyB;AAIzB,MAAa,iBAAiB;CAiB7B;AAjBD,8CAiBC;AAVC;IANC,IAAA,qBAAW,EAAC;QACX,WAAW,EAAE,+BAA+B;QAC5C,IAAI,EAAE,MAAM;KACb,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;;+CACG;AASd;IAPC,IAAA,6BAAmB,EAAC;QACnB,WAAW,EAAE,4BAA4B;QACzC,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,WAAW;KACpB,CAAC;IACD,IAAA,4BAAU,GAAE;IACZ,IAAA,8BAAY,GAAE;;oDACW;AAG5B,MAAa,iBAAkB,SAAQ,IAAA,qBAAW,EAAC,iBAAiB,CAAC;CAAG;AAAxE,8CAAwE"}
|
|
@@ -0,0 +1,111 @@
|
|
|
1
|
+
import { BaseOrmEntity } from "../../database/entities/base.entity";
|
|
2
|
+
import { UserOrmEntity } from "../../user/entities/user.entity";
|
|
3
|
+
import { McpTokenDto } from '../dto/mcp-token.dto';
|
|
4
|
+
export declare class McpTokenOrmEntity extends BaseOrmEntity<McpTokenDto> {
|
|
5
|
+
plainCls: import("zod").ZodType<{
|
|
6
|
+
id: string;
|
|
7
|
+
createdAt: Date;
|
|
8
|
+
updatedAt: Date;
|
|
9
|
+
name: string;
|
|
10
|
+
tokenPrefix: string;
|
|
11
|
+
expiresAt: Date | null;
|
|
12
|
+
lastUsedAt: Date | null;
|
|
13
|
+
revokedAt: Date | null;
|
|
14
|
+
owner: string;
|
|
15
|
+
}, unknown, import("zod/v4/core").$ZodTypeInternals<{
|
|
16
|
+
id: string;
|
|
17
|
+
createdAt: Date;
|
|
18
|
+
updatedAt: Date;
|
|
19
|
+
name: string;
|
|
20
|
+
tokenPrefix: string;
|
|
21
|
+
expiresAt: Date | null;
|
|
22
|
+
lastUsedAt: Date | null;
|
|
23
|
+
revokedAt: Date | null;
|
|
24
|
+
owner: string;
|
|
25
|
+
}, unknown>>;
|
|
26
|
+
fullCls: import("zod").ZodObject<{
|
|
27
|
+
id: import("zod").ZodString;
|
|
28
|
+
createdAt: import("zod").ZodCoercedDate<unknown>;
|
|
29
|
+
updatedAt: import("zod").ZodCoercedDate<unknown>;
|
|
30
|
+
name: import("zod").ZodString;
|
|
31
|
+
tokenPrefix: import("zod").ZodString;
|
|
32
|
+
expiresAt: import("zod").ZodType<Date | null, unknown, import("zod/v4/core").$ZodTypeInternals<Date | null, unknown>>;
|
|
33
|
+
lastUsedAt: import("zod").ZodType<Date | null, unknown, import("zod/v4/core").$ZodTypeInternals<Date | null, unknown>>;
|
|
34
|
+
revokedAt: import("zod").ZodType<Date | null, unknown, import("zod/v4/core").$ZodTypeInternals<Date | null, unknown>>;
|
|
35
|
+
owner: import("zod").ZodType<{
|
|
36
|
+
id: string;
|
|
37
|
+
createdAt: Date;
|
|
38
|
+
updatedAt: Date;
|
|
39
|
+
firstName: string;
|
|
40
|
+
lastName: string;
|
|
41
|
+
language: string | null;
|
|
42
|
+
timezone: number;
|
|
43
|
+
locale: string | null;
|
|
44
|
+
gender: string | null;
|
|
45
|
+
country: string | null;
|
|
46
|
+
foreignId: string | null;
|
|
47
|
+
assignedAt: Date | null;
|
|
48
|
+
lastvisit: Date | null;
|
|
49
|
+
retainedFrom: Date | null;
|
|
50
|
+
channel: {
|
|
51
|
+
name: string | null;
|
|
52
|
+
data?: Record<string, any> | null | undefined;
|
|
53
|
+
};
|
|
54
|
+
username: string;
|
|
55
|
+
email: string;
|
|
56
|
+
sendEmail: boolean;
|
|
57
|
+
state: boolean;
|
|
58
|
+
resetCount: number;
|
|
59
|
+
resetToken: string | null;
|
|
60
|
+
labels: string[];
|
|
61
|
+
assignedTo: string | null;
|
|
62
|
+
roles: string[];
|
|
63
|
+
avatar: string | null;
|
|
64
|
+
provider?: {
|
|
65
|
+
strategy: "local";
|
|
66
|
+
sub?: string | undefined;
|
|
67
|
+
} | undefined;
|
|
68
|
+
} | null, unknown, import("zod/v4/core").$ZodTypeInternals<{
|
|
69
|
+
id: string;
|
|
70
|
+
createdAt: Date;
|
|
71
|
+
updatedAt: Date;
|
|
72
|
+
firstName: string;
|
|
73
|
+
lastName: string;
|
|
74
|
+
language: string | null;
|
|
75
|
+
timezone: number;
|
|
76
|
+
locale: string | null;
|
|
77
|
+
gender: string | null;
|
|
78
|
+
country: string | null;
|
|
79
|
+
foreignId: string | null;
|
|
80
|
+
assignedAt: Date | null;
|
|
81
|
+
lastvisit: Date | null;
|
|
82
|
+
retainedFrom: Date | null;
|
|
83
|
+
channel: {
|
|
84
|
+
name: string | null;
|
|
85
|
+
data?: Record<string, any> | null | undefined;
|
|
86
|
+
};
|
|
87
|
+
username: string;
|
|
88
|
+
email: string;
|
|
89
|
+
sendEmail: boolean;
|
|
90
|
+
state: boolean;
|
|
91
|
+
resetCount: number;
|
|
92
|
+
resetToken: string | null;
|
|
93
|
+
labels: string[];
|
|
94
|
+
assignedTo: string | null;
|
|
95
|
+
roles: string[];
|
|
96
|
+
avatar: string | null;
|
|
97
|
+
provider?: {
|
|
98
|
+
strategy: "local";
|
|
99
|
+
sub?: string | undefined;
|
|
100
|
+
} | undefined;
|
|
101
|
+
} | null, unknown>>;
|
|
102
|
+
}, import("zod/v4/core").$strip>;
|
|
103
|
+
name: string;
|
|
104
|
+
tokenHash: string;
|
|
105
|
+
tokenPrefix: string;
|
|
106
|
+
owner: UserOrmEntity;
|
|
107
|
+
private readonly ownerId;
|
|
108
|
+
expiresAt: Date | null;
|
|
109
|
+
lastUsedAt: Date | null;
|
|
110
|
+
revokedAt: Date | null;
|
|
111
|
+
}
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.McpTokenOrmEntity = void 0;
|
|
13
|
+
const types_1 = require("@hexabot-ai/types");
|
|
14
|
+
const typeorm_1 = require("typeorm");
|
|
15
|
+
const database_1 = require("../../database");
|
|
16
|
+
const base_entity_1 = require("../../database/entities/base.entity");
|
|
17
|
+
const user_entity_1 = require("../../user/entities/user.entity");
|
|
18
|
+
const relation_ref_decorator_1 = require("../../utils/decorators/relation-ref.decorator");
|
|
19
|
+
let McpTokenOrmEntity = class McpTokenOrmEntity extends base_entity_1.BaseOrmEntity {
|
|
20
|
+
constructor() {
|
|
21
|
+
super(...arguments);
|
|
22
|
+
this.plainCls = types_1.mcpTokenSchema;
|
|
23
|
+
this.fullCls = types_1.mcpTokenFullSchema;
|
|
24
|
+
}
|
|
25
|
+
};
|
|
26
|
+
exports.McpTokenOrmEntity = McpTokenOrmEntity;
|
|
27
|
+
__decorate([
|
|
28
|
+
(0, typeorm_1.Column)(),
|
|
29
|
+
__metadata("design:type", String)
|
|
30
|
+
], McpTokenOrmEntity.prototype, "name", void 0);
|
|
31
|
+
__decorate([
|
|
32
|
+
(0, typeorm_1.Column)({ name: 'token_hash', type: 'text' }),
|
|
33
|
+
__metadata("design:type", String)
|
|
34
|
+
], McpTokenOrmEntity.prototype, "tokenHash", void 0);
|
|
35
|
+
__decorate([
|
|
36
|
+
(0, typeorm_1.Column)({ name: 'token_prefix', length: 32 }),
|
|
37
|
+
__metadata("design:type", String)
|
|
38
|
+
], McpTokenOrmEntity.prototype, "tokenPrefix", void 0);
|
|
39
|
+
__decorate([
|
|
40
|
+
(0, typeorm_1.ManyToOne)(() => user_entity_1.UserOrmEntity, {
|
|
41
|
+
nullable: false,
|
|
42
|
+
onDelete: 'CASCADE',
|
|
43
|
+
}),
|
|
44
|
+
(0, typeorm_1.JoinColumn)({ name: 'owner_id' }),
|
|
45
|
+
(0, relation_ref_decorator_1.AsRelation)(),
|
|
46
|
+
__metadata("design:type", user_entity_1.UserOrmEntity)
|
|
47
|
+
], McpTokenOrmEntity.prototype, "owner", void 0);
|
|
48
|
+
__decorate([
|
|
49
|
+
(0, typeorm_1.RelationId)((token) => token.owner),
|
|
50
|
+
__metadata("design:type", String)
|
|
51
|
+
], McpTokenOrmEntity.prototype, "ownerId", void 0);
|
|
52
|
+
__decorate([
|
|
53
|
+
(0, database_1.DatetimeColumn)({ name: 'expires_at', nullable: true }),
|
|
54
|
+
__metadata("design:type", Object)
|
|
55
|
+
], McpTokenOrmEntity.prototype, "expiresAt", void 0);
|
|
56
|
+
__decorate([
|
|
57
|
+
(0, database_1.DatetimeColumn)({ name: 'last_used_at', nullable: true }),
|
|
58
|
+
__metadata("design:type", Object)
|
|
59
|
+
], McpTokenOrmEntity.prototype, "lastUsedAt", void 0);
|
|
60
|
+
__decorate([
|
|
61
|
+
(0, database_1.DatetimeColumn)({ name: 'revoked_at', nullable: true }),
|
|
62
|
+
__metadata("design:type", Object)
|
|
63
|
+
], McpTokenOrmEntity.prototype, "revokedAt", void 0);
|
|
64
|
+
exports.McpTokenOrmEntity = McpTokenOrmEntity = __decorate([
|
|
65
|
+
(0, typeorm_1.Entity)({ name: 'mcp_tokens' }),
|
|
66
|
+
(0, typeorm_1.Index)(['tokenHash'], { unique: true }),
|
|
67
|
+
(0, typeorm_1.Index)(['owner'])
|
|
68
|
+
], McpTokenOrmEntity);
|
|
69
|
+
//# sourceMappingURL=mcp-token.entity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-token.entity.js","sourceRoot":"","sources":["../../../src/mcp/entities/mcp-token.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,6CAAuE;AACvE,qCAOiB;AAEjB,6CAA4C;AAC5C,qEAAgE;AAChE,iEAA4D;AAC5D,0FAAuE;AAOhE,IAAM,iBAAiB,GAAvB,MAAM,iBAAkB,SAAQ,2BAA0B;IAA1D;;QACL,aAAQ,GAAG,sBAAc,CAAC;QAE1B,YAAO,GAAG,0BAAkB,CAAC;IA8B/B,CAAC;CAAA,CAAA;AAjCY,8CAAiB;AAM5B;IADC,IAAA,gBAAM,GAAE;;+CACK;AAGd;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;;oDAC1B;AAGnB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;;sDACxB;AAQrB;IANC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,2BAAa,EAAE;QAC9B,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAU,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IAChC,IAAA,mCAAU,GAAE;8BACL,2BAAa;gDAAC;AAGL;IADhB,IAAA,oBAAU,EAAC,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC;;kDACpB;AAGlC;IADC,IAAA,yBAAc,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oDAC/B;AAGxB;IADC,IAAA,yBAAc,EAAC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;qDAChC;AAGzB;IADC,IAAA,yBAAc,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oDAC/B;4BAhCb,iBAAiB;IAH7B,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;IAC9B,IAAA,eAAK,EAAC,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACtC,IAAA,eAAK,EAAC,CAAC,OAAO,CAAC,CAAC;GACJ,iBAAiB,CAiC7B"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { ModuleRef } from '@nestjs/core';
|
|
3
|
+
export declare class HexabotMcpTokenGuard implements CanActivate {
|
|
4
|
+
private readonly moduleRef;
|
|
5
|
+
constructor(moduleRef: ModuleRef);
|
|
6
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
7
|
+
private extractTokenFromHeader;
|
|
8
|
+
private getMcpTokenService;
|
|
9
|
+
}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.HexabotMcpTokenGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const mcp_token_service_1 = require("../services/mcp-token.service");
|
|
16
|
+
let HexabotMcpTokenGuard = class HexabotMcpTokenGuard {
|
|
17
|
+
constructor(moduleRef) {
|
|
18
|
+
this.moduleRef = moduleRef;
|
|
19
|
+
}
|
|
20
|
+
async canActivate(context) {
|
|
21
|
+
const request = context.switchToHttp().getRequest();
|
|
22
|
+
const token = this.extractTokenFromHeader(request);
|
|
23
|
+
if (!token) {
|
|
24
|
+
throw new common_1.UnauthorizedException('MCP bearer token is required');
|
|
25
|
+
}
|
|
26
|
+
const { user, tokenId } = await this.getMcpTokenService().authenticateBearerToken(token);
|
|
27
|
+
request.hexabotUser = user;
|
|
28
|
+
request.user = user;
|
|
29
|
+
request.mcpTokenId = tokenId;
|
|
30
|
+
return true;
|
|
31
|
+
}
|
|
32
|
+
extractTokenFromHeader(request) {
|
|
33
|
+
const authHeader = request.headers.authorization;
|
|
34
|
+
if (!authHeader) {
|
|
35
|
+
return undefined;
|
|
36
|
+
}
|
|
37
|
+
const match = authHeader.trim().match(/^Bearer\s+(\S+)$/i);
|
|
38
|
+
return match?.[1];
|
|
39
|
+
}
|
|
40
|
+
getMcpTokenService() {
|
|
41
|
+
return this.moduleRef.get(mcp_token_service_1.McpTokenService, { strict: false });
|
|
42
|
+
}
|
|
43
|
+
};
|
|
44
|
+
exports.HexabotMcpTokenGuard = HexabotMcpTokenGuard;
|
|
45
|
+
exports.HexabotMcpTokenGuard = HexabotMcpTokenGuard = __decorate([
|
|
46
|
+
(0, common_1.Injectable)(),
|
|
47
|
+
__metadata("design:paramtypes", [core_1.ModuleRef])
|
|
48
|
+
], HexabotMcpTokenGuard);
|
|
49
|
+
//# sourceMappingURL=hexabot-mcp-token.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hexabot-mcp-token.guard.js","sourceRoot":"","sources":["../../../src/mcp/guards/hexabot-mcp-token.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,2CAKwB;AACxB,uCAAyC;AAGzC,qEAAgE;AAIzD,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAC/B,YAA6B,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAErD,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAqB,CAAC;QACvE,MAAM,KAAK,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,8BAA8B,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GACrB,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAEjE,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;QAC3B,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;QACpB,OAAO,CAAC,UAAU,GAAG,OAAO,CAAC;QAE7B,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,sBAAsB,CAAC,OAAgB;QAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAE3D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAEO,kBAAkB;QACxB,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,mCAAe,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAChE,CAAC;CACF,CAAA;AAnCY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;qCAE6B,gBAAS;GADtC,oBAAoB,CAmChC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
import { PermissionService } from "../../user/services/permission.service";
|
|
4
|
+
export declare class McpPermissionGuard implements CanActivate {
|
|
5
|
+
private readonly reflector;
|
|
6
|
+
private readonly permissionService;
|
|
7
|
+
constructor(reflector: Reflector, permissionService: PermissionService);
|
|
8
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
9
|
+
}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.McpPermissionGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const mcp_permission_decorator_1 = require("../decorators/mcp-permission.decorator");
|
|
16
|
+
const permission_service_1 = require("../../user/services/permission.service");
|
|
17
|
+
let McpPermissionGuard = class McpPermissionGuard {
|
|
18
|
+
constructor(reflector, permissionService) {
|
|
19
|
+
this.reflector = reflector;
|
|
20
|
+
this.permissionService = permissionService;
|
|
21
|
+
}
|
|
22
|
+
async canActivate(context) {
|
|
23
|
+
const permission = this.reflector.getAllAndOverride(mcp_permission_decorator_1.MCP_PERMISSION_METADATA_KEY, [context.getHandler(), context.getClass()]);
|
|
24
|
+
if (!permission) {
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
const request = context.switchToHttp().getRequest();
|
|
28
|
+
const user = request.hexabotUser ?? request.user;
|
|
29
|
+
const roleIds = Array.isArray(user?.roles) ? user.roles : [];
|
|
30
|
+
if (roleIds.length === 0) {
|
|
31
|
+
throw new common_1.ForbiddenException('MCP tool requires a Hexabot role');
|
|
32
|
+
}
|
|
33
|
+
const permissions = await this.permissionService.getPermissions();
|
|
34
|
+
const hasPermission = roleIds.some((roleId) => permissions[roleId]?.[permission.model]?.includes(permission.action));
|
|
35
|
+
if (!hasPermission) {
|
|
36
|
+
throw new common_1.ForbiddenException(`MCP tool requires ${permission.action} permission on ${permission.model}`);
|
|
37
|
+
}
|
|
38
|
+
return true;
|
|
39
|
+
}
|
|
40
|
+
};
|
|
41
|
+
exports.McpPermissionGuard = McpPermissionGuard;
|
|
42
|
+
exports.McpPermissionGuard = McpPermissionGuard = __decorate([
|
|
43
|
+
(0, common_1.Injectable)(),
|
|
44
|
+
__metadata("design:paramtypes", [core_1.Reflector,
|
|
45
|
+
permission_service_1.PermissionService])
|
|
46
|
+
], McpPermissionGuard);
|
|
47
|
+
//# sourceMappingURL=mcp-permission.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-permission.guard.js","sourceRoot":"","sources":["../../../src/mcp/guards/mcp-permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,2CAKwB;AACxB,uCAAyC;AAEzC,qFAGmD;AACnD,+EAAuE;AAKhE,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC7B,YACmB,SAAoB,EACpB,iBAAoC;QADpC,cAAS,GAAT,SAAS,CAAW;QACpB,sBAAiB,GAAjB,iBAAiB,CAAmB;IACpD,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CACjD,sDAA2B,EAC3B,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAC3C,CAAC;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAqB,CAAC;QACvE,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;QACjD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAE7D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,2BAAkB,CAAC,kCAAkC,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE,CAAC;QAClE,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAC5C,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CACrE,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,2BAAkB,CAC1B,qBAAqB,UAAU,CAAC,MAAM,kBAAkB,UAAU,CAAC,KAAK,EAAE,CAC3E,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AArCY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;qCAGmB,gBAAS;QACD,sCAAiB;GAH5C,kBAAkB,CAqC9B"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.McpApiModule = void 0;
|
|
10
|
+
const crypto_1 = require("crypto");
|
|
11
|
+
const common_1 = require("@nestjs/common");
|
|
12
|
+
const typeorm_1 = require("@nestjs/typeorm");
|
|
13
|
+
const mcp_nest_1 = require("@rekog/mcp-nest");
|
|
14
|
+
const actions_module_1 = require("../actions/actions.module");
|
|
15
|
+
const bindings_module_1 = require("../bindings/bindings.module");
|
|
16
|
+
const cms_module_1 = require("../cms/cms.module");
|
|
17
|
+
const config_1 = require("../config");
|
|
18
|
+
const user_module_1 = require("../user/user.module");
|
|
19
|
+
const workflow_module_1 = require("../workflow/workflow.module");
|
|
20
|
+
const mcp_token_controller_1 = require("./controllers/mcp-token.controller");
|
|
21
|
+
const mcp_token_entity_1 = require("./entities/mcp-token.entity");
|
|
22
|
+
const hexabot_mcp_token_guard_1 = require("./guards/hexabot-mcp-token.guard");
|
|
23
|
+
const mcp_permission_guard_1 = require("./guards/mcp-permission.guard");
|
|
24
|
+
const mcp_token_repository_1 = require("./repositories/mcp-token.repository");
|
|
25
|
+
const mcp_token_service_1 = require("./services/mcp-token.service");
|
|
26
|
+
const tools_1 = require("./tools");
|
|
27
|
+
let McpApiModule = class McpApiModule {
|
|
28
|
+
};
|
|
29
|
+
exports.McpApiModule = McpApiModule;
|
|
30
|
+
exports.McpApiModule = McpApiModule = __decorate([
|
|
31
|
+
(0, common_1.Module)({
|
|
32
|
+
imports: [
|
|
33
|
+
typeorm_1.TypeOrmModule.forFeature([mcp_token_entity_1.McpTokenOrmEntity]),
|
|
34
|
+
mcp_nest_1.McpModule.forRoot({
|
|
35
|
+
name: config_1.config.mcp.serverName,
|
|
36
|
+
title: config_1.config.mcp.serverTitle,
|
|
37
|
+
version: config_1.config.mcp.serverVersion,
|
|
38
|
+
description: config_1.config.mcp.serverDescription,
|
|
39
|
+
instructions: config_1.config.mcp.serverInstructions,
|
|
40
|
+
transport: mcp_nest_1.McpTransportType.STREAMABLE_HTTP,
|
|
41
|
+
mcpEndpoint: 'mcp',
|
|
42
|
+
guards: [hexabot_mcp_token_guard_1.HexabotMcpTokenGuard],
|
|
43
|
+
streamableHttp: {
|
|
44
|
+
enableJsonResponse: false,
|
|
45
|
+
sessionIdGenerator: () => (0, crypto_1.randomUUID)(),
|
|
46
|
+
statelessMode: false,
|
|
47
|
+
},
|
|
48
|
+
}),
|
|
49
|
+
actions_module_1.ActionsModule,
|
|
50
|
+
bindings_module_1.BindingsModule,
|
|
51
|
+
cms_module_1.CmsModule,
|
|
52
|
+
user_module_1.UserModule,
|
|
53
|
+
workflow_module_1.WorkflowModule,
|
|
54
|
+
],
|
|
55
|
+
providers: [
|
|
56
|
+
hexabot_mcp_token_guard_1.HexabotMcpTokenGuard,
|
|
57
|
+
mcp_permission_guard_1.McpPermissionGuard,
|
|
58
|
+
mcp_token_repository_1.McpTokenRepository,
|
|
59
|
+
mcp_token_service_1.McpTokenService,
|
|
60
|
+
...tools_1.HEXABOT_MCP_TOOL_PROVIDERS,
|
|
61
|
+
],
|
|
62
|
+
controllers: [mcp_token_controller_1.McpTokenController],
|
|
63
|
+
})
|
|
64
|
+
], McpApiModule);
|
|
65
|
+
//# sourceMappingURL=mcp-api.module.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-api.module.js","sourceRoot":"","sources":["../../src/mcp/mcp-api.module.ts"],"names":[],"mappings":";;;;;;;;;AAMA,mCAAoC;AAEpC,2CAAwC;AACxC,6CAAgD;AAChD,8CAA8D;AAE9D,8DAAyD;AACzD,iEAA4D;AAC5D,kDAA6C;AAC7C,sCAAkC;AAClC,qDAAgD;AAChD,iEAA4D;AAE5D,6EAAwE;AACxE,kEAAgE;AAChE,8EAAwE;AACxE,wEAAmE;AACnE,8EAAyE;AACzE,oEAA+D;AAC/D,mCAAqD;AAmC9C,IAAM,YAAY,GAAlB,MAAM,YAAY;CAAG,CAAA;AAAf,oCAAY;uBAAZ,YAAY;IAjCxB,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,uBAAa,CAAC,UAAU,CAAC,CAAC,oCAAiB,CAAC,CAAC;YAC7C,oBAAS,CAAC,OAAO,CAAC;gBAChB,IAAI,EAAE,eAAM,CAAC,GAAG,CAAC,UAAU;gBAC3B,KAAK,EAAE,eAAM,CAAC,GAAG,CAAC,WAAW;gBAC7B,OAAO,EAAE,eAAM,CAAC,GAAG,CAAC,aAAa;gBACjC,WAAW,EAAE,eAAM,CAAC,GAAG,CAAC,iBAAiB;gBACzC,YAAY,EAAE,eAAM,CAAC,GAAG,CAAC,kBAAkB;gBAC3C,SAAS,EAAE,2BAAgB,CAAC,eAAe;gBAC3C,WAAW,EAAE,KAAK;gBAClB,MAAM,EAAE,CAAC,8CAAoB,CAAC;gBAC9B,cAAc,EAAE;oBACd,kBAAkB,EAAE,KAAK;oBACzB,kBAAkB,EAAE,GAAG,EAAE,CAAC,IAAA,mBAAU,GAAE;oBACtC,aAAa,EAAE,KAAK;iBACrB;aACF,CAAC;YACF,8BAAa;YACb,gCAAc;YACd,sBAAS;YACT,wBAAU;YACV,gCAAc;SACf;QACD,SAAS,EAAE;YACT,8CAAoB;YACpB,yCAAkB;YAClB,yCAAkB;YAClB,mCAAe;YACf,GAAG,kCAA0B;SAC9B;QACD,WAAW,EAAE,CAAC,yCAAkB,CAAC;KAClC,CAAC;GACW,YAAY,CAAG"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Repository } from 'typeorm';
|
|
2
|
+
import { BaseOrmRepository } from "../../utils/generics/base-orm.repository";
|
|
3
|
+
import { McpTokenOrmEntity } from '../entities/mcp-token.entity';
|
|
4
|
+
export declare class McpTokenRepository extends BaseOrmRepository<McpTokenOrmEntity> {
|
|
5
|
+
constructor(repository: Repository<McpTokenOrmEntity>);
|
|
6
|
+
findOneByHash(tokenHash: string): Promise<McpTokenOrmEntity | null>;
|
|
7
|
+
touchLastUsedAt(id: string, lastUsedAt?: Date): Promise<void>;
|
|
8
|
+
}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.McpTokenRepository = void 0;
|
|
16
|
+
const common_1 = require("@nestjs/common");
|
|
17
|
+
const typeorm_1 = require("@nestjs/typeorm");
|
|
18
|
+
const typeorm_2 = require("typeorm");
|
|
19
|
+
const base_orm_repository_1 = require("../../utils/generics/base-orm.repository");
|
|
20
|
+
const mcp_token_entity_1 = require("../entities/mcp-token.entity");
|
|
21
|
+
let McpTokenRepository = class McpTokenRepository extends base_orm_repository_1.BaseOrmRepository {
|
|
22
|
+
constructor(repository) {
|
|
23
|
+
super(repository, ['owner']);
|
|
24
|
+
}
|
|
25
|
+
async findOneByHash(tokenHash) {
|
|
26
|
+
return await this.repository.findOne({
|
|
27
|
+
where: { tokenHash },
|
|
28
|
+
relations: ['owner', 'owner.roles'],
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
async touchLastUsedAt(id, lastUsedAt = new Date()) {
|
|
32
|
+
await this.repository.update(id, { lastUsedAt });
|
|
33
|
+
}
|
|
34
|
+
};
|
|
35
|
+
exports.McpTokenRepository = McpTokenRepository;
|
|
36
|
+
exports.McpTokenRepository = McpTokenRepository = __decorate([
|
|
37
|
+
(0, common_1.Injectable)(),
|
|
38
|
+
__param(0, (0, typeorm_1.InjectRepository)(mcp_token_entity_1.McpTokenOrmEntity)),
|
|
39
|
+
__metadata("design:paramtypes", [typeorm_2.Repository])
|
|
40
|
+
], McpTokenRepository);
|
|
41
|
+
//# sourceMappingURL=mcp-token.repository.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-token.repository.js","sourceRoot":"","sources":["../../../src/mcp/repositories/mcp-token.repository.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAMA,2CAA4C;AAC5C,6CAAmD;AACnD,qCAAqC;AAErC,kFAAyE;AAEzE,mEAAiE;AAG1D,IAAM,kBAAkB,GAAxB,MAAM,kBAAmB,SAAQ,uCAAoC;IAC1E,YAEE,UAAyC;QAEzC,KAAK,CAAC,UAAU,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;YACnC,KAAK,EAAE,EAAE,SAAS,EAAE;YACpB,SAAS,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC;SACpC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,EAAU,EAAE,UAAU,GAAG,IAAI,IAAI,EAAE;QACvD,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;IACnD,CAAC;CACF,CAAA;AAlBY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,0BAAgB,EAAC,oCAAiB,CAAC,CAAA;qCACxB,oBAAU;GAHb,kBAAkB,CAkB9B"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import type { McpToken, User } from '@hexabot-ai/types';
|
|
2
|
+
import { BaseOrmService } from "../../utils/generics/base-orm.service";
|
|
3
|
+
import { McpTokenCreateDto } from '../dto/mcp-token.dto';
|
|
4
|
+
import { McpTokenOrmEntity } from '../entities/mcp-token.entity';
|
|
5
|
+
import { McpTokenRepository } from '../repositories/mcp-token.repository';
|
|
6
|
+
export declare const MCP_PERSONAL_TOKEN_PREFIX = "hbt_mcp_";
|
|
7
|
+
export declare class McpTokenService extends BaseOrmService<McpTokenOrmEntity> {
|
|
8
|
+
readonly repository: McpTokenRepository;
|
|
9
|
+
constructor(repository: McpTokenRepository);
|
|
10
|
+
createPersonalToken(ownerId: string, dto: McpTokenCreateDto): Promise<{
|
|
11
|
+
token: string;
|
|
12
|
+
record: McpToken;
|
|
13
|
+
}>;
|
|
14
|
+
findOwnedTokens(ownerId: string): Promise<McpToken[]>;
|
|
15
|
+
revokeOwnedToken(ownerId: string, id: string): Promise<McpToken>;
|
|
16
|
+
authenticateBearerToken(token: string): Promise<{
|
|
17
|
+
user: User;
|
|
18
|
+
tokenId: string;
|
|
19
|
+
}>;
|
|
20
|
+
private generateToken;
|
|
21
|
+
private hashToken;
|
|
22
|
+
private getTokenPrefix;
|
|
23
|
+
private parseOptionalExpiry;
|
|
24
|
+
}
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.McpTokenService = exports.MCP_PERSONAL_TOKEN_PREFIX = void 0;
|
|
13
|
+
const crypto_1 = require("crypto");
|
|
14
|
+
const common_1 = require("@nestjs/common");
|
|
15
|
+
const base_orm_service_1 = require("../../utils/generics/base-orm.service");
|
|
16
|
+
const mcp_token_repository_1 = require("../repositories/mcp-token.repository");
|
|
17
|
+
exports.MCP_PERSONAL_TOKEN_PREFIX = 'hbt_mcp_';
|
|
18
|
+
let McpTokenService = class McpTokenService extends base_orm_service_1.BaseOrmService {
|
|
19
|
+
constructor(repository) {
|
|
20
|
+
super(repository);
|
|
21
|
+
this.repository = repository;
|
|
22
|
+
}
|
|
23
|
+
async createPersonalToken(ownerId, dto) {
|
|
24
|
+
const token = this.generateToken();
|
|
25
|
+
const expiresAt = this.parseOptionalExpiry(dto.expiresAt);
|
|
26
|
+
const record = await this.repository.create({
|
|
27
|
+
name: dto.name,
|
|
28
|
+
owner: ownerId,
|
|
29
|
+
tokenHash: this.hashToken(token),
|
|
30
|
+
tokenPrefix: this.getTokenPrefix(token),
|
|
31
|
+
expiresAt,
|
|
32
|
+
lastUsedAt: null,
|
|
33
|
+
revokedAt: null,
|
|
34
|
+
});
|
|
35
|
+
return { token, record };
|
|
36
|
+
}
|
|
37
|
+
async findOwnedTokens(ownerId) {
|
|
38
|
+
return await this.repository.find({
|
|
39
|
+
where: { owner: { id: ownerId } },
|
|
40
|
+
order: { createdAt: 'DESC' },
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
async revokeOwnedToken(ownerId, id) {
|
|
44
|
+
const token = await this.repository.findOne({
|
|
45
|
+
where: { id, owner: { id: ownerId } },
|
|
46
|
+
});
|
|
47
|
+
if (!token) {
|
|
48
|
+
throw new common_1.NotFoundException(`MCP token ${id} not found`);
|
|
49
|
+
}
|
|
50
|
+
return await this.repository.updateOne({
|
|
51
|
+
where: { id, owner: { id: ownerId } },
|
|
52
|
+
}, { revokedAt: new Date() });
|
|
53
|
+
}
|
|
54
|
+
async authenticateBearerToken(token) {
|
|
55
|
+
if (!token.startsWith(exports.MCP_PERSONAL_TOKEN_PREFIX)) {
|
|
56
|
+
throw new common_1.UnauthorizedException('Invalid MCP token');
|
|
57
|
+
}
|
|
58
|
+
const record = await this.repository.findOneByHash(this.hashToken(token));
|
|
59
|
+
if (!record) {
|
|
60
|
+
throw new common_1.UnauthorizedException('Invalid MCP token');
|
|
61
|
+
}
|
|
62
|
+
if (record.revokedAt) {
|
|
63
|
+
throw new common_1.UnauthorizedException('MCP token has been revoked');
|
|
64
|
+
}
|
|
65
|
+
if (record.expiresAt && record.expiresAt <= new Date()) {
|
|
66
|
+
throw new common_1.UnauthorizedException('MCP token has expired');
|
|
67
|
+
}
|
|
68
|
+
const owner = record.owner;
|
|
69
|
+
if (!owner?.state) {
|
|
70
|
+
throw new common_1.UnauthorizedException('MCP token owner is inactive');
|
|
71
|
+
}
|
|
72
|
+
await this.repository.touchLastUsedAt(record.id);
|
|
73
|
+
return {
|
|
74
|
+
user: owner.toPlainCls(),
|
|
75
|
+
tokenId: record.id,
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
generateToken() {
|
|
79
|
+
return `${exports.MCP_PERSONAL_TOKEN_PREFIX}${(0, crypto_1.randomBytes)(32).toString('base64url')}`;
|
|
80
|
+
}
|
|
81
|
+
hashToken(token) {
|
|
82
|
+
return (0, crypto_1.createHash)('sha256').update(token).digest('hex');
|
|
83
|
+
}
|
|
84
|
+
getTokenPrefix(token) {
|
|
85
|
+
return token.slice(0, exports.MCP_PERSONAL_TOKEN_PREFIX.length + 8);
|
|
86
|
+
}
|
|
87
|
+
parseOptionalExpiry(value) {
|
|
88
|
+
if (!value) {
|
|
89
|
+
return null;
|
|
90
|
+
}
|
|
91
|
+
const expiresAt = new Date(value);
|
|
92
|
+
if (Number.isNaN(expiresAt.getTime())) {
|
|
93
|
+
throw new common_1.BadRequestException('Invalid MCP token expiry date');
|
|
94
|
+
}
|
|
95
|
+
if (expiresAt <= new Date()) {
|
|
96
|
+
throw new common_1.BadRequestException('MCP token expiry must be in the future');
|
|
97
|
+
}
|
|
98
|
+
return expiresAt;
|
|
99
|
+
}
|
|
100
|
+
};
|
|
101
|
+
exports.McpTokenService = McpTokenService;
|
|
102
|
+
exports.McpTokenService = McpTokenService = __decorate([
|
|
103
|
+
(0, common_1.Injectable)(),
|
|
104
|
+
__metadata("design:paramtypes", [mcp_token_repository_1.McpTokenRepository])
|
|
105
|
+
], McpTokenService);
|
|
106
|
+
//# sourceMappingURL=mcp-token.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp-token.service.js","sourceRoot":"","sources":["../../../src/mcp/services/mcp-token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,mCAAiD;AAGjD,2CAKwB;AAIxB,4EAAmE;AAInE,+EAA0E;AAE7D,QAAA,yBAAyB,GAAG,UAAU,CAAC;AAG7C,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,iCAAiC;IACpE,YAAqB,UAA8B;QACjD,KAAK,CAAC,UAAU,CAAC,CAAC;QADC,eAAU,GAAV,UAAU,CAAoB;IAEnD,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,OAAe,EACf,GAAsB;QAEtB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACnC,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;YAC1C,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,KAAK,EAAE,OAAO;YACd,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAChC,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC;YACvC,SAAS;YACT,UAAU,EAAE,IAAI;YAChB,SAAS,EAAE,IAAI;SACT,CAAC,CAAC;QAEV,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAChC,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;YACjC,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;SACS,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,OAAe,EAAE,EAAU;QAChD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;YAC1C,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;SAC/B,CAAC,CAAC;QAEV,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,0BAAiB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CACpC;YACE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;SAC/B,EACR,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAS,CACjC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,KAAa;QAEb,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,iCAAyB,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,8BAAqB,CAAC,mBAAmB,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QAE1E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,8BAAqB,CAAC,mBAAmB,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,MAAM,IAAI,8BAAqB,CAAC,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC;YACvD,MAAM,IAAI,8BAAqB,CAAC,uBAAuB,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,KAAkC,CAAC;QACxD,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC;YAClB,MAAM,IAAI,8BAAqB,CAAC,6BAA6B,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAEjD,OAAO;YACL,IAAI,EAAE,KAAK,CAAC,UAAU,EAAU;YAChC,OAAO,EAAE,MAAM,CAAC,EAAE;SACnB,CAAC;IACJ,CAAC;IAEO,aAAa;QACnB,OAAO,GAAG,iCAAyB,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;IAChF,CAAC;IAEO,SAAS,CAAC,KAAa;QAC7B,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAEO,cAAc,CAAC,KAAa;QAClC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,iCAAyB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC9D,CAAC;IAEO,mBAAmB,CAAC,KAAqB;QAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;YACtC,MAAM,IAAI,4BAAmB,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,4BAAmB,CAAC,wCAAwC,CAAC,CAAC;QAC1E,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF,CAAA;AA9GY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAEsB,yCAAkB;GADxC,eAAe,CA8G3B"}
|