@inspectr/mcplab 1.12.1 → 1.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/assets/index-B3_k1eZO.js +250 -0
- package/dist/app/assets/index-C3E9mFQO.css +1 -0
- package/dist/app/index.html +2 -2
- package/dist/app-server/app-context.d.ts +91 -141
- package/dist/app-server/app-context.d.ts.map +1 -1
- package/dist/app-server/http.d.ts +2 -1
- package/dist/app-server/http.d.ts.map +1 -1
- package/dist/app-server/http.js +5 -0
- package/dist/app-server/http.js.map +1 -1
- package/dist/app-server/oauth-debugger-domain.d.ts +182 -202
- package/dist/app-server/oauth-debugger-domain.d.ts.map +1 -1
- package/dist/app-server/oauth-debugger-domain.js +58 -10
- package/dist/app-server/oauth-debugger-domain.js.map +1 -1
- package/dist/app-server/oauth-debugger.d.ts +10 -17
- package/dist/app-server/oauth-debugger.d.ts.map +1 -1
- package/dist/app-server/oauth-debugger.js +233 -2
- package/dist/app-server/oauth-debugger.js.map +1 -1
- package/dist/app-server/result-assistant-domain.js +1 -1
- package/dist/app-server/result-assistant-domain.js.map +1 -1
- package/dist/app-server/result-assistant-tools.d.ts.map +1 -1
- package/dist/app-server/result-assistant-tools.js +3 -2
- package/dist/app-server/result-assistant-tools.js.map +1 -1
- package/dist/app-server/router.d.ts.map +1 -1
- package/dist/app-server/router.js +2 -1
- package/dist/app-server/router.js.map +1 -1
- package/dist/app-server/tool-analysis-domain.d.ts +163 -178
- package/dist/app-server/tool-analysis-domain.d.ts.map +1 -1
- package/dist/app-server/tool-analysis-domain.js +17 -4
- package/dist/app-server/tool-analysis-domain.js.map +1 -1
- package/dist/app-server/tool-analysis.d.ts.map +1 -1
- package/dist/app-server/tool-analysis.js +24 -1
- package/dist/app-server/tool-analysis.js.map +1 -1
- package/dist/cli.js +159 -0
- package/dist/cli.js.map +1 -1
- package/dist/results/context.d.ts +3 -0
- package/dist/results/context.d.ts.map +1 -0
- package/dist/results/context.js +2 -0
- package/dist/results/context.js.map +1 -0
- package/dist/results/format.d.ts +21 -0
- package/dist/results/format.d.ts.map +1 -0
- package/dist/results/format.js +92 -0
- package/dist/results/format.js.map +1 -0
- package/dist/results/indexer.d.ts +9 -0
- package/dist/results/indexer.d.ts.map +1 -0
- package/dist/results/indexer.js +2 -0
- package/dist/results/indexer.js.map +1 -0
- package/dist/results/search.d.ts +2 -0
- package/dist/results/search.d.ts.map +1 -0
- package/dist/results/search.js +2 -0
- package/dist/results/search.js.map +1 -0
- package/dist/results/types.d.ts +11 -0
- package/dist/results/types.d.ts.map +1 -0
- package/dist/results/types.js +2 -0
- package/dist/results/types.js.map +1 -0
- package/dist/test-results-fixture.d.ts +7 -0
- package/dist/test-results-fixture.d.ts.map +1 -0
- package/dist/test-results-fixture.js +82 -0
- package/dist/test-results-fixture.js.map +1 -0
- package/package.json +6 -6
- package/dist/app/assets/index-Djwh_08m.js +0 -249
- package/dist/app/assets/index-cqsnfkao.css +0 -1
|
@@ -1,238 +1,218 @@
|
|
|
1
1
|
import type { ServerResponse } from 'node:http';
|
|
2
2
|
import type { EvalConfig } from '@inspectr/mcplab-core';
|
|
3
|
-
type SessionStatus =
|
|
4
|
-
| 'configuring'
|
|
5
|
-
| 'running'
|
|
6
|
-
| 'waiting_for_user'
|
|
7
|
-
| 'waiting_for_browser_callback'
|
|
8
|
-
| 'completed'
|
|
9
|
-
| 'error'
|
|
10
|
-
| 'stopped';
|
|
3
|
+
type SessionStatus = 'configuring' | 'running' | 'waiting_for_user' | 'waiting_for_browser_callback' | 'completed' | 'error' | 'stopped';
|
|
11
4
|
type RegistrationMethod = 'pre_registered' | 'dcr' | 'cimd';
|
|
12
5
|
export interface OAuthDebuggerSessionConfigInput {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
6
|
+
profile: 'latest';
|
|
7
|
+
target: {
|
|
8
|
+
serverName: string;
|
|
9
|
+
overrides?: {
|
|
10
|
+
authorizationServerMetadataUrl?: string;
|
|
11
|
+
authorizationEndpoint?: string;
|
|
12
|
+
tokenEndpoint?: string;
|
|
13
|
+
registrationEndpoint?: string;
|
|
14
|
+
cimdUrl?: string;
|
|
15
|
+
resourceBaseUrl?: string;
|
|
16
|
+
};
|
|
23
17
|
};
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
18
|
+
registrationMethod: RegistrationMethod;
|
|
19
|
+
clientConfig: {
|
|
20
|
+
preRegistered?: {
|
|
21
|
+
clientId: string;
|
|
22
|
+
clientSecret?: string;
|
|
23
|
+
tokenEndpointAuthMethod?: string;
|
|
24
|
+
};
|
|
25
|
+
dcr?: {
|
|
26
|
+
metadata?: Record<string, unknown>;
|
|
27
|
+
tokenEndpointAuthMethod?: string;
|
|
28
|
+
};
|
|
29
|
+
cimd?: {
|
|
30
|
+
cimdUrl?: string;
|
|
31
|
+
expectedClientId?: string;
|
|
32
|
+
};
|
|
31
33
|
};
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
34
|
+
runtime: {
|
|
35
|
+
redirectMode: 'local_callback' | 'manual';
|
|
36
|
+
scopes?: string[];
|
|
37
|
+
resource?: string;
|
|
38
|
+
usePkce?: boolean;
|
|
39
|
+
codeChallengeMethod?: 'S256';
|
|
40
|
+
state?: string;
|
|
41
|
+
nonce?: string;
|
|
42
|
+
extraAuthParams?: Record<string, string>;
|
|
35
43
|
};
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
expectedClientId?: string;
|
|
44
|
+
display?: {
|
|
45
|
+
showSensitiveValues?: boolean;
|
|
39
46
|
};
|
|
40
|
-
};
|
|
41
|
-
runtime: {
|
|
42
|
-
redirectMode: 'local_callback' | 'manual';
|
|
43
|
-
scopes?: string[];
|
|
44
|
-
resource?: string;
|
|
45
|
-
usePkce?: boolean;
|
|
46
|
-
codeChallengeMethod?: 'S256';
|
|
47
|
-
state?: string;
|
|
48
|
-
nonce?: string;
|
|
49
|
-
extraAuthParams?: Record<string, string>;
|
|
50
|
-
};
|
|
51
|
-
display?: {
|
|
52
|
-
showSensitiveValues?: boolean;
|
|
53
|
-
};
|
|
54
47
|
}
|
|
55
48
|
export interface OAuthNetworkExchange {
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
49
|
+
id: string;
|
|
50
|
+
stepId: string;
|
|
51
|
+
kind: 'http';
|
|
52
|
+
phase: 'request' | 'response';
|
|
53
|
+
label: string;
|
|
54
|
+
method?: string;
|
|
55
|
+
url: string;
|
|
56
|
+
headers: Record<string, string>;
|
|
57
|
+
bodyText?: string;
|
|
58
|
+
status?: number;
|
|
59
|
+
durationMs?: number;
|
|
60
|
+
timestamp: string;
|
|
61
|
+
sensitiveFields?: Array<{
|
|
62
|
+
path: string;
|
|
63
|
+
type: 'token' | 'secret' | 'authorization_header';
|
|
64
|
+
}>;
|
|
72
65
|
}
|
|
73
66
|
export interface OAuthValidationFinding {
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
67
|
+
id: string;
|
|
68
|
+
stepId: string;
|
|
69
|
+
severity: 'error' | 'warning' | 'info';
|
|
70
|
+
code: string;
|
|
71
|
+
title: string;
|
|
72
|
+
detail: string;
|
|
73
|
+
specReference?: string;
|
|
74
|
+
recommendation?: string;
|
|
82
75
|
}
|
|
83
76
|
export interface OAuthDebuggerStepState {
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
77
|
+
id: string;
|
|
78
|
+
title: string;
|
|
79
|
+
description: string;
|
|
80
|
+
status: 'pending' | 'active' | 'completed' | 'failed' | 'skipped';
|
|
81
|
+
startedAt?: string;
|
|
82
|
+
finishedAt?: string;
|
|
83
|
+
outcomeSummary?: string;
|
|
84
|
+
teachableMoment?: string;
|
|
85
|
+
networkExchangeIds: string[];
|
|
86
|
+
validationIds: string[];
|
|
94
87
|
}
|
|
95
88
|
export interface OAuthSequenceEvent {
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
89
|
+
id: string;
|
|
90
|
+
ts: string;
|
|
91
|
+
from: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
|
|
92
|
+
to: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
|
|
93
|
+
label: string;
|
|
94
|
+
stepId?: string;
|
|
95
|
+
networkExchangeId?: string;
|
|
103
96
|
}
|
|
104
97
|
export interface OAuthDebuggerSession {
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
>
|
|
119
|
-
> &
|
|
120
|
-
Omit<
|
|
121
|
-
OAuthDebuggerSessionConfigInput['runtime'],
|
|
122
|
-
'redirectMode' | 'usePkce' | 'codeChallengeMethod'
|
|
123
|
-
>;
|
|
124
|
-
display: {
|
|
125
|
-
showSensitiveValues: boolean;
|
|
98
|
+
id: string;
|
|
99
|
+
createdAt: number;
|
|
100
|
+
updatedAt: number;
|
|
101
|
+
status: SessionStatus;
|
|
102
|
+
config: {
|
|
103
|
+
profile: 'latest';
|
|
104
|
+
target: OAuthDebuggerSessionConfigInput['target'];
|
|
105
|
+
registrationMethod: RegistrationMethod;
|
|
106
|
+
clientConfig: OAuthDebuggerSessionConfigInput['clientConfig'];
|
|
107
|
+
runtime: Required<Pick<OAuthDebuggerSessionConfigInput['runtime'], 'redirectMode' | 'usePkce' | 'codeChallengeMethod'>> & Omit<OAuthDebuggerSessionConfigInput['runtime'], 'redirectMode' | 'usePkce' | 'codeChallengeMethod'>;
|
|
108
|
+
display: {
|
|
109
|
+
showSensitiveValues: boolean;
|
|
110
|
+
};
|
|
126
111
|
};
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
112
|
+
steps: OAuthDebuggerStepState[];
|
|
113
|
+
validations: OAuthValidationFinding[];
|
|
114
|
+
network: OAuthNetworkExchange[];
|
|
115
|
+
sequence: OAuthSequenceEvent[];
|
|
116
|
+
events: Array<{
|
|
117
|
+
type: string;
|
|
118
|
+
ts: string;
|
|
119
|
+
payload: Record<string, unknown>;
|
|
120
|
+
}>;
|
|
121
|
+
clients: Set<ServerResponse>;
|
|
122
|
+
abortController: AbortController;
|
|
123
|
+
serverConfig?: EvalConfig['servers'][string];
|
|
124
|
+
context: {
|
|
125
|
+
resourceMetadata?: any;
|
|
126
|
+
authServerMetadata?: any;
|
|
127
|
+
registration?: any;
|
|
128
|
+
resolvedClient?: {
|
|
129
|
+
clientId: string;
|
|
130
|
+
clientSecret?: string;
|
|
131
|
+
tokenEndpointAuthMethod?: string;
|
|
132
|
+
};
|
|
133
|
+
pkce?: {
|
|
134
|
+
verifier: string;
|
|
135
|
+
challenge: string;
|
|
136
|
+
method: 'S256';
|
|
137
|
+
};
|
|
138
|
+
authorizationRequestUrl?: string;
|
|
139
|
+
callbackResult?: {
|
|
140
|
+
rawUrl?: string;
|
|
141
|
+
code?: string;
|
|
142
|
+
state?: string;
|
|
143
|
+
error?: string;
|
|
144
|
+
errorDescription?: string;
|
|
145
|
+
issuer?: string;
|
|
146
|
+
};
|
|
147
|
+
tokenResponse?: any;
|
|
148
|
+
tokenReceivedAt?: number;
|
|
149
|
+
probeResponse?: {
|
|
150
|
+
status: number;
|
|
151
|
+
bodyText: string;
|
|
152
|
+
url: string;
|
|
153
|
+
};
|
|
154
|
+
callbackUrl?: string;
|
|
148
155
|
};
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
156
|
+
}
|
|
157
|
+
export interface OAuthDebuggerSessionView {
|
|
158
|
+
id: string;
|
|
159
|
+
status: SessionStatus;
|
|
160
|
+
createdAt: string;
|
|
161
|
+
updatedAt: string;
|
|
162
|
+
profile: 'latest';
|
|
163
|
+
registrationMethod: RegistrationMethod;
|
|
164
|
+
stepStates: OAuthDebuggerStepState[];
|
|
165
|
+
validations: OAuthValidationFinding[];
|
|
166
|
+
network: OAuthNetworkExchange[];
|
|
167
|
+
networkSummary: {
|
|
168
|
+
requestCount: number;
|
|
169
|
+
errorCount: number;
|
|
153
170
|
};
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
errorDescription?: string;
|
|
171
|
+
sequence: OAuthSequenceEvent[];
|
|
172
|
+
uiHints: {
|
|
173
|
+
nextAction?: 'start' | 'open_authorize_url' | 'paste_callback_url' | 'none';
|
|
174
|
+
authorizationUrl?: string;
|
|
175
|
+
callbackMode?: 'local_callback' | 'manual';
|
|
176
|
+
callbackUrl?: string;
|
|
161
177
|
};
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
178
|
+
summary?: {
|
|
179
|
+
showSensitiveValues?: boolean;
|
|
180
|
+
issuer?: string;
|
|
181
|
+
clientId?: string;
|
|
182
|
+
redirectUri?: string;
|
|
183
|
+
tokenEndpointStatus?: number;
|
|
184
|
+
tokenType?: string;
|
|
185
|
+
grantedScopes?: string[];
|
|
186
|
+
accessToken?: string;
|
|
187
|
+
accessTokenExpiresInSeconds?: number;
|
|
188
|
+
accessTokenExpiresAt?: string;
|
|
189
|
+
accessTokenValidForSeconds?: number;
|
|
190
|
+
accessTokenExpirySource?: 'expires_in' | 'jwt_exp' | 'none';
|
|
191
|
+
refreshTokenAvailable?: boolean;
|
|
168
192
|
};
|
|
169
|
-
callbackUrl?: string;
|
|
170
|
-
};
|
|
171
193
|
}
|
|
172
|
-
export
|
|
173
|
-
id: string;
|
|
174
|
-
status: SessionStatus;
|
|
175
|
-
createdAt: string;
|
|
176
|
-
updatedAt: string;
|
|
177
|
-
profile: 'latest';
|
|
178
|
-
registrationMethod: RegistrationMethod;
|
|
179
|
-
stepStates: OAuthDebuggerStepState[];
|
|
180
|
-
validations: OAuthValidationFinding[];
|
|
181
|
-
network: OAuthNetworkExchange[];
|
|
182
|
-
networkSummary: {
|
|
183
|
-
requestCount: number;
|
|
184
|
-
errorCount: number;
|
|
185
|
-
};
|
|
186
|
-
sequence: OAuthSequenceEvent[];
|
|
187
|
-
uiHints: {
|
|
188
|
-
nextAction?: 'start' | 'open_authorize_url' | 'paste_callback_url' | 'none';
|
|
189
|
-
authorizationUrl?: string;
|
|
190
|
-
callbackMode?: 'local_callback' | 'manual';
|
|
191
|
-
callbackUrl?: string;
|
|
192
|
-
};
|
|
193
|
-
summary?: {
|
|
194
|
-
showSensitiveValues?: boolean;
|
|
195
|
-
issuer?: string;
|
|
196
|
-
clientId?: string;
|
|
197
|
-
redirectUri?: string;
|
|
198
|
-
tokenEndpointStatus?: number;
|
|
199
|
-
tokenType?: string;
|
|
200
|
-
grantedScopes?: string[];
|
|
201
|
-
accessToken?: string;
|
|
202
|
-
accessTokenExpiresInSeconds?: number;
|
|
203
|
-
accessTokenExpiresAt?: string;
|
|
204
|
-
accessTokenValidForSeconds?: number;
|
|
205
|
-
accessTokenExpirySource?: 'expires_in' | 'jwt_exp' | 'none';
|
|
206
|
-
refreshTokenAvailable?: boolean;
|
|
207
|
-
};
|
|
208
|
-
}
|
|
209
|
-
export declare function cleanupOAuthDebuggerSessions(
|
|
210
|
-
sessions: Map<string, OAuthDebuggerSession>,
|
|
211
|
-
now?: number
|
|
212
|
-
): void;
|
|
194
|
+
export declare function cleanupOAuthDebuggerSessions(sessions: Map<string, OAuthDebuggerSession>, now?: number): void;
|
|
213
195
|
export declare function createOAuthDebuggerSession(params: {
|
|
214
|
-
|
|
215
|
-
|
|
196
|
+
config: OAuthDebuggerSessionConfigInput;
|
|
197
|
+
serverConfig?: EvalConfig['servers'][string];
|
|
216
198
|
}): OAuthDebuggerSession;
|
|
217
|
-
export declare function oauthDebuggerSessionView(
|
|
218
|
-
session: OAuthDebuggerSession
|
|
219
|
-
): OAuthDebuggerSessionView;
|
|
199
|
+
export declare function oauthDebuggerSessionView(session: OAuthDebuggerSession): OAuthDebuggerSessionView;
|
|
220
200
|
export declare function startOrResumeOAuthDebuggerSession(params: {
|
|
221
|
-
|
|
222
|
-
|
|
201
|
+
session: OAuthDebuggerSession;
|
|
202
|
+
appBaseUrl: string;
|
|
223
203
|
}): Promise<void>;
|
|
224
204
|
export declare function submitManualCallbackToSession(params: {
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
205
|
+
session: OAuthDebuggerSession;
|
|
206
|
+
redirectUrl?: string;
|
|
207
|
+
code?: string;
|
|
208
|
+
state?: string;
|
|
229
209
|
}): void;
|
|
230
210
|
export declare function submitBrowserCallbackToSession(params: {
|
|
231
|
-
|
|
232
|
-
|
|
211
|
+
session: OAuthDebuggerSession;
|
|
212
|
+
rawUrl: string;
|
|
233
213
|
}): void;
|
|
234
214
|
export declare function stopOAuthDebuggerSession(session: OAuthDebuggerSession): void;
|
|
235
215
|
export declare function oauthDebuggerExportMarkdown(session: OAuthDebuggerSession): string;
|
|
236
216
|
export declare function oauthDebuggerExportRawTrace(session: OAuthDebuggerSession): string;
|
|
237
217
|
export {};
|
|
238
|
-
//# sourceMappingURL=oauth-debugger-domain.d.ts.map
|
|
218
|
+
//# sourceMappingURL=oauth-debugger-domain.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-debugger-domain.d.ts","sourceRoot":"","sources":["../../src/app-server/oauth-debugger-domain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGhD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,KAAK,aAAa,GACd,aAAa,GACb,SAAS,GACT,kBAAkB,GAClB,8BAA8B,GAC9B,WAAW,GACX,OAAO,GACP,SAAS,CAAC;AAEd,KAAK,kBAAkB,GAAG,gBAAgB,GAAG,KAAK,GAAG,MAAM,CAAC;AAE5D,MAAM,WAAW,+BAA+B;IAC9C,OAAO,EAAE,QAAQ,CAAC;IAClB,MAAM,EAAE;QACN,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE;YACV,8BAA8B,CAAC,EAAE,MAAM,CAAC;YACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;YAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;YACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,eAAe,CAAC,EAAE,MAAM,CAAC;SAC1B,CAAC;KACH,CAAC;IACF,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,YAAY,EAAE;QACZ,aAAa,CAAC,EAAE;YACd,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,GAAG,CAAC,EAAE;YACJ,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,IAAI,CAAC,EAAE;YACL,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,YAAY,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,sBAAsB,CAAA;KAAE,CAAC,CAAC;CAC9F;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IAClE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC9E,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC5E,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE;QACN,OAAO,EAAE,QAAQ,CAAC;QAClB,MAAM,EAAE,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAClD,kBAAkB,EAAE,kBAAkB,CAAC;QACvC,YAAY,EAAE,+BAA+B,CAAC,cAAc,CAAC,CAAC;QAC9D,OAAO,EAAE,QAAQ,CACf,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CACF,GACC,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CAAC;QACJ,OAAO,EAAE;YACP,mBAAmB,EAAE,OAAO,CAAC;SAC9B,CAAC;KACH,CAAC;IACF,KAAK,EAAE,sBAAsB,EAAE,CAAC;IAChC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAC9E,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7B,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7C,OAAO,EAAE;QACP,gBAAgB,CAAC,EAAE,GAAG,CAAC;QACvB,kBAAkB,CAAC,EAAE,GAAG,CAAC;QACzB,YAAY,CAAC,EAAE,GAAG,CAAC;QACnB,cAAc,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,YAAY,CAAC,EAAE,MAAM,CAAC;YAAC,uBAAuB,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/F,IAAI,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/D,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,cAAc,CAAC,EAAE;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"oauth-debugger-domain.d.ts","sourceRoot":"","sources":["../../src/app-server/oauth-debugger-domain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGhD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,KAAK,aAAa,GACd,aAAa,GACb,SAAS,GACT,kBAAkB,GAClB,8BAA8B,GAC9B,WAAW,GACX,OAAO,GACP,SAAS,CAAC;AAEd,KAAK,kBAAkB,GAAG,gBAAgB,GAAG,KAAK,GAAG,MAAM,CAAC;AAE5D,MAAM,WAAW,+BAA+B;IAC9C,OAAO,EAAE,QAAQ,CAAC;IAClB,MAAM,EAAE;QACN,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE;YACV,8BAA8B,CAAC,EAAE,MAAM,CAAC;YACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;YAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;YACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,eAAe,CAAC,EAAE,MAAM,CAAC;SAC1B,CAAC;KACH,CAAC;IACF,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,YAAY,EAAE;QACZ,aAAa,CAAC,EAAE;YACd,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,GAAG,CAAC,EAAE;YACJ,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,IAAI,CAAC,EAAE;YACL,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,YAAY,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,sBAAsB,CAAA;KAAE,CAAC,CAAC;CAC9F;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IAClE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC9E,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC5E,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE;QACN,OAAO,EAAE,QAAQ,CAAC;QAClB,MAAM,EAAE,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAClD,kBAAkB,EAAE,kBAAkB,CAAC;QACvC,YAAY,EAAE,+BAA+B,CAAC,cAAc,CAAC,CAAC;QAC9D,OAAO,EAAE,QAAQ,CACf,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CACF,GACC,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CAAC;QACJ,OAAO,EAAE;YACP,mBAAmB,EAAE,OAAO,CAAC;SAC9B,CAAC;KACH,CAAC;IACF,KAAK,EAAE,sBAAsB,EAAE,CAAC;IAChC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAC9E,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7B,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7C,OAAO,EAAE;QACP,gBAAgB,CAAC,EAAE,GAAG,CAAC;QACvB,kBAAkB,CAAC,EAAE,GAAG,CAAC;QACzB,YAAY,CAAC,EAAE,GAAG,CAAC;QACnB,cAAc,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,YAAY,CAAC,EAAE,MAAM,CAAC;YAAC,uBAAuB,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/F,IAAI,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/D,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,cAAc,CAAC,EAAE;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;YAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;SACjB,CAAC;QACF,aAAa,CAAC,EAAE,GAAG,CAAC;QACpB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,aAAa,CAAC,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;QAClE,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,QAAQ,CAAC;IAClB,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,UAAU,EAAE,sBAAsB,EAAE,CAAC;IACrC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,cAAc,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7D,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,OAAO,EAAE;QACP,UAAU,CAAC,EAAE,OAAO,GAAG,oBAAoB,GAAG,oBAAoB,GAAG,MAAM,CAAC;QAC5E,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,CAAC,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC3C,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,2BAA2B,CAAC,EAAE,MAAM,CAAC;QACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,0BAA0B,CAAC,EAAE,MAAM,CAAC;QACpC,uBAAuB,CAAC,EAAE,YAAY,GAAG,SAAS,GAAG,MAAM,CAAC;QAC5D,qBAAqB,CAAC,EAAE,OAAO,CAAC;KACjC,CAAC;CACH;AAqgCD,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,EAC3C,GAAG,SAAa,QAOjB;AAED,wBAAgB,0BAA0B,CAAC,MAAM,EAAE;IACjD,MAAM,EAAE,+BAA+B,CAAC;IACxC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;CAC9C,GAAG,oBAAoB,CAsDvB;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,GAAG,wBAAwB,CAgGhG;AAED,wBAAsB,iCAAiC,CAAC,MAAM,EAAE;IAC9D,OAAO,EAAE,oBAAoB,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;CACpB,iBAsFA;AAED,wBAAgB,6BAA6B,CAAC,MAAM,EAAE;IACpD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,QAWA;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE;IACrD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB,QAIA;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,QAWrE;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CA+BjF;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CAiBjF"}
|
|
@@ -348,7 +348,8 @@ function parseCallbackInput(input) {
|
|
|
348
348
|
code: parsed.searchParams.get('code') ?? undefined,
|
|
349
349
|
state: parsed.searchParams.get('state') ?? undefined,
|
|
350
350
|
error: parsed.searchParams.get('error') ?? undefined,
|
|
351
|
-
errorDescription: parsed.searchParams.get('error_description') ?? undefined
|
|
351
|
+
errorDescription: parsed.searchParams.get('error_description') ?? undefined,
|
|
352
|
+
issuer: parsed.searchParams.get('iss') ?? undefined
|
|
352
353
|
};
|
|
353
354
|
}
|
|
354
355
|
return {
|
|
@@ -689,7 +690,9 @@ function stepValidateCallback(session) {
|
|
|
689
690
|
detail: `${cb.error}${cb.errorDescription ? `: ${cb.errorDescription}` : ''}`,
|
|
690
691
|
recommendation: 'Inspect the authorization request parameters and client registration details.'
|
|
691
692
|
});
|
|
692
|
-
|
|
693
|
+
const firstLine = `Authorization error: ${cb.error}`;
|
|
694
|
+
const secondLine = cb.errorDescription ? `Description: ${cb.errorDescription}` : undefined;
|
|
695
|
+
throw new Error([firstLine, secondLine].filter((line) => Boolean(line)).join('\n'));
|
|
693
696
|
}
|
|
694
697
|
if (!cb.code) {
|
|
695
698
|
addValidation(session, {
|
|
@@ -713,6 +716,17 @@ function stepValidateCallback(session) {
|
|
|
713
716
|
});
|
|
714
717
|
throw new Error('State mismatch');
|
|
715
718
|
}
|
|
719
|
+
const expectedIssuer = session.context.authServerMetadata?.issuer;
|
|
720
|
+
if (cb.issuer && expectedIssuer && cb.issuer !== expectedIssuer) {
|
|
721
|
+
addValidation(session, {
|
|
722
|
+
stepId,
|
|
723
|
+
severity: 'warning',
|
|
724
|
+
code: 'issuer_mismatch',
|
|
725
|
+
title: 'Issuer mismatch in authorization response',
|
|
726
|
+
detail: `Expected issuer '${expectedIssuer}' but callback contained iss='${cb.issuer}'.`,
|
|
727
|
+
recommendation: 'Verify authorization server configuration and callback routing. The callback may not belong to this issuer context.'
|
|
728
|
+
});
|
|
729
|
+
}
|
|
716
730
|
addValidation(session, {
|
|
717
731
|
stepId,
|
|
718
732
|
severity: 'info',
|
|
@@ -828,16 +842,50 @@ async function stepResourceProbe(session) {
|
|
|
828
842
|
return;
|
|
829
843
|
}
|
|
830
844
|
try {
|
|
831
|
-
const
|
|
845
|
+
const commonHeaders = {
|
|
846
|
+
authorization: `Bearer ${accessToken}`,
|
|
847
|
+
accept: 'application/json, text/event-stream'
|
|
848
|
+
};
|
|
849
|
+
const postProbeBody = JSON.stringify({
|
|
850
|
+
jsonrpc: '2.0',
|
|
851
|
+
id: 'oauth-debugger-probe',
|
|
852
|
+
method: 'initialize',
|
|
853
|
+
params: {
|
|
854
|
+
protocolVersion: '2025-03-26',
|
|
855
|
+
capabilities: {},
|
|
856
|
+
clientInfo: {
|
|
857
|
+
name: 'oauth-debugger',
|
|
858
|
+
version: '0.1.0'
|
|
859
|
+
}
|
|
860
|
+
}
|
|
861
|
+
});
|
|
862
|
+
const postAttempt = await fetchWithTrace({
|
|
832
863
|
session,
|
|
833
864
|
stepId,
|
|
834
|
-
label: 'Protected resource probe',
|
|
865
|
+
label: 'Protected resource probe (MCP POST)',
|
|
835
866
|
url: probeUrl,
|
|
867
|
+
method: 'POST',
|
|
836
868
|
headers: {
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
}
|
|
869
|
+
...commonHeaders,
|
|
870
|
+
'content-type': 'application/json'
|
|
871
|
+
},
|
|
872
|
+
bodyText: postProbeBody
|
|
840
873
|
});
|
|
874
|
+
let response = postAttempt.response;
|
|
875
|
+
let responseText = postAttempt.responseText;
|
|
876
|
+
let probeMethod = 'POST';
|
|
877
|
+
if (!response.ok) {
|
|
878
|
+
const getAttempt = await fetchWithTrace({
|
|
879
|
+
session,
|
|
880
|
+
stepId,
|
|
881
|
+
label: 'Protected resource probe (fallback GET)',
|
|
882
|
+
url: probeUrl,
|
|
883
|
+
headers: commonHeaders
|
|
884
|
+
});
|
|
885
|
+
response = getAttempt.response;
|
|
886
|
+
responseText = getAttempt.responseText;
|
|
887
|
+
probeMethod = 'GET';
|
|
888
|
+
}
|
|
841
889
|
session.context.probeResponse = {
|
|
842
890
|
status: response.status,
|
|
843
891
|
bodyText: responseText,
|
|
@@ -849,7 +897,7 @@ async function stepResourceProbe(session) {
|
|
|
849
897
|
severity: 'warning',
|
|
850
898
|
code: 'probe_not_ok',
|
|
851
899
|
title: 'Protected probe returned non-success',
|
|
852
|
-
detail: `Protected probe returned HTTP ${response.status}.`,
|
|
900
|
+
detail: `Protected probe (${probeMethod}) returned HTTP ${response.status}.`,
|
|
853
901
|
recommendation: 'Verify audience/resource, scopes, and token issuer expectations on the MCP server.'
|
|
854
902
|
});
|
|
855
903
|
}
|
|
@@ -859,10 +907,10 @@ async function stepResourceProbe(session) {
|
|
|
859
907
|
severity: 'info',
|
|
860
908
|
code: 'probe_ok',
|
|
861
909
|
title: 'Protected probe succeeded',
|
|
862
|
-
detail:
|
|
910
|
+
detail: `The bearer token was accepted by the probe endpoint via ${probeMethod}.`
|
|
863
911
|
});
|
|
864
912
|
}
|
|
865
|
-
markStepCompleted(session, stepId, `Probe HTTP ${response.status}`);
|
|
913
|
+
markStepCompleted(session, stepId, `Probe (${probeMethod}) HTTP ${response.status}`);
|
|
866
914
|
}
|
|
867
915
|
catch (error) {
|
|
868
916
|
addValidation(session, {
|