@julr/sesame 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -3
- package/build/{authorize_controller-ekxbVGSh.js → authorize_controller-CfV9v3R2.js} +1 -1
- package/build/commands/sesame_purge.js +1 -1
- package/build/{consent_controller-CqE3-kWO.js → consent_controller-DBtvczID.js} +1 -1
- package/build/index.js +2 -2
- package/build/{introspect_controller-Dx3Hz87G.js → introspect_controller-D2SihAxt.js} +1 -1
- package/build/{main-C6VqRjlK.js → main-ix9EOujk.js} +1 -1
- package/build/{metadata_controller-CrR-rU1y.js → metadata_controller-CekEP9i9.js} +1 -1
- package/build/providers/sesame_provider.js +3 -3
- package/build/{register_controller-B7IT9U1P.js → register_controller-Cmkyy0Pv.js} +1 -1
- package/build/{revoke_controller-E15HmMCv.js → revoke_controller-CzRid0SB.js} +1 -1
- package/build/services/main.js +1 -1
- package/build/{sesame_manager-BLmhC1jV.js → sesame_manager-Blf8pkgS.js} +1 -1
- package/build/{sesame_manager-2iG9p7_F.js → sesame_manager-Br0DIJgM.js} +16 -14
- package/build/src/guard/main.js +1 -1
- package/build/src/sesame_manager.d.ts +5 -5
- package/build/{token_controller-qFmejgux.js → token_controller-BEiR1lGn.js} +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -84,11 +84,11 @@ import sesame from '@julr/sesame/services/main'
|
|
|
84
84
|
|
|
85
85
|
// OAuth endpoints under /oauth
|
|
86
86
|
router.group(() => {
|
|
87
|
-
sesame.registerRoutes(
|
|
87
|
+
sesame.registerRoutes()
|
|
88
88
|
}).prefix('/oauth')
|
|
89
89
|
|
|
90
90
|
// Discovery endpoints at the root
|
|
91
|
-
sesame.registerWellKnownRoutes(
|
|
91
|
+
sesame.registerWellKnownRoutes()
|
|
92
92
|
```
|
|
93
93
|
|
|
94
94
|
This registers the following endpoints:
|
|
@@ -159,7 +159,7 @@ router
|
|
|
159
159
|
For MCP (Model Context Protocol) servers, register per-resource discovery:
|
|
160
160
|
|
|
161
161
|
```ts
|
|
162
|
-
sesame.registerProtectedResource(
|
|
162
|
+
sesame.registerProtectedResource({
|
|
163
163
|
resource: '/api/mcp',
|
|
164
164
|
scopes: ['read:mcp'],
|
|
165
165
|
})
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { i as OAuthAuthorizationCode, n as OAuthPendingAuthorizationRequest, r as OAuthConsent, t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { i as OAuthAuthorizationCode, n as OAuthPendingAuthorizationRequest, r as OAuthConsent, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { d as E_UNSUPPORTED_RESPONSE_TYPE, o as E_INVALID_REQUEST, r as E_INVALID_CLIENT } from "./oauth_error-CnJ3L8tf.js";
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { t as SesameManager } from "../sesame_manager-
|
|
1
|
+
import { t as SesameManager } from "../sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import { t as __decorate } from "../decorate-BKZEjPRg.js";
|
|
3
3
|
import "../oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { BaseCommand, flags } from "@adonisjs/core/ace";
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { i as OAuthAuthorizationCode, n as OAuthPendingAuthorizationRequest, r as OAuthConsent, t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { i as OAuthAuthorizationCode, n as OAuthPendingAuthorizationRequest, r as OAuthConsent, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { a as E_INVALID_GRANT, o as E_INVALID_REQUEST, r as E_INVALID_CLIENT } from "./oauth_error-CnJ3L8tf.js";
|
package/build/index.js
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import { configure } from "./configure.js";
|
|
2
|
-
import { a as OAuthRefreshToken, i as OAuthAuthorizationCode, r as OAuthConsent, t as SesameManager } from "./sesame_manager-
|
|
2
|
+
import { a as OAuthRefreshToken, i as OAuthAuthorizationCode, r as OAuthConsent, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
3
3
|
import "./decorate-BKZEjPRg.js";
|
|
4
4
|
import { t as OAuthAccessToken } from "./oauth_access_token-bsoM5KeU.js";
|
|
5
5
|
import { a as E_INVALID_GRANT, c as E_INVALID_TOKEN, d as E_UNSUPPORTED_RESPONSE_TYPE, f as OAuthError, i as E_INVALID_CLIENT_METADATA, l as E_SERVER_ERROR, n as E_INSUFFICIENT_SCOPE, o as E_INVALID_REQUEST, r as E_INVALID_CLIENT, s as E_INVALID_SCOPE, t as E_ACCESS_DENIED, u as E_UNSUPPORTED_GRANT_TYPE } from "./oauth_error-CnJ3L8tf.js";
|
|
6
6
|
import { t as OAuthClient } from "./oauth_client-BIoY5jBR.js";
|
|
7
7
|
import "./token_service-fhoA4slP.js";
|
|
8
|
-
import { i as OAuthGuard, n as oauthUserProvider, r as OAuthLucidUserProvider, t as oauthGuard } from "./main-
|
|
8
|
+
import { i as OAuthGuard, n as oauthUserProvider, r as OAuthLucidUserProvider, t as oauthGuard } from "./main-ix9EOujk.js";
|
|
9
9
|
function defineConfig(config) {
|
|
10
10
|
return {
|
|
11
11
|
issuer: config.issuer,
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { a as OAuthRefreshToken, t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { a as OAuthRefreshToken, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import { t as OAuthAccessToken } from "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { r as E_INVALID_CLIENT } from "./oauth_error-CnJ3L8tf.js";
|
|
@@ -150,7 +150,7 @@ var OAuthLucidUserProvider = class {
|
|
|
150
150
|
function oauthGuard(config) {
|
|
151
151
|
return { async resolver(name, app) {
|
|
152
152
|
const emitter = await app.container.make("emitter");
|
|
153
|
-
const { SesameManager } = await import("./sesame_manager-
|
|
153
|
+
const { SesameManager } = await import("./sesame_manager-Blf8pkgS.js");
|
|
154
154
|
const manager = await app.container.make(SesameManager);
|
|
155
155
|
return (ctx) => new OAuthGuard(name, ctx, emitter, config.provider, manager, config.resource);
|
|
156
156
|
} };
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { l as E_SERVER_ERROR } from "./oauth_error-CnJ3L8tf.js";
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { t as SesameManager } from "../sesame_manager-
|
|
1
|
+
import { t as SesameManager } from "../sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "../decorate-BKZEjPRg.js";
|
|
3
3
|
import "../oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
var SesameProvider = class {
|
|
@@ -6,8 +6,8 @@ var SesameProvider = class {
|
|
|
6
6
|
this.app = app;
|
|
7
7
|
}
|
|
8
8
|
register() {
|
|
9
|
-
this.app.container.singleton(SesameManager, () => {
|
|
10
|
-
return new SesameManager(this.app.config.get("sesame"));
|
|
9
|
+
this.app.container.singleton(SesameManager, async () => {
|
|
10
|
+
return new SesameManager(this.app.config.get("sesame"), await this.app.container.make("router"));
|
|
11
11
|
});
|
|
12
12
|
}
|
|
13
13
|
};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { i as E_INVALID_CLIENT_METADATA, o as E_INVALID_REQUEST, s as E_INVALID_SCOPE, t as E_ACCESS_DENIED } from "./oauth_error-CnJ3L8tf.js";
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { a as OAuthRefreshToken, t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { a as OAuthRefreshToken, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import { t as OAuthAccessToken } from "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { r as E_INVALID_CLIENT } from "./oauth_error-CnJ3L8tf.js";
|
package/build/services/main.js
CHANGED
|
@@ -3,13 +3,13 @@ import { t as OAuthAccessToken } from "./oauth_access_token-bsoM5KeU.js";
|
|
|
3
3
|
import { DateTime } from "luxon";
|
|
4
4
|
import { BaseModel, column } from "@adonisjs/lucid/orm";
|
|
5
5
|
const controllers = {
|
|
6
|
-
token: () => import("./token_controller-
|
|
7
|
-
authorize: () => import("./authorize_controller-
|
|
8
|
-
consent: () => import("./consent_controller-
|
|
9
|
-
introspect: () => import("./introspect_controller-
|
|
10
|
-
revoke: () => import("./revoke_controller-
|
|
11
|
-
register: () => import("./register_controller-
|
|
12
|
-
metadata: () => import("./metadata_controller-
|
|
6
|
+
token: () => import("./token_controller-BEiR1lGn.js"),
|
|
7
|
+
authorize: () => import("./authorize_controller-CfV9v3R2.js"),
|
|
8
|
+
consent: () => import("./consent_controller-DBtvczID.js"),
|
|
9
|
+
introspect: () => import("./introspect_controller-D2SihAxt.js"),
|
|
10
|
+
revoke: () => import("./revoke_controller-CzRid0SB.js"),
|
|
11
|
+
register: () => import("./register_controller-Cmkyy0Pv.js"),
|
|
12
|
+
metadata: () => import("./metadata_controller-CekEP9i9.js"),
|
|
13
13
|
clientInfo: () => import("./client_info_controller-BucHGx4u.js")
|
|
14
14
|
};
|
|
15
15
|
function registerOAuthRoutes(router) {
|
|
@@ -87,8 +87,10 @@ __decorate([column.dateTime()], OAuthPendingAuthorizationRequest.prototype, "exp
|
|
|
87
87
|
__decorate([column.dateTime({ autoCreate: true })], OAuthPendingAuthorizationRequest.prototype, "createdAt", void 0);
|
|
88
88
|
var SesameManager = class {
|
|
89
89
|
#config;
|
|
90
|
-
|
|
90
|
+
#router;
|
|
91
|
+
constructor(config, router) {
|
|
91
92
|
this.#config = config;
|
|
93
|
+
this.#router = router;
|
|
92
94
|
}
|
|
93
95
|
get config() {
|
|
94
96
|
return this.#config;
|
|
@@ -139,15 +141,15 @@ var SesameManager = class {
|
|
|
139
141
|
pendingRequests
|
|
140
142
|
};
|
|
141
143
|
}
|
|
142
|
-
registerRoutes(
|
|
143
|
-
registerOAuthRoutes(router);
|
|
144
|
+
registerRoutes() {
|
|
145
|
+
registerOAuthRoutes(this.#router);
|
|
144
146
|
}
|
|
145
|
-
registerWellKnownRoutes(
|
|
146
|
-
registerWellKnownRoutes(router);
|
|
147
|
+
registerWellKnownRoutes() {
|
|
148
|
+
registerWellKnownRoutes(this.#router);
|
|
147
149
|
}
|
|
148
|
-
registerProtectedResource(
|
|
150
|
+
registerProtectedResource(options) {
|
|
149
151
|
const wellKnownPath = `/.well-known/oauth-protected-resource${options.resource}`;
|
|
150
|
-
router.get(wellKnownPath, async (ctx) => {
|
|
152
|
+
this.#router.get(wellKnownPath, async (ctx) => {
|
|
151
153
|
ctx.response.header("Cache-Control", "public, max-age=15, stale-while-revalidate=15, stale-if-error=86400");
|
|
152
154
|
return {
|
|
153
155
|
resource: `${this.#config.issuer}${options.resource}`,
|
package/build/src/guard/main.js
CHANGED
|
@@ -2,5 +2,5 @@ import "../../decorate-BKZEjPRg.js";
|
|
|
2
2
|
import "../../oauth_access_token-bsoM5KeU.js";
|
|
3
3
|
import "../../oauth_client-BIoY5jBR.js";
|
|
4
4
|
import "../../token_service-fhoA4slP.js";
|
|
5
|
-
import { i as OAuthGuard, n as oauthUserProvider, r as OAuthLucidUserProvider, t as oauthGuard } from "../../main-
|
|
5
|
+
import { i as OAuthGuard, n as oauthUserProvider, r as OAuthLucidUserProvider, t as oauthGuard } from "../../main-ix9EOujk.js";
|
|
6
6
|
export { OAuthGuard, OAuthLucidUserProvider, oauthGuard, oauthUserProvider };
|
|
@@ -14,7 +14,7 @@ export interface PurgeResult {
|
|
|
14
14
|
*/
|
|
15
15
|
export declare class SesameManager {
|
|
16
16
|
#private;
|
|
17
|
-
constructor(config: ResolvedSesameConfig);
|
|
17
|
+
constructor(config: ResolvedSesameConfig, router: Router);
|
|
18
18
|
get config(): ResolvedSesameConfig;
|
|
19
19
|
/**
|
|
20
20
|
* Check if a scope is registered in the server configuration.
|
|
@@ -71,18 +71,18 @@ export declare class SesameManager {
|
|
|
71
71
|
* @example
|
|
72
72
|
* ```ts
|
|
73
73
|
* router.group(() => {
|
|
74
|
-
* sesame.registerRoutes(
|
|
74
|
+
* sesame.registerRoutes()
|
|
75
75
|
* }).prefix('/oauth')
|
|
76
76
|
* ```
|
|
77
77
|
*/
|
|
78
|
-
registerRoutes(
|
|
78
|
+
registerRoutes(): void;
|
|
79
79
|
/**
|
|
80
80
|
* Register well-known discovery routes at the root level.
|
|
81
81
|
*
|
|
82
82
|
* Must be called outside any prefix group so endpoints
|
|
83
83
|
* remain at `/.well-known/...`.
|
|
84
84
|
*/
|
|
85
|
-
registerWellKnownRoutes(
|
|
85
|
+
registerWellKnownRoutes(): void;
|
|
86
86
|
/**
|
|
87
87
|
* Register a `/.well-known/oauth-protected-resource` endpoint
|
|
88
88
|
* for a specific resource path (RFC 9728). Useful for MCP
|
|
@@ -90,7 +90,7 @@ export declare class SesameManager {
|
|
|
90
90
|
*
|
|
91
91
|
* @see https://datatracker.ietf.org/doc/html/rfc9728
|
|
92
92
|
*/
|
|
93
|
-
registerProtectedResource(
|
|
93
|
+
registerProtectedResource(options: {
|
|
94
94
|
resource: string;
|
|
95
95
|
scopes?: Scope[];
|
|
96
96
|
}): void;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { a as OAuthRefreshToken, i as OAuthAuthorizationCode, t as SesameManager } from "./sesame_manager-
|
|
1
|
+
import { a as OAuthRefreshToken, i as OAuthAuthorizationCode, t as SesameManager } from "./sesame_manager-Br0DIJgM.js";
|
|
2
2
|
import "./decorate-BKZEjPRg.js";
|
|
3
3
|
import { t as OAuthAccessToken } from "./oauth_access_token-bsoM5KeU.js";
|
|
4
4
|
import { a as E_INVALID_GRANT, o as E_INVALID_REQUEST, r as E_INVALID_CLIENT, s as E_INVALID_SCOPE, u as E_UNSUPPORTED_GRANT_TYPE } from "./oauth_error-CnJ3L8tf.js";
|