@inspectr/mcplab 1.7.0 → 1.9.0

package/dist/app-server/oauth-debugger-domain.d.ts

@@ -1,210 +1,238 @@
 import type { ServerResponse } from 'node:http';
 import type { EvalConfig } from '@inspectr/mcplab-core';
-type SessionStatus = 'configuring' | 'running' | 'waiting_for_user' | 'waiting_for_browser_callback' | 'completed' | 'error' | 'stopped';
+type SessionStatus =
+  | 'configuring'
+  | 'running'
+  | 'waiting_for_user'
+  | 'waiting_for_browser_callback'
+  | 'completed'
+  | 'error'
+  | 'stopped';
 type RegistrationMethod = 'pre_registered' | 'dcr' | 'cimd';
 export interface OAuthDebuggerSessionConfigInput {
-    profile: 'latest';
-    target: {
-        serverName: string;
-        overrides?: {
-            authorizationServerMetadataUrl?: string;
-            authorizationEndpoint?: string;
-            tokenEndpoint?: string;
-            registrationEndpoint?: string;
-            cimdUrl?: string;
-            resourceBaseUrl?: string;
-        };
+  profile: 'latest';
+  target: {
+    serverName: string;
+    overrides?: {
+      authorizationServerMetadataUrl?: string;
+      authorizationEndpoint?: string;
+      tokenEndpoint?: string;
+      registrationEndpoint?: string;
+      cimdUrl?: string;
+      resourceBaseUrl?: string;
     };
-    registrationMethod: RegistrationMethod;
-    clientConfig: {
-        preRegistered?: {
-            clientId: string;
-            clientSecret?: string;
-            tokenEndpointAuthMethod?: string;
-        };
-        dcr?: {
-            metadata?: Record<string, unknown>;
-            tokenEndpointAuthMethod?: string;
-        };
-        cimd?: {
-            cimdUrl?: string;
-            expectedClientId?: string;
-        };
+  };
+  registrationMethod: RegistrationMethod;
+  clientConfig: {
+    preRegistered?: {
+      clientId: string;
+      clientSecret?: string;
+      tokenEndpointAuthMethod?: string;
     };
-    runtime: {
-        redirectMode: 'local_callback' | 'manual';
-        scopes?: string[];
-        resource?: string;
-        usePkce?: boolean;
-        codeChallengeMethod?: 'S256';
-        state?: string;
-        nonce?: string;
-        extraAuthParams?: Record<string, string>;
+    dcr?: {
+      metadata?: Record<string, unknown>;
+      tokenEndpointAuthMethod?: string;
     };
-    display?: {
-        showSensitiveValues?: boolean;
+    cimd?: {
+      cimdUrl?: string;
+      expectedClientId?: string;
     };
+  };
+  runtime: {
+    redirectMode: 'local_callback' | 'manual';
+    scopes?: string[];
+    resource?: string;
+    usePkce?: boolean;
+    codeChallengeMethod?: 'S256';
+    state?: string;
+    nonce?: string;
+    extraAuthParams?: Record<string, string>;
+  };
+  display?: {
+    showSensitiveValues?: boolean;
+  };
 }
 export interface OAuthNetworkExchange {
-    id: string;
-    stepId: string;
-    kind: 'http';
-    phase: 'request' | 'response';
-    label: string;
-    method?: string;
-    url: string;
-    headers: Record<string, string>;
-    bodyText?: string;
-    status?: number;
-    durationMs?: number;
-    timestamp: string;
-    sensitiveFields?: Array<{
-        path: string;
-        type: 'token' | 'secret' | 'authorization_header';
-    }>;
+  id: string;
+  stepId: string;
+  kind: 'http';
+  phase: 'request' | 'response';
+  label: string;
+  method?: string;
+  url: string;
+  headers: Record<string, string>;
+  bodyText?: string;
+  status?: number;
+  durationMs?: number;
+  timestamp: string;
+  sensitiveFields?: Array<{
+    path: string;
+    type: 'token' | 'secret' | 'authorization_header';
+  }>;
 }
 export interface OAuthValidationFinding {
-    id: string;
-    stepId: string;
-    severity: 'error' | 'warning' | 'info';
-    code: string;
-    title: string;
-    detail: string;
-    specReference?: string;
-    recommendation?: string;
+  id: string;
+  stepId: string;
+  severity: 'error' | 'warning' | 'info';
+  code: string;
+  title: string;
+  detail: string;
+  specReference?: string;
+  recommendation?: string;
 }
 export interface OAuthDebuggerStepState {
-    id: string;
-    title: string;
-    description: string;
-    status: 'pending' | 'active' | 'completed' | 'failed' | 'skipped';
-    startedAt?: string;
-    finishedAt?: string;
-    outcomeSummary?: string;
-    teachableMoment?: string;
-    networkExchangeIds: string[];
-    validationIds: string[];
+  id: string;
+  title: string;
+  description: string;
+  status: 'pending' | 'active' | 'completed' | 'failed' | 'skipped';
+  startedAt?: string;
+  finishedAt?: string;
+  outcomeSummary?: string;
+  teachableMoment?: string;
+  networkExchangeIds: string[];
+  validationIds: string[];
 }
 export interface OAuthSequenceEvent {
-    id: string;
-    ts: string;
-    from: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
-    to: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
-    label: string;
-    stepId?: string;
-    networkExchangeId?: string;
+  id: string;
+  ts: string;
+  from: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
+  to: 'User' | 'Debugger' | 'Auth Server' | 'Token Endpoint' | 'MCP/Resource';
+  label: string;
+  stepId?: string;
+  networkExchangeId?: string;
 }
 export interface OAuthDebuggerSession {
-    id: string;
-    createdAt: number;
-    updatedAt: number;
-    status: SessionStatus;
-    config: {
-        profile: 'latest';
-        target: OAuthDebuggerSessionConfigInput['target'];
-        registrationMethod: RegistrationMethod;
-        clientConfig: OAuthDebuggerSessionConfigInput['clientConfig'];
-        runtime: Required<Pick<OAuthDebuggerSessionConfigInput['runtime'], 'redirectMode' | 'usePkce' | 'codeChallengeMethod'>> & Omit<OAuthDebuggerSessionConfigInput['runtime'], 'redirectMode' | 'usePkce' | 'codeChallengeMethod'>;
-        display: {
-            showSensitiveValues: boolean;
-        };
-    };
-    steps: OAuthDebuggerStepState[];
-    validations: OAuthValidationFinding[];
-    network: OAuthNetworkExchange[];
-    sequence: OAuthSequenceEvent[];
-    events: Array<{
-        type: string;
-        ts: string;
-        payload: Record<string, unknown>;
-    }>;
-    clients: Set<ServerResponse>;
-    abortController: AbortController;
-    serverConfig?: EvalConfig['servers'][string];
-    context: {
-        resourceMetadata?: any;
-        authServerMetadata?: any;
-        registration?: any;
-        resolvedClient?: {
-            clientId: string;
-            clientSecret?: string;
-            tokenEndpointAuthMethod?: string;
-        };
-        pkce?: {
-            verifier: string;
-            challenge: string;
-            method: 'S256';
-        };
-        authorizationRequestUrl?: string;
-        callbackResult?: {
-            rawUrl?: string;
-            code?: string;
-            state?: string;
-            error?: string;
-            errorDescription?: string;
-        };
-        tokenResponse?: any;
-        probeResponse?: {
-            status: number;
-            bodyText: string;
-            url: string;
-        };
-        callbackUrl?: string;
-    };
-}
-export interface OAuthDebuggerSessionView {
-    id: string;
-    status: SessionStatus;
-    createdAt: string;
-    updatedAt: string;
+  id: string;
+  createdAt: number;
+  updatedAt: number;
+  status: SessionStatus;
+  config: {
     profile: 'latest';
+    target: OAuthDebuggerSessionConfigInput['target'];
     registrationMethod: RegistrationMethod;
-    stepStates: OAuthDebuggerStepState[];
-    validations: OAuthValidationFinding[];
-    network: OAuthNetworkExchange[];
-    networkSummary: {
-        requestCount: number;
-        errorCount: number;
+    clientConfig: OAuthDebuggerSessionConfigInput['clientConfig'];
+    runtime: Required<
+      Pick<
+        OAuthDebuggerSessionConfigInput['runtime'],
+        'redirectMode' | 'usePkce' | 'codeChallengeMethod'
+      >
+    > &
+      Omit<
+        OAuthDebuggerSessionConfigInput['runtime'],
+        'redirectMode' | 'usePkce' | 'codeChallengeMethod'
+      >;
+    display: {
+      showSensitiveValues: boolean;
+    };
+  };
+  steps: OAuthDebuggerStepState[];
+  validations: OAuthValidationFinding[];
+  network: OAuthNetworkExchange[];
+  sequence: OAuthSequenceEvent[];
+  events: Array<{
+    type: string;
+    ts: string;
+    payload: Record<string, unknown>;
+  }>;
+  clients: Set<ServerResponse>;
+  abortController: AbortController;
+  serverConfig?: EvalConfig['servers'][string];
+  context: {
+    resourceMetadata?: any;
+    authServerMetadata?: any;
+    registration?: any;
+    resolvedClient?: {
+      clientId: string;
+      clientSecret?: string;
+      tokenEndpointAuthMethod?: string;
+    };
+    pkce?: {
+      verifier: string;
+      challenge: string;
+      method: 'S256';
     };
-    sequence: OAuthSequenceEvent[];
-    uiHints: {
-        nextAction?: 'start' | 'open_authorize_url' | 'paste_callback_url' | 'none';
-        authorizationUrl?: string;
-        callbackMode?: 'local_callback' | 'manual';
-        callbackUrl?: string;
+    authorizationRequestUrl?: string;
+    callbackResult?: {
+      rawUrl?: string;
+      code?: string;
+      state?: string;
+      error?: string;
+      errorDescription?: string;
     };
-    summary?: {
-        issuer?: string;
-        clientId?: string;
-        redirectUri?: string;
-        tokenEndpointStatus?: number;
-        tokenType?: string;
-        grantedScopes?: string[];
-        accessToken?: string;
+    tokenResponse?: any;
+    tokenReceivedAt?: number;
+    probeResponse?: {
+      status: number;
+      bodyText: string;
+      url: string;
     };
+    callbackUrl?: string;
+  };
 }
-export declare function cleanupOAuthDebuggerSessions(sessions: Map<string, OAuthDebuggerSession>, now?: number): void;
+export interface OAuthDebuggerSessionView {
+  id: string;
+  status: SessionStatus;
+  createdAt: string;
+  updatedAt: string;
+  profile: 'latest';
+  registrationMethod: RegistrationMethod;
+  stepStates: OAuthDebuggerStepState[];
+  validations: OAuthValidationFinding[];
+  network: OAuthNetworkExchange[];
+  networkSummary: {
+    requestCount: number;
+    errorCount: number;
+  };
+  sequence: OAuthSequenceEvent[];
+  uiHints: {
+    nextAction?: 'start' | 'open_authorize_url' | 'paste_callback_url' | 'none';
+    authorizationUrl?: string;
+    callbackMode?: 'local_callback' | 'manual';
+    callbackUrl?: string;
+  };
+  summary?: {
+    showSensitiveValues?: boolean;
+    issuer?: string;
+    clientId?: string;
+    redirectUri?: string;
+    tokenEndpointStatus?: number;
+    tokenType?: string;
+    grantedScopes?: string[];
+    accessToken?: string;
+    accessTokenExpiresInSeconds?: number;
+    accessTokenExpiresAt?: string;
+    accessTokenValidForSeconds?: number;
+    accessTokenExpirySource?: 'expires_in' | 'jwt_exp' | 'none';
+    refreshTokenAvailable?: boolean;
+  };
+}
+export declare function cleanupOAuthDebuggerSessions(
+  sessions: Map<string, OAuthDebuggerSession>,
+  now?: number
+): void;
 export declare function createOAuthDebuggerSession(params: {
-    config: OAuthDebuggerSessionConfigInput;
-    serverConfig?: EvalConfig['servers'][string];
+  config: OAuthDebuggerSessionConfigInput;
+  serverConfig?: EvalConfig['servers'][string];
 }): OAuthDebuggerSession;
-export declare function oauthDebuggerSessionView(session: OAuthDebuggerSession): OAuthDebuggerSessionView;
+export declare function oauthDebuggerSessionView(
+  session: OAuthDebuggerSession
+): OAuthDebuggerSessionView;
 export declare function startOrResumeOAuthDebuggerSession(params: {
-    session: OAuthDebuggerSession;
-    appBaseUrl: string;
+  session: OAuthDebuggerSession;
+  appBaseUrl: string;
 }): Promise<void>;
 export declare function submitManualCallbackToSession(params: {
-    session: OAuthDebuggerSession;
-    redirectUrl?: string;
-    code?: string;
-    state?: string;
+  session: OAuthDebuggerSession;
+  redirectUrl?: string;
+  code?: string;
+  state?: string;
 }): void;
 export declare function submitBrowserCallbackToSession(params: {
-    session: OAuthDebuggerSession;
-    rawUrl: string;
+  session: OAuthDebuggerSession;
+  rawUrl: string;
 }): void;
 export declare function stopOAuthDebuggerSession(session: OAuthDebuggerSession): void;
 export declare function oauthDebuggerExportMarkdown(session: OAuthDebuggerSession): string;
 export declare function oauthDebuggerExportRawTrace(session: OAuthDebuggerSession): string;
 export {};
-//# sourceMappingURL=oauth-debugger-domain.d.ts.map
+//# sourceMappingURL=oauth-debugger-domain.d.ts.map

package/dist/app-server/oauth-debugger-domain.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-debugger-domain.d.ts","sourceRoot":"","sources":["../../src/app-server/oauth-debugger-domain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGhD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,KAAK,aAAa,GACd,aAAa,GACb,SAAS,GACT,kBAAkB,GAClB,8BAA8B,GAC9B,WAAW,GACX,OAAO,GACP,SAAS,CAAC;AAEd,KAAK,kBAAkB,GAAG,gBAAgB,GAAG,KAAK,GAAG,MAAM,CAAC;AAE5D,MAAM,WAAW,+BAA+B;IAC9C,OAAO,EAAE,QAAQ,CAAC;IAClB,MAAM,EAAE;QACN,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE;YACV,8BAA8B,CAAC,EAAE,MAAM,CAAC;YACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;YAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;YACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,eAAe,CAAC,EAAE,MAAM,CAAC;SAC1B,CAAC;KACH,CAAC;IACF,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,YAAY,EAAE;QACZ,aAAa,CAAC,EAAE;YACd,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,GAAG,CAAC,EAAE;YACJ,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,IAAI,CAAC,EAAE;YACL,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,YAAY,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,sBAAsB,CAAA;KAAE,CAAC,CAAC;CAC9F;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IAClE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC9E,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC5E,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE;QACN,OAAO,EAAE,QAAQ,CAAC;QAClB,MAAM,EAAE,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAClD,kBAAkB,EAAE,kBAAkB,CAAC;QACvC,YAAY,EAAE,+BAA+B,CAAC,cAAc,CAAC,CAAC;QAC9D,OAAO,EAAE,QAAQ,CACf,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CACF,GACC,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CAAC;QACJ,OAAO,EAAE;YACP,mBAAmB,EAAE,OAAO,CAAC;SAC9B,CAAC;KACH,CAAC;IACF,KAAK,EAAE,sBAAsB,EAAE,CAAC;IAChC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAC9E,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7B,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7C,OAAO,EAAE;QACP,gBAAgB,CAAC,EAAE,GAAG,CAAC;QACvB,kBAAkB,CAAC,EAAE,GAAG,CAAC;QACzB,YAAY,CAAC,EAAE,GAAG,CAAC;QACnB,cAAc,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,YAAY,CAAC,EAAE,MAAM,CAAC;YAAC,uBAAuB,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/F,IAAI,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/D,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,cAAc,CAAC,EAAE;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;QACF,aAAa,CAAC,EAAE,GAAG,CAAC;QACpB,aAAa,CAAC,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;QAClE,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,QAAQ,CAAC;IAClB,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,UAAU,EAAE,sBAAsB,EAAE,CAAC;IACrC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,cAAc,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7D,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,OAAO,EAAE;QACP,UAAU,CAAC,EAAE,OAAO,GAAG,oBAAoB,GAAG,oBAAoB,GAAG,MAAM,CAAC;QAC5E,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,CAAC,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC3C,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,OAAO,CAAC,EAAE;QACR,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAk8BD,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,EAC3C,GAAG,SAAa,QAOjB;AAED,wBAAgB,0BAA0B,CAAC,MAAM,EAAE;IACjD,MAAM,EAAE,+BAA+B,CAAC;IACxC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;CAC9C,GAAG,oBAAoB,CAsDvB;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,GAAG,wBAAwB,CAsDhG;AAED,wBAAsB,iCAAiC,CAAC,MAAM,EAAE;IAC9D,OAAO,EAAE,oBAAoB,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;CACpB,iBAsFA;AAED,wBAAgB,6BAA6B,CAAC,MAAM,EAAE;IACpD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,QAWA;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE;IACrD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB,QAIA;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,QAWrE;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CA+BjF;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CAiBjF"}
+{"version":3,"file":"oauth-debugger-domain.d.ts","sourceRoot":"","sources":["../../src/app-server/oauth-debugger-domain.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGhD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGxD,KAAK,aAAa,GACd,aAAa,GACb,SAAS,GACT,kBAAkB,GAClB,8BAA8B,GAC9B,WAAW,GACX,OAAO,GACP,SAAS,CAAC;AAEd,KAAK,kBAAkB,GAAG,gBAAgB,GAAG,KAAK,GAAG,MAAM,CAAC;AAE5D,MAAM,WAAW,+BAA+B;IAC9C,OAAO,EAAE,QAAQ,CAAC;IAClB,MAAM,EAAE;QACN,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE;YACV,8BAA8B,CAAC,EAAE,MAAM,CAAC;YACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;YAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;YACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,eAAe,CAAC,EAAE,MAAM,CAAC;SAC1B,CAAC;KACH,CAAC;IACF,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,YAAY,EAAE;QACZ,aAAa,CAAC,EAAE;YACd,QAAQ,EAAE,MAAM,CAAC;YACjB,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,GAAG,CAAC,EAAE;YACJ,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACnC,uBAAuB,CAAC,EAAE,MAAM,CAAC;SAClC,CAAC;QACF,IAAI,CAAC,EAAE;YACL,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,YAAY,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,OAAO,GAAG,QAAQ,GAAG,sBAAsB,CAAA;KAAE,CAAC,CAAC;CAC9F;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IAClE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC9E,EAAE,EAAE,MAAM,GAAG,UAAU,GAAG,aAAa,GAAG,gBAAgB,GAAG,cAAc,CAAC;IAC5E,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;IACtB,MAAM,EAAE;QACN,OAAO,EAAE,QAAQ,CAAC;QAClB,MAAM,EAAE,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAClD,kBAAkB,EAAE,kBAAkB,CAAC;QACvC,YAAY,EAAE,+BAA+B,CAAC,cAAc,CAAC,CAAC;QAC9D,OAAO,EAAE,QAAQ,CACf,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CACF,GACC,IAAI,CACF,+BAA+B,CAAC,SAAS,CAAC,EAC1C,cAAc,GAAG,SAAS,GAAG,qBAAqB,CACnD,CAAC;QACJ,OAAO,EAAE;YACP,mBAAmB,EAAE,OAAO,CAAC;SAC9B,CAAC;KACH,CAAC;IACF,KAAK,EAAE,sBAAsB,EAAE,CAAC;IAChC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAC9E,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7B,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7C,OAAO,EAAE;QACP,gBAAgB,CAAC,EAAE,GAAG,CAAC;QACvB,kBAAkB,CAAC,EAAE,GAAG,CAAC;QACzB,YAAY,CAAC,EAAE,GAAG,CAAC;QACnB,cAAc,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,YAAY,CAAC,EAAE,MAAM,CAAC;YAAC,uBAAuB,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/F,IAAI,CAAC,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/D,uBAAuB,CAAC,EAAE,MAAM,CAAC;QACjC,cAAc,CAAC,EAAE;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;SAC3B,CAAC;QACF,aAAa,CAAC,EAAE,GAAG,CAAC;QACpB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,aAAa,CAAC,EAAE;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;QAClE,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,QAAQ,CAAC;IAClB,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,UAAU,EAAE,sBAAsB,EAAE,CAAC;IACrC,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtC,OAAO,EAAE,oBAAoB,EAAE,CAAC;IAChC,cAAc,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7D,QAAQ,EAAE,kBAAkB,EAAE,CAAC;IAC/B,OAAO,EAAE;QACP,UAAU,CAAC,EAAE,OAAO,GAAG,oBAAoB,GAAG,oBAAoB,GAAG,MAAM,CAAC;QAC5E,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,YAAY,CAAC,EAAE,gBAAgB,GAAG,QAAQ,CAAC;QAC3C,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,OAAO,CAAC,EAAE;QACR,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,2BAA2B,CAAC,EAAE,MAAM,CAAC;QACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;QAC9B,0BAA0B,CAAC,EAAE,MAAM,CAAC;QACpC,uBAAuB,CAAC,EAAE,YAAY,GAAG,SAAS,GAAG,MAAM,CAAC;QAC5D,qBAAqB,CAAC,EAAE,OAAO,CAAC;KACjC,CAAC;CACH;AA+8BD,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,EAC3C,GAAG,SAAa,QAOjB;AAED,wBAAgB,0BAA0B,CAAC,MAAM,EAAE;IACjD,MAAM,EAAE,+BAA+B,CAAC;IACxC,YAAY,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC;CAC9C,GAAG,oBAAoB,CAsDvB;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,GAAG,wBAAwB,CAgGhG;AAED,wBAAsB,iCAAiC,CAAC,MAAM,EAAE;IAC9D,OAAO,EAAE,oBAAoB,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;CACpB,iBAsFA;AAED,wBAAgB,6BAA6B,CAAC,MAAM,EAAE;IACpD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,QAWA;AAED,wBAAgB,8BAA8B,CAAC,MAAM,EAAE;IACrD,OAAO,EAAE,oBAAoB,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB,QAIA;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,oBAAoB,QAWrE;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CA+BjF;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,oBAAoB,GAAG,MAAM,CAiBjF"}

package/dist/app-server/oauth-debugger-domain.js

@@ -12,6 +12,19 @@ function makeId(prefix) {
 function toBase64Url(buffer) {
     return buffer.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
 }
+function parseJwtClaims(token) {
+    const parts = token.split('.');
+    if (parts.length < 2)
+        return undefined;
+    try {
+        const payload = parts[1].replace(/-/g, '+').replace(/_/g, '/');
+        const padded = payload + '='.repeat((4 - (payload.length % 4)) % 4);
+        return JSON.parse(Buffer.from(padded, 'base64').toString('utf8'));
+    }
+    catch {
+        return undefined;
+    }
+}
 function pkcePair() {
     const verifier = toBase64Url(randomBytes(32));
     const challenge = createHash('sha256').update(verifier).digest('base64url');
@@ -401,7 +414,8 @@ async function stepResolveTargetMetadata(session) {
     }
     const resourceMetadataUrl = session.config.target.overrides?.authorizationServerMetadataUrl
         ? undefined
-        : probedResourceMetadataUrl ?? inferResourceMetadataUrl(session.config.target.overrides?.resourceBaseUrl || server.url);
+        : probedResourceMetadataUrl ??
+            inferResourceMetadataUrl(session.config.target.overrides?.resourceBaseUrl || server.url);
     if (resourceMetadataUrl) {
         try {
             const { response, responseJson, responseText } = await fetchWithTrace({
@@ -756,6 +770,7 @@ async function stepTokenExchange(session) {
         bodyText: form.toString()
     });
     session.context.tokenResponse = responseJson ?? { raw: responseText, status: response.status };
+    session.context.tokenReceivedAt = Date.now();
     if (!response.ok) {
         throw new Error(`Token exchange failed (${response.status})`);
     }
@@ -953,6 +968,34 @@ export function oauthDebuggerSessionView(session) {
     const token = session.context.tokenResponse && typeof session.context.tokenResponse === 'object'
         ? session.context.tokenResponse
         : undefined;
+    const accessTokenRaw = typeof token?.access_token === 'string' ? token.access_token : undefined;
+    const jwtClaims = accessTokenRaw ? parseJwtClaims(accessTokenRaw) : undefined;
+    const expiresInRaw = token?.expires_in;
+    const expiresInSeconds = typeof expiresInRaw === 'number'
+        ? Math.max(0, Math.floor(expiresInRaw))
+        : typeof expiresInRaw === 'string' && /^\d+$/.test(expiresInRaw)
+            ? Math.max(0, Math.floor(Number(expiresInRaw)))
+            : undefined;
+    const jwtExpSecondsRaw = jwtClaims?.exp;
+    const jwtExpSeconds = typeof jwtExpSecondsRaw === 'number'
+        ? Math.floor(jwtExpSecondsRaw)
+        : typeof jwtExpSecondsRaw === 'string' && /^\d+$/.test(jwtExpSecondsRaw)
+            ? Math.floor(Number(jwtExpSecondsRaw))
+            : undefined;
+    const tokenReceivedAt = session.context.tokenReceivedAt ?? session.updatedAt;
+    const expiresAtMs = typeof expiresInSeconds === 'number'
+        ? tokenReceivedAt + expiresInSeconds * 1000
+        : typeof jwtExpSeconds === 'number'
+            ? jwtExpSeconds * 1000
+            : undefined;
+    const validForSeconds = typeof expiresAtMs === 'number'
+        ? Math.max(0, Math.floor((expiresAtMs - Date.now()) / 1000))
+        : undefined;
+    const expirySource = typeof expiresInSeconds === 'number'
+        ? 'expires_in'
+        : typeof jwtExpSeconds === 'number'
+            ? 'jwt_exp'
+            : 'none';
     return {
         id: session.id,
         status: session.status,
@@ -981,6 +1024,7 @@ export function oauthDebuggerSessionView(session) {
             callbackUrl: session.context.callbackUrl
         },
         summary: {
+            showSensitiveValues: session.config.display.showSensitiveValues,
             issuer: session.context.authServerMetadata?.issuer ?? session.context.resourceMetadata?.issuer,
             clientId: session.context.resolvedClient?.clientId,
             redirectUri: session.context.callbackUrl,
@@ -991,9 +1035,14 @@ export function oauthDebuggerSessionView(session) {
             grantedScopes: typeof token?.scope === 'string'
                 ? String(token.scope).split(/\s+/).filter(Boolean)
                 : undefined,
-            accessToken: session.config.display.showSensitiveValues && typeof token?.access_token === 'string'
-                ? token.access_token
-                : undefined
+            accessToken: session.config.display.showSensitiveValues && typeof accessTokenRaw === 'string'
+                ? accessTokenRaw
+                : undefined,
+            accessTokenExpiresInSeconds: expiresInSeconds,
+            accessTokenExpiresAt: typeof expiresAtMs === 'number' ? new Date(expiresAtMs).toISOString() : undefined,
+            accessTokenValidForSeconds: validForSeconds,
+            accessTokenExpirySource: expirySource,
+            refreshTokenAvailable: token != null && typeof token.refresh_token === 'string' && token.refresh_token.length > 0
         }
     };
 }