@inkeep/agents-manage-api 0.40.0 → 0.41.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/factory.d.ts +2 -2
- package/dist/index.d.ts +67 -58
- package/dist/middleware/auth.d.ts +2 -2
- package/dist/middleware/auth.js +9 -0
- package/dist/middleware/require-permission.d.ts +2 -2
- package/dist/middleware/session-auth.d.ts +2 -2
- package/dist/middleware/tenant-access.d.ts +2 -2
- package/dist/routes/artifactComponents.js +3 -1
- package/dist/routes/conversations.d.ts +2 -2
- package/dist/routes/index.d.ts +2 -2
- package/package.json +3 -3
package/dist/factory.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { createManagementHono } from "./create-app.js";
|
|
2
2
|
import { initializeDefaultUser } from "./initialization.js";
|
|
3
3
|
import { createAuth0Provider, createOIDCProvider } from "./sso-helpers.js";
|
|
4
|
-
import * as
|
|
4
|
+
import * as hono0 from "hono";
|
|
5
5
|
import { CredentialStore, ServerConfig } from "@inkeep/agents-core";
|
|
6
6
|
import { SSOProviderConfig, UserAuthConfig } from "@inkeep/agents-core/auth";
|
|
7
7
|
import * as hono_types1 from "hono/types";
|
|
@@ -12,6 +12,6 @@ declare function createManagementApp(config?: {
|
|
|
12
12
|
credentialStores?: CredentialStore[];
|
|
13
13
|
auth?: UserAuthConfig;
|
|
14
14
|
skipInitialization?: boolean;
|
|
15
|
-
}):
|
|
15
|
+
}): hono0.Hono<hono_types1.BlankEnv, hono_types1.BlankSchema, "/">;
|
|
16
16
|
//#endregion
|
|
17
17
|
export { type SSOProviderConfig, type UserAuthConfig, createAuth0Provider, createManagementApp, createManagementHono, createOIDCProvider, initializeDefaultUser };
|
package/dist/index.d.ts
CHANGED
|
@@ -4,10 +4,9 @@ import { createAuth0Provider, createOIDCProvider } from "./sso-helpers.js";
|
|
|
4
4
|
import { SSOProviderConfig, UserAuthConfig, createManagementApp } from "./factory.js";
|
|
5
5
|
import { Hono } from "hono";
|
|
6
6
|
import * as better_auth0 from "better-auth";
|
|
7
|
-
import * as
|
|
7
|
+
import * as better_auth_plugins0 from "better-auth/plugins";
|
|
8
8
|
import * as zod0 from "zod";
|
|
9
9
|
import * as _better_auth_sso0 from "@better-auth/sso";
|
|
10
|
-
import * as better_auth_plugins0 from "better-auth/plugins";
|
|
11
10
|
|
|
12
11
|
//#region src/index.d.ts
|
|
13
12
|
declare const auth: better_auth0.Auth<{
|
|
@@ -44,9 +43,9 @@ declare const auth: better_auth0.Auth<{
|
|
|
44
43
|
[key: string]: any;
|
|
45
44
|
};
|
|
46
45
|
data: any;
|
|
47
|
-
}>) | undefined;
|
|
46
|
+
} | null>) | undefined;
|
|
48
47
|
refreshAccessToken?: ((refreshToken: string) => Promise<better_auth0.OAuth2Tokens>) | undefined;
|
|
49
|
-
mapProfileToUser?: ((profile:
|
|
48
|
+
mapProfileToUser?: ((profile: better_auth0.GoogleProfile) => {
|
|
50
49
|
id?: string;
|
|
51
50
|
name?: string;
|
|
52
51
|
email?: string | null;
|
|
@@ -104,6 +103,9 @@ declare const auth: better_auth0.Auth<{
|
|
|
104
103
|
generateId?: better_auth0.GenerateIdFn | false | "serial" | "uuid";
|
|
105
104
|
} | undefined;
|
|
106
105
|
trustedProxyHeaders?: boolean | undefined;
|
|
106
|
+
backgroundTasks?: {
|
|
107
|
+
handler: (promise: Promise<void>) => void;
|
|
108
|
+
};
|
|
107
109
|
};
|
|
108
110
|
trustedOrigins: string[];
|
|
109
111
|
plugins: [{
|
|
@@ -122,6 +124,7 @@ declare const auth: better_auth0.Auth<{
|
|
|
122
124
|
handler: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<void>;
|
|
123
125
|
}[];
|
|
124
126
|
};
|
|
127
|
+
options: better_auth_plugins0.BearerOptions | undefined;
|
|
125
128
|
}, {
|
|
126
129
|
id: "sso";
|
|
127
130
|
endpoints: {
|
|
@@ -146,8 +149,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
146
149
|
};
|
|
147
150
|
};
|
|
148
151
|
};
|
|
149
|
-
} & {
|
|
150
|
-
use: any[];
|
|
151
152
|
}, Response>>;
|
|
152
153
|
registerSSOProvider: better_auth0.StrictEndpoint<"/sso/register", {
|
|
153
154
|
method: "POST";
|
|
@@ -167,6 +168,7 @@ declare const auth: better_auth0.Auth<{
|
|
|
167
168
|
}>>;
|
|
168
169
|
jwksEndpoint: zod0.ZodOptional<zod0.ZodString>;
|
|
169
170
|
discoveryEndpoint: zod0.ZodOptional<zod0.ZodString>;
|
|
171
|
+
skipDiscovery: zod0.ZodOptional<zod0.ZodBoolean>;
|
|
170
172
|
scopes: zod0.ZodOptional<zod0.ZodArray<zod0.ZodString>>;
|
|
171
173
|
pkce: zod0.ZodOptional<zod0.ZodDefault<zod0.ZodBoolean>>;
|
|
172
174
|
mapping: zod0.ZodOptional<zod0.ZodObject<{
|
|
@@ -411,9 +413,11 @@ declare const auth: better_auth0.Auth<{
|
|
|
411
413
|
};
|
|
412
414
|
};
|
|
413
415
|
};
|
|
414
|
-
} & {
|
|
415
|
-
use: any[];
|
|
416
416
|
}, {
|
|
417
|
+
redirectURI: string;
|
|
418
|
+
oidcConfig: _better_auth_sso0.OIDCConfig | null;
|
|
419
|
+
samlConfig: _better_auth_sso0.SAMLConfig | null;
|
|
420
|
+
} & Omit<{
|
|
417
421
|
issuer: string;
|
|
418
422
|
oidcConfig?: _better_auth_sso0.OIDCConfig | undefined;
|
|
419
423
|
samlConfig?: _better_auth_sso0.SAMLConfig | undefined;
|
|
@@ -421,7 +425,7 @@ declare const auth: better_auth0.Auth<{
|
|
|
421
425
|
providerId: string;
|
|
422
426
|
organizationId?: string | undefined;
|
|
423
427
|
domain: string;
|
|
424
|
-
}
|
|
428
|
+
}, "oidcConfig" | "samlConfig">>;
|
|
425
429
|
signInSSO: ReturnType<(options?: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sign-in/sso", {
|
|
426
430
|
method: "POST";
|
|
427
431
|
body: zod0.ZodObject<{
|
|
@@ -436,8 +440,8 @@ declare const auth: better_auth0.Auth<{
|
|
|
436
440
|
loginHint: zod0.ZodOptional<zod0.ZodString>;
|
|
437
441
|
requestSignUp: zod0.ZodOptional<zod0.ZodBoolean>;
|
|
438
442
|
providerType: zod0.ZodOptional<zod0.ZodEnum<{
|
|
439
|
-
oidc: "oidc";
|
|
440
443
|
saml: "saml";
|
|
444
|
+
oidc: "oidc";
|
|
441
445
|
}>>;
|
|
442
446
|
}, better_auth0.$strip>;
|
|
443
447
|
metadata: {
|
|
@@ -512,8 +516,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
512
516
|
};
|
|
513
517
|
};
|
|
514
518
|
};
|
|
515
|
-
} & {
|
|
516
|
-
use: any[];
|
|
517
519
|
}, {
|
|
518
520
|
url: string;
|
|
519
521
|
redirect: boolean;
|
|
@@ -528,7 +530,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
528
530
|
}, better_auth0.$strip>;
|
|
529
531
|
allowedMediaTypes: string[];
|
|
530
532
|
metadata: {
|
|
531
|
-
isAction: false;
|
|
532
533
|
openapi: {
|
|
533
534
|
operationId: string;
|
|
534
535
|
summary: string;
|
|
@@ -539,9 +540,8 @@ declare const auth: better_auth0.Auth<{
|
|
|
539
540
|
};
|
|
540
541
|
};
|
|
541
542
|
};
|
|
543
|
+
scope: "server";
|
|
542
544
|
};
|
|
543
|
-
} & {
|
|
544
|
-
use: any[];
|
|
545
545
|
}, never>>;
|
|
546
546
|
callbackSSOSAML: ReturnType<(options?: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/saml2/callback/:providerId", {
|
|
547
547
|
method: "POST";
|
|
@@ -550,7 +550,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
550
550
|
RelayState: zod0.ZodOptional<zod0.ZodString>;
|
|
551
551
|
}, better_auth0.$strip>;
|
|
552
552
|
metadata: {
|
|
553
|
-
isAction: false;
|
|
554
553
|
allowedMediaTypes: string[];
|
|
555
554
|
openapi: {
|
|
556
555
|
operationId: string;
|
|
@@ -568,9 +567,8 @@ declare const auth: better_auth0.Auth<{
|
|
|
568
567
|
};
|
|
569
568
|
};
|
|
570
569
|
};
|
|
570
|
+
scope: "server";
|
|
571
571
|
};
|
|
572
|
-
} & {
|
|
573
|
-
use: any[];
|
|
574
572
|
}, never>>;
|
|
575
573
|
acsEndpoint: ReturnType<(options?: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/saml2/sp/acs/:providerId", {
|
|
576
574
|
method: "POST";
|
|
@@ -582,7 +580,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
582
580
|
RelayState: zod0.ZodOptional<zod0.ZodString>;
|
|
583
581
|
}, better_auth0.$strip>;
|
|
584
582
|
metadata: {
|
|
585
|
-
isAction: false;
|
|
586
583
|
allowedMediaTypes: string[];
|
|
587
584
|
openapi: {
|
|
588
585
|
operationId: string;
|
|
@@ -594,9 +591,8 @@ declare const auth: better_auth0.Auth<{
|
|
|
594
591
|
};
|
|
595
592
|
};
|
|
596
593
|
};
|
|
594
|
+
scope: "server";
|
|
597
595
|
};
|
|
598
|
-
} & {
|
|
599
|
-
use: any[];
|
|
600
596
|
}, never>>;
|
|
601
597
|
} & {
|
|
602
598
|
requestDomainVerification: ReturnType<(options: _better_auth_sso0.SSOOptions) => better_auth0.StrictEndpoint<"/sso/request-domain-verification", {
|
|
@@ -644,8 +640,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
644
640
|
};
|
|
645
641
|
};
|
|
646
642
|
}>)[];
|
|
647
|
-
} & {
|
|
648
|
-
use: any[];
|
|
649
643
|
}, {
|
|
650
644
|
domainVerificationToken: string;
|
|
651
645
|
}>>;
|
|
@@ -697,8 +691,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
697
691
|
};
|
|
698
692
|
};
|
|
699
693
|
}>)[];
|
|
700
|
-
} & {
|
|
701
|
-
use: any[];
|
|
702
694
|
}, void>>;
|
|
703
695
|
};
|
|
704
696
|
schema: any;
|
|
@@ -709,7 +701,9 @@ declare const auth: better_auth0.Auth<{
|
|
|
709
701
|
};
|
|
710
702
|
}, {
|
|
711
703
|
id: "oauth-proxy";
|
|
712
|
-
options:
|
|
704
|
+
options: NoInfer<{
|
|
705
|
+
productionURL: string;
|
|
706
|
+
}>;
|
|
713
707
|
endpoints: {
|
|
714
708
|
oAuthProxy: better_auth0.StrictEndpoint<"/oauth-proxy-callback", {
|
|
715
709
|
method: "GET";
|
|
@@ -744,8 +738,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
744
738
|
};
|
|
745
739
|
};
|
|
746
740
|
};
|
|
747
|
-
} & {
|
|
748
|
-
use: any[];
|
|
749
741
|
}, never>;
|
|
750
742
|
};
|
|
751
743
|
hooks: {
|
|
@@ -765,25 +757,25 @@ declare const auth: better_auth0.Auth<{
|
|
|
765
757
|
ac: better_auth_plugins0.AccessControl;
|
|
766
758
|
roles: {
|
|
767
759
|
member: {
|
|
768
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
769
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
760
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
761
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
770
762
|
connector: "OR" | "AND";
|
|
771
763
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
772
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
764
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
773
765
|
};
|
|
774
766
|
admin: {
|
|
775
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
776
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
767
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
768
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
777
769
|
connector: "OR" | "AND";
|
|
778
770
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
779
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
771
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
780
772
|
};
|
|
781
773
|
owner: {
|
|
782
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
783
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
774
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
775
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
784
776
|
connector: "OR" | "AND";
|
|
785
777
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
786
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
778
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
787
779
|
};
|
|
788
780
|
};
|
|
789
781
|
membershipLimit: number;
|
|
@@ -1039,30 +1031,30 @@ declare const auth: better_auth0.Auth<{
|
|
|
1039
1031
|
readonly ROLE_NAME_IS_ALREADY_TAKEN: "That role name is already taken";
|
|
1040
1032
|
readonly CANNOT_DELETE_A_PRE_DEFINED_ROLE: "Cannot delete a pre-defined role";
|
|
1041
1033
|
};
|
|
1042
|
-
options: {
|
|
1034
|
+
options: NoInfer<{
|
|
1043
1035
|
allowUserToCreateOrganization: true;
|
|
1044
1036
|
ac: better_auth_plugins0.AccessControl;
|
|
1045
1037
|
roles: {
|
|
1046
1038
|
member: {
|
|
1047
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
1048
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1039
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
1040
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
1049
1041
|
connector: "OR" | "AND";
|
|
1050
1042
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
1051
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1043
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
1052
1044
|
};
|
|
1053
1045
|
admin: {
|
|
1054
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
1055
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1046
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
1047
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
1056
1048
|
connector: "OR" | "AND";
|
|
1057
1049
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
1058
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1050
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
1059
1051
|
};
|
|
1060
1052
|
owner: {
|
|
1061
|
-
authorize<K_1 extends "function" | "organization" | "agent" | "
|
|
1062
|
-
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1053
|
+
authorize<K_1 extends "function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key] | {
|
|
1054
|
+
actions: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>[key];
|
|
1063
1055
|
connector: "OR" | "AND";
|
|
1064
1056
|
} | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
|
|
1065
|
-
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "
|
|
1057
|
+
statements: better_auth_plugins0.Subset<"function" | "organization" | "agent" | "project" | "tool" | "invitation" | "member" | "credential" | "ac" | "sub_agent" | "api_key" | "data_component" | "artifact_component" | "external_agent" | "context_config" | "team", better_auth_plugins0.Statements>;
|
|
1066
1058
|
};
|
|
1067
1059
|
};
|
|
1068
1060
|
membershipLimit: number;
|
|
@@ -1078,7 +1070,7 @@ declare const auth: better_auth0.Auth<{
|
|
|
1078
1070
|
user: better_auth0.User;
|
|
1079
1071
|
};
|
|
1080
1072
|
}): Promise<void>;
|
|
1081
|
-
}
|
|
1073
|
+
}>;
|
|
1082
1074
|
}, {
|
|
1083
1075
|
id: "device-authorization";
|
|
1084
1076
|
schema: {
|
|
@@ -1201,8 +1193,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
1201
1193
|
};
|
|
1202
1194
|
};
|
|
1203
1195
|
};
|
|
1204
|
-
} & {
|
|
1205
|
-
use: any[];
|
|
1206
1196
|
}, {
|
|
1207
1197
|
device_code: string;
|
|
1208
1198
|
user_code: string;
|
|
@@ -1273,8 +1263,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
1273
1263
|
};
|
|
1274
1264
|
};
|
|
1275
1265
|
};
|
|
1276
|
-
} & {
|
|
1277
|
-
use: any[];
|
|
1278
1266
|
}, {
|
|
1279
1267
|
access_token: string;
|
|
1280
1268
|
token_type: string;
|
|
@@ -1320,8 +1308,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
1320
1308
|
};
|
|
1321
1309
|
};
|
|
1322
1310
|
};
|
|
1323
|
-
} & {
|
|
1324
|
-
use: any[];
|
|
1325
1311
|
}, {
|
|
1326
1312
|
user_code: string;
|
|
1327
1313
|
status: string;
|
|
@@ -1362,8 +1348,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
1362
1348
|
};
|
|
1363
1349
|
};
|
|
1364
1350
|
};
|
|
1365
|
-
} & {
|
|
1366
|
-
use: any[];
|
|
1367
1351
|
}, {
|
|
1368
1352
|
success: boolean;
|
|
1369
1353
|
}>;
|
|
@@ -1401,8 +1385,6 @@ declare const auth: better_auth0.Auth<{
|
|
|
1401
1385
|
};
|
|
1402
1386
|
};
|
|
1403
1387
|
};
|
|
1404
|
-
} & {
|
|
1405
|
-
use: any[];
|
|
1406
1388
|
}, {
|
|
1407
1389
|
success: boolean;
|
|
1408
1390
|
}>;
|
|
@@ -1421,6 +1403,33 @@ declare const auth: better_auth0.Auth<{
|
|
|
1421
1403
|
readonly INVALID_DEVICE_CODE_STATUS: "Invalid device code status";
|
|
1422
1404
|
readonly AUTHENTICATION_REQUIRED: "Authentication required";
|
|
1423
1405
|
};
|
|
1406
|
+
options: Partial<{
|
|
1407
|
+
expiresIn: better_auth_plugins0.TimeString;
|
|
1408
|
+
interval: better_auth_plugins0.TimeString;
|
|
1409
|
+
deviceCodeLength: number;
|
|
1410
|
+
userCodeLength: number;
|
|
1411
|
+
schema: {
|
|
1412
|
+
deviceCode?: {
|
|
1413
|
+
modelName?: string | undefined;
|
|
1414
|
+
fields?: {
|
|
1415
|
+
deviceCode?: string | undefined;
|
|
1416
|
+
userCode?: string | undefined;
|
|
1417
|
+
userId?: string | undefined;
|
|
1418
|
+
expiresAt?: string | undefined;
|
|
1419
|
+
status?: string | undefined;
|
|
1420
|
+
lastPolledAt?: string | undefined;
|
|
1421
|
+
pollingInterval?: string | undefined;
|
|
1422
|
+
clientId?: string | undefined;
|
|
1423
|
+
scope?: string | undefined;
|
|
1424
|
+
} | undefined;
|
|
1425
|
+
} | undefined;
|
|
1426
|
+
};
|
|
1427
|
+
generateDeviceCode?: (() => string | Promise<string>) | undefined;
|
|
1428
|
+
generateUserCode?: (() => string | Promise<string>) | undefined;
|
|
1429
|
+
validateClient?: ((clientId: string) => boolean | Promise<boolean>) | undefined;
|
|
1430
|
+
onDeviceAuthRequest?: ((clientId: string, scope: string | undefined) => void | Promise<void>) | undefined;
|
|
1431
|
+
verificationUri?: string | undefined;
|
|
1432
|
+
}>;
|
|
1424
1433
|
}];
|
|
1425
1434
|
}> | null;
|
|
1426
1435
|
declare const app: Hono;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as hono0 from "hono";
|
|
2
2
|
import { ExecutionContext } from "@inkeep/agents-core";
|
|
3
3
|
import { createAuth } from "@inkeep/agents-core/auth";
|
|
4
4
|
|
|
@@ -11,7 +11,7 @@ import { createAuth } from "@inkeep/agents-core/auth";
|
|
|
11
11
|
* 2. Better-auth session token (from device authorization flow)
|
|
12
12
|
* 3. Database API key
|
|
13
13
|
*/
|
|
14
|
-
declare const apiKeyAuth: () =>
|
|
14
|
+
declare const apiKeyAuth: () => hono0.MiddlewareHandler<{
|
|
15
15
|
Variables: {
|
|
16
16
|
executionContext: ExecutionContext;
|
|
17
17
|
userId?: string;
|
package/dist/middleware/auth.js
CHANGED
|
@@ -28,6 +28,15 @@ const apiKeyAuth = () => createMiddleware(async (c, next) => {
|
|
|
28
28
|
if (auth) try {
|
|
29
29
|
const headers = new Headers();
|
|
30
30
|
headers.set("Authorization", authHeader);
|
|
31
|
+
const forwardedCookie = c.req.header("x-forwarded-cookie");
|
|
32
|
+
const cookie = c.req.header("cookie");
|
|
33
|
+
if (forwardedCookie) {
|
|
34
|
+
headers.set("cookie", forwardedCookie);
|
|
35
|
+
logger.debug({ source: "x-forwarded-cookie" }, "Using x-forwarded-cookie for session validation");
|
|
36
|
+
} else if (cookie) {
|
|
37
|
+
headers.set("cookie", cookie);
|
|
38
|
+
logger.debug({ source: "cookie" }, "Using cookie for session validation");
|
|
39
|
+
}
|
|
31
40
|
const session = await auth.api.getSession({ headers });
|
|
32
41
|
if (session?.user) {
|
|
33
42
|
logger.info({ userId: session.user.id }, "Better-auth session authenticated successfully");
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as hono1 from "hono";
|
|
2
2
|
import { createAuth } from "@inkeep/agents-core/auth";
|
|
3
3
|
|
|
4
4
|
//#region src/middleware/require-permission.d.ts
|
|
@@ -14,6 +14,6 @@ type MinimalAuthVariables = {
|
|
|
14
14
|
tenantRole: string;
|
|
15
15
|
};
|
|
16
16
|
};
|
|
17
|
-
declare const requirePermission: <Env$1 extends MinimalAuthVariables = MinimalAuthVariables>(permissions: Permission) =>
|
|
17
|
+
declare const requirePermission: <Env$1 extends MinimalAuthVariables = MinimalAuthVariables>(permissions: Permission) => hono1.MiddlewareHandler<Env$1, string, {}, Response>;
|
|
18
18
|
//#endregion
|
|
19
19
|
export { requirePermission };
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as hono2 from "hono";
|
|
2
2
|
|
|
3
3
|
//#region src/middleware/session-auth.d.ts
|
|
4
|
-
declare const sessionAuth: () =>
|
|
4
|
+
declare const sessionAuth: () => hono2.MiddlewareHandler<any, string, {}, Response>;
|
|
5
5
|
//#endregion
|
|
6
6
|
export { sessionAuth };
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import * as
|
|
1
|
+
import * as hono3 from "hono";
|
|
2
2
|
|
|
3
3
|
//#region src/middleware/tenant-access.d.ts
|
|
4
|
-
declare const requireTenantAccess: () =>
|
|
4
|
+
declare const requireTenantAccess: () => hono3.MiddlewareHandler<{
|
|
5
5
|
Variables: {
|
|
6
6
|
userId: string;
|
|
7
7
|
tenantId: string;
|
|
@@ -112,7 +112,8 @@ app.openapi(createRoute({
|
|
|
112
112
|
id: finalId,
|
|
113
113
|
name: String(body.name),
|
|
114
114
|
description: String(body.description),
|
|
115
|
-
props: body.props ?? null
|
|
115
|
+
props: body.props ?? null,
|
|
116
|
+
render: body.render ?? null
|
|
116
117
|
};
|
|
117
118
|
try {
|
|
118
119
|
const artifactComponent = await createArtifactComponent(dbClient_default)({ ...componentData });
|
|
@@ -156,6 +157,7 @@ app.openapi(createRoute({
|
|
|
156
157
|
if (body.name !== void 0) updateData.name = String(body.name);
|
|
157
158
|
if (body.description !== void 0) updateData.description = String(body.description);
|
|
158
159
|
if (body.props !== void 0) updateData.props = body.props ?? null;
|
|
160
|
+
if (body.render !== void 0) updateData.render = body.render ?? null;
|
|
159
161
|
const updatedArtifactComponent = await updateArtifactComponent(dbClient_default)({
|
|
160
162
|
scopes: {
|
|
161
163
|
tenantId,
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { OpenAPIHono } from "@hono/zod-openapi";
|
|
2
|
-
import * as
|
|
2
|
+
import * as hono4 from "hono";
|
|
3
3
|
|
|
4
4
|
//#region src/routes/conversations.d.ts
|
|
5
|
-
declare const app: OpenAPIHono<
|
|
5
|
+
declare const app: OpenAPIHono<hono4.Env, {}, "/">;
|
|
6
6
|
//#endregion
|
|
7
7
|
export { app as default };
|
package/dist/routes/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { OpenAPIHono } from "@hono/zod-openapi";
|
|
2
|
-
import * as
|
|
2
|
+
import * as hono5 from "hono";
|
|
3
3
|
|
|
4
4
|
//#region src/routes/index.d.ts
|
|
5
|
-
declare const app: OpenAPIHono<
|
|
5
|
+
declare const app: OpenAPIHono<hono5.Env, {}, "/">;
|
|
6
6
|
//#endregion
|
|
7
7
|
export { app as default };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@inkeep/agents-manage-api",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.41.1",
|
|
4
4
|
"description": "Agents Manage API for Inkeep Agent Framework - handles CRUD operations and OAuth",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -28,8 +28,8 @@
|
|
|
28
28
|
"nanoid": "^5.1.5",
|
|
29
29
|
"openid-client": "^6.6.4",
|
|
30
30
|
"pino": "^9.7.0",
|
|
31
|
-
"@inkeep/agents-core": "^0.
|
|
32
|
-
"@inkeep/agents-manage-mcp": "^0.
|
|
31
|
+
"@inkeep/agents-core": "^0.41.1",
|
|
32
|
+
"@inkeep/agents-manage-mcp": "^0.41.1"
|
|
33
33
|
},
|
|
34
34
|
"peerDependencies": {
|
|
35
35
|
"@hono/zod-openapi": "^1.1.5",
|