@inkeep/agents-manage-api 0.0.0-dev-20251125061921 → 0.0.0-dev-20251125083010
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-EPAAFQZY.js → chunk-T4UJH26R.js} +86 -47
- package/dist/factory.js +1 -1
- package/dist/index.js +2 -2
- package/package.json +3 -3
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { F, u, R, x, T, h, U, L, or, C, Vr, ce, ur, P } from './chunk-SBJLXGYG.js';
|
|
2
|
-
import { loadEnvironmentFiles,
|
|
2
|
+
import { loadEnvironmentFiles, createDatabaseClient, getLogger, commonGetErrorResponses, AgentListResponse, PaginationQueryParamsSchema, TenantProjectParamsSchema, listAgents, AgentResponse, TenantProjectIdParamsSchema, getAgentById, createApiError, RelatedAgentInfoListResponse, TenantProjectAgentSubAgentParamsSchema, getAgentSubAgentInfos, AgentWithinContextOfProjectResponse, TenantProjectAgentParamsSchema, getFullAgentDefinition, AgentApiInsertSchema, createAgent, generateId, AgentApiUpdateSchema, updateAgent, ErrorResponseSchema, deleteAgent, AgentWithinContextOfProjectSchema, createFullAgentServerSide, getFullAgent, updateFullAgentServerSide, deleteFullAgent, ApiKeyListResponse, listApiKeysPaginated, ApiKeyResponse, getApiKeyById, ApiKeyApiCreationResponseSchema, ApiKeyApiInsertSchema, generateApiKey, createApiKey, ApiKeyApiUpdateSchema, updateApiKey, deleteApiKey, ArtifactComponentListResponse, listArtifactComponentsPaginated, ArtifactComponentResponse, getArtifactComponentById, ArtifactComponentApiInsertSchema, validatePropsAsJsonSchema, createArtifactComponent, ArtifactComponentApiUpdateSchema, updateArtifactComponent, deleteArtifactComponent, ContextConfigListResponse, listContextConfigsPaginated, ContextConfigResponse, TenantProjectAgentIdParamsSchema, getContextConfigById, ContextConfigApiInsertSchema, createContextConfig, commonUpdateErrorResponses, ContextConfigApiUpdateSchema, updateContextConfig, commonDeleteErrorResponses, deleteContextConfig, getConversationHistory, formatMessagesForLLMContext, CredentialStoreListResponseSchema, CreateCredentialInStoreResponseSchema, CreateCredentialInStoreRequestSchema, CredentialReferenceListResponse, listCredentialReferencesPaginated, ListResponseSchema, CredentialReferenceApiSelectSchema, CredentialReferenceResponse, getCredentialReferenceWithResources, CredentialReferenceApiInsertSchema, createCredentialReference, CredentialReferenceApiUpdateSchema, updateCredentialReference, getCredentialReferenceById, getCredentialStoreLookupKeyFromRetrievalParams, deleteCredentialReference, DataComponentListResponse, listDataComponentsPaginated, DataComponentResponse, getDataComponent, DataComponentApiInsertSchema, createDataComponent, DataComponentApiUpdateSchema, updateDataComponent, deleteDataComponent, ExternalAgentListResponse, listExternalAgentsPaginated, ExternalAgentResponse, getExternalAgent, ExternalAgentApiInsertSchema, createExternalAgent, ExternalAgentApiUpdateSchema, updateExternalAgent, deleteExternalAgent, FunctionListResponse, listFunctions, FunctionResponse, getFunction, FunctionApiInsertSchema, upsertFunction, FunctionApiUpdateSchema, deleteFunction, FunctionToolListResponse, listFunctionTools, FunctionToolResponse, getFunctionToolById, FunctionToolApiInsertSchema, createFunctionTool, FunctionToolApiUpdateSchema, updateFunctionTool, deleteFunctionTool, MCPCatalogListResponse, fetchComposioServers, MCPTransportType, ProjectListResponse, TenantParamsSchema, listProjectsPaginated, ProjectResponse, TenantIdParamsSchema, getProject, ProjectApiInsertSchema, createProject, ProjectApiUpdateSchema, updateProject, deleteProject, ArtifactComponentArrayResponse, getArtifactComponentsForAgent, ComponentAssociationListResponse, getAgentsUsingArtifactComponent, SubAgentArtifactComponentResponse, SubAgentArtifactComponentApiInsertSchema, getSubAgentById, isArtifactComponentAssociatedWithAgent, associateArtifactComponentWithAgent, RemovedResponseSchema, removeArtifactComponentFromAgent, ExistsResponseSchema, DataComponentArrayResponse, getDataComponentsForAgent, getAgentsUsingDataComponent, SubAgentDataComponentResponse, SubAgentDataComponentApiInsertSchema, isDataComponentAssociatedWithAgent, associateDataComponentWithAgent, removeDataComponentFromAgent, SubAgentExternalAgentRelationListResponse, listSubAgentExternalAgentRelations, SubAgentExternalAgentRelationResponse, TenantProjectAgentSubAgentIdParamsSchema, getSubAgentExternalAgentRelationById, SubAgentExternalAgentRelationApiInsertSchema, createSubAgentExternalAgentRelation, SubAgentExternalAgentRelationApiUpdateSchema, updateSubAgentExternalAgentRelation, deleteSubAgentExternalAgentRelation, SubAgentRelationListResponse, SubAgentRelationQuerySchema, getAgentRelationsBySource, getSubAgentRelationsByTarget, listAgentRelations, SubAgentRelationResponse, getAgentRelationById, SubAgentRelationApiInsertSchema, validateSubAgent, createSubAgentRelation, SubAgentRelationApiUpdateSchema, updateAgentRelation, deleteSubAgentRelation, SubAgentListResponse, listSubAgentsPaginated, SubAgentResponse, SubAgentApiInsertSchema, createSubAgent, SubAgentApiUpdateSchema, updateSubAgent, deleteSubAgent, SubAgentIsDefaultError, SubAgentTeamAgentRelationListResponse, listSubAgentTeamAgentRelations, SubAgentTeamAgentRelationResponse, getSubAgentTeamAgentRelationById, SubAgentTeamAgentRelationApiInsertSchema, createSubAgentTeamAgentRelation, SubAgentTeamAgentRelationApiUpdateSchema, updateSubAgentTeamAgentRelation, deleteSubAgentTeamAgentRelation, SubAgentToolRelationListResponse, getAgentToolRelationByAgent, getAgentToolRelationByTool, listAgentToolRelations, SubAgentToolRelationResponse, getAgentToolRelationById, getAgentsForTool, SubAgentToolRelationApiInsertSchema, createAgentToolRelation, SubAgentToolRelationApiUpdateSchema, updateAgentToolRelation, deleteAgentToolRelation, ThirdPartyMCPServerResponse, fetchSingleComposioServer, McpToolListResponse, ToolStatusSchema, listTools, dbResultToMcpTool, McpToolResponse, getToolById, ToolApiInsertSchema, createTool, ToolApiUpdateSchema, updateTool, deleteTool, getPendingInvitationsByEmail, OAuthLoginQuerySchema, OAuthCallbackQuerySchema, CredentialStoreType, projectExists, signTempToken, FullProjectDefinitionResponse, FullProjectDefinitionSchema, createFullProjectServerSide, getFullProject, updateFullProjectServerSide, deleteFullProject, getUserOrganizations, addUserToOrganization, initiateMcpOAuthFlow, exchangeMcpAuthorizationCode, handleApiError, organization, getUserByEmail, member, createDefaultCredentialStores, CredentialStoreRegistry, validateAndGetApiKey } from '@inkeep/agents-core';
|
|
3
3
|
import { createAuth } from '@inkeep/agents-core/auth';
|
|
4
4
|
import { OpenAPIHono, createRoute, z as z$1 } from '@hono/zod-openapi';
|
|
5
5
|
import { Hono } from 'hono';
|
|
@@ -56,50 +56,6 @@ ${error.message}`
|
|
|
56
56
|
}
|
|
57
57
|
};
|
|
58
58
|
var env = parseEnv();
|
|
59
|
-
var logger = getLogger("env-key-auth");
|
|
60
|
-
var apiKeyAuth = () => createMiddleware(async (c, next) => {
|
|
61
|
-
if (env.INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET) {
|
|
62
|
-
const authHeader = c.req.header("Authorization");
|
|
63
|
-
if (!authHeader || !authHeader.startsWith("Bearer ")) {
|
|
64
|
-
throw new HTTPException(401, {
|
|
65
|
-
message: "Missing or invalid authorization header. Expected: Bearer <api_key>"
|
|
66
|
-
});
|
|
67
|
-
}
|
|
68
|
-
const apiKey = authHeader.substring(7);
|
|
69
|
-
if (apiKey === env.INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET) {
|
|
70
|
-
logger.info({}, "Bypass secret authenticated successfully");
|
|
71
|
-
await next();
|
|
72
|
-
return;
|
|
73
|
-
}
|
|
74
|
-
throw new HTTPException(401, {
|
|
75
|
-
message: "Invalid Token"
|
|
76
|
-
});
|
|
77
|
-
}
|
|
78
|
-
await next();
|
|
79
|
-
return;
|
|
80
|
-
});
|
|
81
|
-
var sessionAuth = () => createMiddleware(async (c, next) => {
|
|
82
|
-
try {
|
|
83
|
-
const user = c.get("user");
|
|
84
|
-
if (!user) {
|
|
85
|
-
throw createApiError({
|
|
86
|
-
code: "unauthorized",
|
|
87
|
-
message: "Please log in to access this resource"
|
|
88
|
-
});
|
|
89
|
-
}
|
|
90
|
-
c.set("userId", user.id);
|
|
91
|
-
c.set("userEmail", user.email);
|
|
92
|
-
await next();
|
|
93
|
-
} catch (error) {
|
|
94
|
-
if (error instanceof HTTPException) {
|
|
95
|
-
throw error;
|
|
96
|
-
}
|
|
97
|
-
throw createApiError({
|
|
98
|
-
code: "unauthorized",
|
|
99
|
-
message: "Authentication failed"
|
|
100
|
-
});
|
|
101
|
-
}
|
|
102
|
-
});
|
|
103
59
|
|
|
104
60
|
// ../node_modules/.pnpm/@electric-sql+pglite@0.3.13/node_modules/@electric-sql/pglite/dist/chunk-3WWIVTCY.js
|
|
105
61
|
var hn = {};
|
|
@@ -5164,7 +5120,58 @@ if (env.ENVIRONMENT === "test") {
|
|
|
5164
5120
|
}
|
|
5165
5121
|
var dbClient_default = dbClient;
|
|
5166
5122
|
|
|
5167
|
-
// src/middleware/
|
|
5123
|
+
// src/middleware/auth.ts
|
|
5124
|
+
var logger = getLogger("env-key-auth");
|
|
5125
|
+
var apiKeyAuth = () => createMiddleware(async (c, next) => {
|
|
5126
|
+
const authHeader = c.req.header("Authorization");
|
|
5127
|
+
if (!authHeader || !authHeader.startsWith("Bearer ")) {
|
|
5128
|
+
throw new HTTPException(401, {
|
|
5129
|
+
message: "Missing or invalid authorization header. Expected: Bearer <api_key>"
|
|
5130
|
+
});
|
|
5131
|
+
}
|
|
5132
|
+
const apiKey = authHeader.substring(7);
|
|
5133
|
+
if (env.INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET && apiKey === env.INKEEP_AGENTS_MANAGE_API_BYPASS_SECRET) {
|
|
5134
|
+
logger.info({}, "Bypass secret authenticated successfully");
|
|
5135
|
+
c.set("userId", "system");
|
|
5136
|
+
c.set("userEmail", "system@internal");
|
|
5137
|
+
await next();
|
|
5138
|
+
return;
|
|
5139
|
+
}
|
|
5140
|
+
const validatedKey = await validateAndGetApiKey(apiKey, dbClient_default);
|
|
5141
|
+
if (validatedKey) {
|
|
5142
|
+
logger.info({ keyId: validatedKey.id }, "API key authenticated successfully");
|
|
5143
|
+
c.set("userId", `apikey:${validatedKey.id}`);
|
|
5144
|
+
c.set("userEmail", `apikey-${validatedKey.id}@internal`);
|
|
5145
|
+
c.set("tenantId", validatedKey.tenantId);
|
|
5146
|
+
await next();
|
|
5147
|
+
return;
|
|
5148
|
+
}
|
|
5149
|
+
throw new HTTPException(401, {
|
|
5150
|
+
message: "Invalid Token"
|
|
5151
|
+
});
|
|
5152
|
+
});
|
|
5153
|
+
var sessionAuth = () => createMiddleware(async (c, next) => {
|
|
5154
|
+
try {
|
|
5155
|
+
const user = c.get("user");
|
|
5156
|
+
if (!user) {
|
|
5157
|
+
throw createApiError({
|
|
5158
|
+
code: "unauthorized",
|
|
5159
|
+
message: "Please log in to access this resource"
|
|
5160
|
+
});
|
|
5161
|
+
}
|
|
5162
|
+
c.set("userId", user.id);
|
|
5163
|
+
c.set("userEmail", user.email);
|
|
5164
|
+
await next();
|
|
5165
|
+
} catch (error) {
|
|
5166
|
+
if (error instanceof HTTPException) {
|
|
5167
|
+
throw error;
|
|
5168
|
+
}
|
|
5169
|
+
throw createApiError({
|
|
5170
|
+
code: "unauthorized",
|
|
5171
|
+
message: "Authentication failed"
|
|
5172
|
+
});
|
|
5173
|
+
}
|
|
5174
|
+
});
|
|
5168
5175
|
var requireTenantAccess = () => createMiddleware(async (c, next) => {
|
|
5169
5176
|
const userId = c.get("userId");
|
|
5170
5177
|
const tenantId = c.req.param("tenantId");
|
|
@@ -5180,6 +5187,25 @@ var requireTenantAccess = () => createMiddleware(async (c, next) => {
|
|
|
5180
5187
|
message: "Organization ID is required"
|
|
5181
5188
|
});
|
|
5182
5189
|
}
|
|
5190
|
+
if (userId === "system") {
|
|
5191
|
+
c.set("tenantId", tenantId);
|
|
5192
|
+
c.set("tenantRole", "owner");
|
|
5193
|
+
await next();
|
|
5194
|
+
return;
|
|
5195
|
+
}
|
|
5196
|
+
if (userId.startsWith("apikey:")) {
|
|
5197
|
+
const apiKeyTenantId = c.get("tenantId");
|
|
5198
|
+
if (apiKeyTenantId && apiKeyTenantId !== tenantId) {
|
|
5199
|
+
throw createApiError({
|
|
5200
|
+
code: "forbidden",
|
|
5201
|
+
message: "API key does not have access to this organization"
|
|
5202
|
+
});
|
|
5203
|
+
}
|
|
5204
|
+
c.set("tenantId", tenantId);
|
|
5205
|
+
c.set("tenantRole", "owner");
|
|
5206
|
+
await next();
|
|
5207
|
+
return;
|
|
5208
|
+
}
|
|
5183
5209
|
try {
|
|
5184
5210
|
const userOrganizations = await getUserOrganizations(dbClient_default)(userId);
|
|
5185
5211
|
const organizationAccess = userOrganizations.find((org) => org.organizationId === tenantId);
|
|
@@ -5374,6 +5400,10 @@ var requirePermission = (permissions) => createMiddleware(async (c, next) => {
|
|
|
5374
5400
|
const tenantId = c.get("tenantId");
|
|
5375
5401
|
const tenantRole = c.get("tenantRole");
|
|
5376
5402
|
const requiredPermissions = formatPermissionsForDisplay(permissions);
|
|
5403
|
+
if (userId === "system" || userId?.startsWith("apikey:")) {
|
|
5404
|
+
await next();
|
|
5405
|
+
return;
|
|
5406
|
+
}
|
|
5377
5407
|
if (!userId || !tenantId) {
|
|
5378
5408
|
throw createApiError({
|
|
5379
5409
|
code: "unauthorized",
|
|
@@ -12110,7 +12140,16 @@ function createManagementHono(serverConfig, credentialStores, auth) {
|
|
|
12110
12140
|
return sessionAuth()(c, next);
|
|
12111
12141
|
});
|
|
12112
12142
|
const isTestEnv = process.env.ENVIRONMENT === "test";
|
|
12113
|
-
if (
|
|
12143
|
+
if (env.DISABLE_AUTH || isTestEnv) {
|
|
12144
|
+
app29.use("/tenants/:tenantId/*", async (c, next) => {
|
|
12145
|
+
const tenantId = c.req.param("tenantId");
|
|
12146
|
+
if (tenantId) {
|
|
12147
|
+
c.set("tenantId", tenantId);
|
|
12148
|
+
c.set("userId", "anonymous");
|
|
12149
|
+
}
|
|
12150
|
+
await next();
|
|
12151
|
+
});
|
|
12152
|
+
} else {
|
|
12114
12153
|
app29.use("/tenants/:tenantId/*", requireTenantAccess());
|
|
12115
12154
|
}
|
|
12116
12155
|
app29.route("/api/users/:userId/organizations", userOrganizations_default);
|
package/dist/factory.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export { createAuth0Provider, createManagementApp, createManagementHono, createOIDCProvider, initializeDefaultUser } from './chunk-
|
|
1
|
+
export { createAuth0Provider, createManagementApp, createManagementHono, createOIDCProvider, initializeDefaultUser } from './chunk-T4UJH26R.js';
|
package/dist/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { createAuth0Provider, createManagementHono, env, initializeDefaultUser, dbClient_default } from './chunk-
|
|
2
|
-
export { createAuth0Provider, createManagementApp, createManagementHono, createOIDCProvider, initializeDefaultUser } from './chunk-
|
|
1
|
+
import { createAuth0Provider, createManagementHono, env, initializeDefaultUser, dbClient_default } from './chunk-T4UJH26R.js';
|
|
2
|
+
export { createAuth0Provider, createManagementApp, createManagementHono, createOIDCProvider, initializeDefaultUser } from './chunk-T4UJH26R.js';
|
|
3
3
|
import { createDefaultCredentialStores, CredentialStoreRegistry } from '@inkeep/agents-core';
|
|
4
4
|
import { createAuth } from '@inkeep/agents-core/auth';
|
|
5
5
|
export { Hono } from 'hono';
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@inkeep/agents-manage-api",
|
|
3
|
-
"version": "0.0.0-dev-
|
|
3
|
+
"version": "0.0.0-dev-20251125083010",
|
|
4
4
|
"description": "Agents Manage API for Inkeep Agent Framework - handles CRUD operations and OAuth",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -34,8 +34,8 @@
|
|
|
34
34
|
"openid-client": "^6.6.4",
|
|
35
35
|
"pino": "^9.7.0",
|
|
36
36
|
"zod": "^4.1.11",
|
|
37
|
-
"@inkeep/agents-core": "^0.0.0-dev-
|
|
38
|
-
"@inkeep/agents-manage-mcp": "^0.0.0-dev-
|
|
37
|
+
"@inkeep/agents-core": "^0.0.0-dev-20251125083010",
|
|
38
|
+
"@inkeep/agents-manage-mcp": "^0.0.0-dev-20251125083010"
|
|
39
39
|
},
|
|
40
40
|
"optionalDependencies": {
|
|
41
41
|
"keytar": "^7.9.0"
|