@kya-os/contracts 1.6.0 → 1.6.2-canary.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/dist/agentshield-api/schemas.d.ts +48 -27
  2. package/dist/agentshield-api/schemas.js +4 -5
  3. package/dist/agentshield-api/types.d.ts +4 -6
  4. package/dist/config/identity.d.ts +2 -205
  5. package/dist/config/identity.js +0 -28
  6. package/dist/config/index.d.ts +1 -2
  7. package/dist/consent/schemas.d.ts +76 -171
  8. package/dist/consent/schemas.js +1 -39
  9. package/dist/dashboard-config/schemas.d.ts +1351 -2607
  10. package/dist/index.d.ts +0 -1
  11. package/dist/index.js +0 -2
  12. package/dist/tool-protection/index.d.ts +14 -490
  13. package/dist/tool-protection/index.js +2 -89
  14. package/package.json +120 -63
  15. package/dist/audit/index.d.ts +0 -193
  16. package/dist/audit/index.js +0 -100
  17. package/dist/config/tool-context.d.ts +0 -34
  18. package/dist/config/tool-context.js +0 -13
  19. package/dist/verifier/index.d.ts +0 -1
  20. package/dist/verifier/index.js +0 -18
package/dist/index.d.ts CHANGED
@@ -21,6 +21,5 @@ export * from "./test.js";
21
21
  export * from "./utils/validation.js";
22
22
  export * from "./vc/index.js";
23
23
  export * from "./delegation/index.js";
24
- export * from "./audit/index.js";
25
24
  export declare const CONTRACTS_VERSION = "1.2.1";
26
25
  export declare const SUPPORTED_XMCP_I_VERSION = "^1.0.0";
package/dist/index.js CHANGED
@@ -40,8 +40,6 @@ __exportStar(require("./utils/validation.js"), exports);
40
40
  // W3C VC and Delegation exports (for mcp-i-core compatibility)
41
41
  __exportStar(require("./vc/index.js"), exports);
42
42
  __exportStar(require("./delegation/index.js"), exports);
43
- // Audit types (platform-agnostic)
44
- __exportStar(require("./audit/index.js"), exports);
45
43
  // Version information
46
44
  exports.CONTRACTS_VERSION = "1.2.1";
47
45
  exports.SUPPORTED_XMCP_I_VERSION = "^1.0.0";
package/dist/tool-protection/index.d.ts CHANGED
@@ -8,31 +8,6 @@
8
8
  * @module @kya-os/contracts/tool-protection
9
9
  */
10
10
  import { z } from 'zod';
11
- /**
12
- * Authorization Requirement (Discriminated Union)
13
- *
14
- * Defines the type of authorization required for a tool.
15
- * Extensible design to support OAuth, MDL, IDV, credentials, etc.
16
- */
17
- export type AuthorizationRequirement = {
18
- type: 'oauth';
19
- provider: string;
20
- requiredScopes?: string[];
21
- } | {
22
- type: 'mdl';
23
- issuer: string;
24
- credentialType?: string;
25
- } | {
26
- type: 'idv';
27
- provider: string;
28
- verificationLevel?: 'basic' | 'enhanced' | 'loa3';
29
- } | {
30
- type: 'credential';
31
- credentialType: string;
32
- issuer?: string;
33
- } | {
34
- type: 'none';
35
- };
36
11
  /**
37
12
  * Tool Protection Definition
38
13
  *
@@ -54,19 +29,6 @@ export interface ToolProtection {
54
29
  * Used to determine appropriate authorization flows
55
30
  */
56
31
  riskLevel?: 'low' | 'medium' | 'high' | 'critical';
57
- /**
58
- * OAuth provider name for this tool (Phase 2+)
59
- * If specified, this tool will use the specified OAuth provider.
60
- * If not specified, provider will be resolved via fallback strategies.
61
- * @example "github", "google", "microsoft"
62
- * @deprecated Use `authorization` field instead. Will be removed in Phase 3.
63
- */
64
- oauthProvider?: string;
65
- /**
66
- * Authorization requirement for this tool
67
- * If requiresDelegation=true, authorization must be specified (or inferred from legacy fields)
68
- */
69
- authorization?: AuthorizationRequirement;
70
32
  }
71
33
  /**
72
34
  * Tool Protection Map
@@ -75,23 +37,6 @@ export interface ToolProtection {
75
37
  * This is how tool protections are typically stored and transmitted.
76
38
  */
77
39
  export type ToolProtectionMap = Record<string, ToolProtection>;
78
- /**
79
- * Partial tool protection for updates (all fields optional)
80
- * Use this when accepting partial updates to tool protection settings
81
- */
82
- export type PartialToolProtection = Partial<ToolProtection>;
83
- /**
84
- * Tool protection with explicit optional fields
85
- * Useful when TypeScript's Partial<T> doesn't preserve optional property access
86
- * Supports explicit null values to clear fields
87
- */
88
- export type ToolProtectionUpdate = {
89
- requiresDelegation?: boolean;
90
- requiredScopes?: string[];
91
- riskLevel?: 'low' | 'medium' | 'high' | 'critical';
92
- oauthProvider?: string | null;
93
- authorization?: AuthorizationRequirement | null;
94
- };
95
40
  /**
96
41
  * Tool Protection Response
97
42
  *
@@ -149,477 +94,82 @@ export interface DelegationRequiredErrorData {
149
94
  */
150
95
  reason?: string;
151
96
  }
152
- /**
153
- * Legacy tool protection format (pre-authorization field)
154
- * Used during migration period to support both old and new formats
155
- */
156
- export type LegacyToolProtection = Omit<ToolProtection, 'authorization'> & {
157
- oauthProvider?: string;
158
- };
159
- /**
160
- * Union type for both legacy and new formats
161
- * Useful during migration period when accepting tool protection input
162
- */
163
- export type ToolProtectionInput = ToolProtection | LegacyToolProtection;
164
97
  /**
165
98
  * Zod Schemas for Validation
166
99
  */
167
- export declare const AuthorizationRequirementSchema: z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
168
- type: z.ZodLiteral<"oauth">;
169
- provider: z.ZodString;
170
- requiredScopes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
171
- }, "strip", z.ZodTypeAny, {
172
- type: "oauth";
173
- provider: string;
174
- requiredScopes?: string[] | undefined;
175
- }, {
176
- type: "oauth";
177
- provider: string;
178
- requiredScopes?: string[] | undefined;
179
- }>, z.ZodObject<{
180
- type: z.ZodLiteral<"mdl">;
181
- issuer: z.ZodString;
182
- credentialType: z.ZodOptional<z.ZodString>;
183
- }, "strip", z.ZodTypeAny, {
184
- type: "mdl";
185
- issuer: string;
186
- credentialType?: string | undefined;
187
- }, {
188
- type: "mdl";
189
- issuer: string;
190
- credentialType?: string | undefined;
191
- }>, z.ZodObject<{
192
- type: z.ZodLiteral<"idv">;
193
- provider: z.ZodString;
194
- verificationLevel: z.ZodOptional<z.ZodEnum<["basic", "enhanced", "loa3"]>>;
195
- }, "strip", z.ZodTypeAny, {
196
- type: "idv";
197
- provider: string;
198
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
199
- }, {
200
- type: "idv";
201
- provider: string;
202
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
203
- }>, z.ZodObject<{
204
- type: z.ZodLiteral<"credential">;
205
- credentialType: z.ZodString;
206
- issuer: z.ZodOptional<z.ZodString>;
207
- }, "strip", z.ZodTypeAny, {
208
- type: "credential";
209
- credentialType: string;
210
- issuer?: string | undefined;
211
- }, {
212
- type: "credential";
213
- credentialType: string;
214
- issuer?: string | undefined;
215
- }>, z.ZodObject<{
216
- type: z.ZodLiteral<"none">;
217
- }, "strip", z.ZodTypeAny, {
218
- type: "none";
219
- }, {
220
- type: "none";
221
- }>]>;
222
100
  export declare const ToolProtectionSchema: z.ZodObject<{
223
101
  requiresDelegation: z.ZodBoolean;
224
102
  requiredScopes: z.ZodArray<z.ZodString, "many">;
225
103
  riskLevel: z.ZodOptional<z.ZodEnum<["low", "medium", "high", "critical"]>>;
226
- oauthProvider: z.ZodOptional<z.ZodString>;
227
- authorization: z.ZodOptional<z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
228
- type: z.ZodLiteral<"oauth">;
229
- provider: z.ZodString;
230
- requiredScopes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
231
- }, "strip", z.ZodTypeAny, {
232
- type: "oauth";
233
- provider: string;
234
- requiredScopes?: string[] | undefined;
235
- }, {
236
- type: "oauth";
237
- provider: string;
238
- requiredScopes?: string[] | undefined;
239
- }>, z.ZodObject<{
240
- type: z.ZodLiteral<"mdl">;
241
- issuer: z.ZodString;
242
- credentialType: z.ZodOptional<z.ZodString>;
243
- }, "strip", z.ZodTypeAny, {
244
- type: "mdl";
245
- issuer: string;
246
- credentialType?: string | undefined;
247
- }, {
248
- type: "mdl";
249
- issuer: string;
250
- credentialType?: string | undefined;
251
- }>, z.ZodObject<{
252
- type: z.ZodLiteral<"idv">;
253
- provider: z.ZodString;
254
- verificationLevel: z.ZodOptional<z.ZodEnum<["basic", "enhanced", "loa3"]>>;
255
- }, "strip", z.ZodTypeAny, {
256
- type: "idv";
257
- provider: string;
258
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
259
- }, {
260
- type: "idv";
261
- provider: string;
262
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
263
- }>, z.ZodObject<{
264
- type: z.ZodLiteral<"credential">;
265
- credentialType: z.ZodString;
266
- issuer: z.ZodOptional<z.ZodString>;
267
- }, "strip", z.ZodTypeAny, {
268
- type: "credential";
269
- credentialType: string;
270
- issuer?: string | undefined;
271
- }, {
272
- type: "credential";
273
- credentialType: string;
274
- issuer?: string | undefined;
275
- }>, z.ZodObject<{
276
- type: z.ZodLiteral<"none">;
277
- }, "strip", z.ZodTypeAny, {
278
- type: "none";
279
- }, {
280
- type: "none";
281
- }>]>>;
282
104
  }, "strip", z.ZodTypeAny, {
283
- requiredScopes: string[];
284
105
  requiresDelegation: boolean;
106
+ requiredScopes: string[];
285
107
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
286
- oauthProvider?: string | undefined;
287
- authorization?: {
288
- type: "oauth";
289
- provider: string;
290
- requiredScopes?: string[] | undefined;
291
- } | {
292
- type: "mdl";
293
- issuer: string;
294
- credentialType?: string | undefined;
295
- } | {
296
- type: "idv";
297
- provider: string;
298
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
299
- } | {
300
- type: "credential";
301
- credentialType: string;
302
- issuer?: string | undefined;
303
- } | {
304
- type: "none";
305
- } | undefined;
306
108
  }, {
307
- requiredScopes: string[];
308
109
  requiresDelegation: boolean;
110
+ requiredScopes: string[];
309
111
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
310
- oauthProvider?: string | undefined;
311
- authorization?: {
312
- type: "oauth";
313
- provider: string;
314
- requiredScopes?: string[] | undefined;
315
- } | {
316
- type: "mdl";
317
- issuer: string;
318
- credentialType?: string | undefined;
319
- } | {
320
- type: "idv";
321
- provider: string;
322
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
323
- } | {
324
- type: "credential";
325
- credentialType: string;
326
- issuer?: string | undefined;
327
- } | {
328
- type: "none";
329
- } | undefined;
330
112
  }>;
331
113
  export declare const ToolProtectionMapSchema: z.ZodRecord<z.ZodString, z.ZodObject<{
332
114
  requiresDelegation: z.ZodBoolean;
333
115
  requiredScopes: z.ZodArray<z.ZodString, "many">;
334
116
  riskLevel: z.ZodOptional<z.ZodEnum<["low", "medium", "high", "critical"]>>;
335
- oauthProvider: z.ZodOptional<z.ZodString>;
336
- authorization: z.ZodOptional<z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
337
- type: z.ZodLiteral<"oauth">;
338
- provider: z.ZodString;
339
- requiredScopes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
340
- }, "strip", z.ZodTypeAny, {
341
- type: "oauth";
342
- provider: string;
343
- requiredScopes?: string[] | undefined;
344
- }, {
345
- type: "oauth";
346
- provider: string;
347
- requiredScopes?: string[] | undefined;
348
- }>, z.ZodObject<{
349
- type: z.ZodLiteral<"mdl">;
350
- issuer: z.ZodString;
351
- credentialType: z.ZodOptional<z.ZodString>;
352
- }, "strip", z.ZodTypeAny, {
353
- type: "mdl";
354
- issuer: string;
355
- credentialType?: string | undefined;
356
- }, {
357
- type: "mdl";
358
- issuer: string;
359
- credentialType?: string | undefined;
360
- }>, z.ZodObject<{
361
- type: z.ZodLiteral<"idv">;
362
- provider: z.ZodString;
363
- verificationLevel: z.ZodOptional<z.ZodEnum<["basic", "enhanced", "loa3"]>>;
364
- }, "strip", z.ZodTypeAny, {
365
- type: "idv";
366
- provider: string;
367
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
368
- }, {
369
- type: "idv";
370
- provider: string;
371
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
372
- }>, z.ZodObject<{
373
- type: z.ZodLiteral<"credential">;
374
- credentialType: z.ZodString;
375
- issuer: z.ZodOptional<z.ZodString>;
376
- }, "strip", z.ZodTypeAny, {
377
- type: "credential";
378
- credentialType: string;
379
- issuer?: string | undefined;
380
- }, {
381
- type: "credential";
382
- credentialType: string;
383
- issuer?: string | undefined;
384
- }>, z.ZodObject<{
385
- type: z.ZodLiteral<"none">;
386
- }, "strip", z.ZodTypeAny, {
387
- type: "none";
388
- }, {
389
- type: "none";
390
- }>]>>;
391
117
  }, "strip", z.ZodTypeAny, {
392
- requiredScopes: string[];
393
118
  requiresDelegation: boolean;
119
+ requiredScopes: string[];
394
120
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
395
- oauthProvider?: string | undefined;
396
- authorization?: {
397
- type: "oauth";
398
- provider: string;
399
- requiredScopes?: string[] | undefined;
400
- } | {
401
- type: "mdl";
402
- issuer: string;
403
- credentialType?: string | undefined;
404
- } | {
405
- type: "idv";
406
- provider: string;
407
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
408
- } | {
409
- type: "credential";
410
- credentialType: string;
411
- issuer?: string | undefined;
412
- } | {
413
- type: "none";
414
- } | undefined;
415
121
  }, {
416
- requiredScopes: string[];
417
122
  requiresDelegation: boolean;
123
+ requiredScopes: string[];
418
124
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
419
- oauthProvider?: string | undefined;
420
- authorization?: {
421
- type: "oauth";
422
- provider: string;
423
- requiredScopes?: string[] | undefined;
424
- } | {
425
- type: "mdl";
426
- issuer: string;
427
- credentialType?: string | undefined;
428
- } | {
429
- type: "idv";
430
- provider: string;
431
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
432
- } | {
433
- type: "credential";
434
- credentialType: string;
435
- issuer?: string | undefined;
436
- } | {
437
- type: "none";
438
- } | undefined;
439
125
  }>>;
440
126
  export declare const ToolProtectionResponseSchema: z.ZodObject<{
441
127
  toolProtections: z.ZodRecord<z.ZodString, z.ZodObject<{
442
128
  requiresDelegation: z.ZodBoolean;
443
129
  requiredScopes: z.ZodArray<z.ZodString, "many">;
444
130
  riskLevel: z.ZodOptional<z.ZodEnum<["low", "medium", "high", "critical"]>>;
445
- oauthProvider: z.ZodOptional<z.ZodString>;
446
- authorization: z.ZodOptional<z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
447
- type: z.ZodLiteral<"oauth">;
448
- provider: z.ZodString;
449
- requiredScopes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
450
- }, "strip", z.ZodTypeAny, {
451
- type: "oauth";
452
- provider: string;
453
- requiredScopes?: string[] | undefined;
454
- }, {
455
- type: "oauth";
456
- provider: string;
457
- requiredScopes?: string[] | undefined;
458
- }>, z.ZodObject<{
459
- type: z.ZodLiteral<"mdl">;
460
- issuer: z.ZodString;
461
- credentialType: z.ZodOptional<z.ZodString>;
462
- }, "strip", z.ZodTypeAny, {
463
- type: "mdl";
464
- issuer: string;
465
- credentialType?: string | undefined;
466
- }, {
467
- type: "mdl";
468
- issuer: string;
469
- credentialType?: string | undefined;
470
- }>, z.ZodObject<{
471
- type: z.ZodLiteral<"idv">;
472
- provider: z.ZodString;
473
- verificationLevel: z.ZodOptional<z.ZodEnum<["basic", "enhanced", "loa3"]>>;
474
- }, "strip", z.ZodTypeAny, {
475
- type: "idv";
476
- provider: string;
477
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
478
- }, {
479
- type: "idv";
480
- provider: string;
481
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
482
- }>, z.ZodObject<{
483
- type: z.ZodLiteral<"credential">;
484
- credentialType: z.ZodString;
485
- issuer: z.ZodOptional<z.ZodString>;
486
- }, "strip", z.ZodTypeAny, {
487
- type: "credential";
488
- credentialType: string;
489
- issuer?: string | undefined;
490
- }, {
491
- type: "credential";
492
- credentialType: string;
493
- issuer?: string | undefined;
494
- }>, z.ZodObject<{
495
- type: z.ZodLiteral<"none">;
496
- }, "strip", z.ZodTypeAny, {
497
- type: "none";
498
- }, {
499
- type: "none";
500
- }>]>>;
501
131
  }, "strip", z.ZodTypeAny, {
502
- requiredScopes: string[];
503
132
  requiresDelegation: boolean;
133
+ requiredScopes: string[];
504
134
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
505
- oauthProvider?: string | undefined;
506
- authorization?: {
507
- type: "oauth";
508
- provider: string;
509
- requiredScopes?: string[] | undefined;
510
- } | {
511
- type: "mdl";
512
- issuer: string;
513
- credentialType?: string | undefined;
514
- } | {
515
- type: "idv";
516
- provider: string;
517
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
518
- } | {
519
- type: "credential";
520
- credentialType: string;
521
- issuer?: string | undefined;
522
- } | {
523
- type: "none";
524
- } | undefined;
525
135
  }, {
526
- requiredScopes: string[];
527
136
  requiresDelegation: boolean;
137
+ requiredScopes: string[];
528
138
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
529
- oauthProvider?: string | undefined;
530
- authorization?: {
531
- type: "oauth";
532
- provider: string;
533
- requiredScopes?: string[] | undefined;
534
- } | {
535
- type: "mdl";
536
- issuer: string;
537
- credentialType?: string | undefined;
538
- } | {
539
- type: "idv";
540
- provider: string;
541
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
542
- } | {
543
- type: "credential";
544
- credentialType: string;
545
- issuer?: string | undefined;
546
- } | {
547
- type: "none";
548
- } | undefined;
549
139
  }>>;
550
140
  metadata: z.ZodOptional<z.ZodObject<{
551
141
  lastUpdated: z.ZodOptional<z.ZodString>;
552
142
  version: z.ZodOptional<z.ZodString>;
553
143
  source: z.ZodOptional<z.ZodString>;
554
144
  }, "strip", z.ZodTypeAny, {
555
- lastUpdated?: string | undefined;
556
145
  version?: string | undefined;
146
+ lastUpdated?: string | undefined;
557
147
  source?: string | undefined;
558
148
  }, {
559
- lastUpdated?: string | undefined;
560
149
  version?: string | undefined;
150
+ lastUpdated?: string | undefined;
561
151
  source?: string | undefined;
562
152
  }>>;
563
153
  }, "strip", z.ZodTypeAny, {
564
154
  toolProtections: Record<string, {
565
- requiredScopes: string[];
566
155
  requiresDelegation: boolean;
156
+ requiredScopes: string[];
567
157
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
568
- oauthProvider?: string | undefined;
569
- authorization?: {
570
- type: "oauth";
571
- provider: string;
572
- requiredScopes?: string[] | undefined;
573
- } | {
574
- type: "mdl";
575
- issuer: string;
576
- credentialType?: string | undefined;
577
- } | {
578
- type: "idv";
579
- provider: string;
580
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
581
- } | {
582
- type: "credential";
583
- credentialType: string;
584
- issuer?: string | undefined;
585
- } | {
586
- type: "none";
587
- } | undefined;
588
158
  }>;
589
159
  metadata?: {
590
- lastUpdated?: string | undefined;
591
160
  version?: string | undefined;
161
+ lastUpdated?: string | undefined;
592
162
  source?: string | undefined;
593
163
  } | undefined;
594
164
  }, {
595
165
  toolProtections: Record<string, {
596
- requiredScopes: string[];
597
166
  requiresDelegation: boolean;
167
+ requiredScopes: string[];
598
168
  riskLevel?: "low" | "medium" | "high" | "critical" | undefined;
599
- oauthProvider?: string | undefined;
600
- authorization?: {
601
- type: "oauth";
602
- provider: string;
603
- requiredScopes?: string[] | undefined;
604
- } | {
605
- type: "mdl";
606
- issuer: string;
607
- credentialType?: string | undefined;
608
- } | {
609
- type: "idv";
610
- provider: string;
611
- verificationLevel?: "basic" | "enhanced" | "loa3" | undefined;
612
- } | {
613
- type: "credential";
614
- credentialType: string;
615
- issuer?: string | undefined;
616
- } | {
617
- type: "none";
618
- } | undefined;
619
169
  }>;
620
170
  metadata?: {
621
- lastUpdated?: string | undefined;
622
171
  version?: string | undefined;
172
+ lastUpdated?: string | undefined;
623
173
  source?: string | undefined;
624
174
  } | undefined;
625
175
  }>;
@@ -632,15 +182,15 @@ export declare const DelegationRequiredErrorDataSchema: z.ZodObject<{
632
182
  }, "strip", z.ZodTypeAny, {
633
183
  requiredScopes: string[];
634
184
  toolName: string;
185
+ reason?: string | undefined;
635
186
  consentUrl?: string | undefined;
636
187
  authorizationUrl?: string | undefined;
637
- reason?: string | undefined;
638
188
  }, {
639
189
  requiredScopes: string[];
640
190
  toolName: string;
191
+ reason?: string | undefined;
641
192
  consentUrl?: string | undefined;
642
193
  authorizationUrl?: string | undefined;
643
- reason?: string | undefined;
644
194
  }>;
645
195
  /**
646
196
  * Type Guards
@@ -649,18 +199,6 @@ export declare function isToolProtection(obj: any): obj is ToolProtection;
649
199
  export declare function isToolProtectionMap(obj: any): obj is ToolProtectionMap;
650
200
  export declare function isToolProtectionResponse(obj: any): obj is ToolProtectionResponse;
651
201
  export declare function isDelegationRequiredErrorData(obj: any): obj is DelegationRequiredErrorData;
652
- /**
653
- * Type guard to check if an object is a valid AuthorizationRequirement
654
- */
655
- export declare function isAuthorizationRequirement(obj: unknown): obj is AuthorizationRequirement;
656
- /**
657
- * Type guard to check if a ToolProtection has OAuth authorization
658
- */
659
- export declare function hasOAuthAuthorization(protection: ToolProtection): protection is ToolProtection & {
660
- authorization: {
661
- type: 'oauth';
662
- };
663
- };
664
202
  /**
665
203
  * Validation Functions
666
204
  */
@@ -687,17 +225,3 @@ export declare function getToolRiskLevel(toolName: string, protections: ToolProt
687
225
  * Create a delegation required error
688
226
  */
689
227
  export declare function createDelegationRequiredError(toolName: string, requiredScopes: string[], consentUrl?: string): DelegationRequiredErrorData;
690
- /**
691
- * Normalize tool protection configuration
692
- * Migrates legacy oauthProvider field to authorization object
693
- *
694
- * - Migrates `oauthProvider` → `authorization: { type: 'oauth', provider: ... }`
695
- * - Ensures `authorization` field is present when `requiresDelegation=true`
696
- * - Returns fully normalized ToolProtection object
697
- *
698
- * @param raw - Raw tool protection data (may have legacy fields or be partial)
699
- * @returns Normalized ToolProtection object
700
- *
701
- * // TODO: Remove normalizeToolProtection() when all tools migrated (target: Phase 3)
702
- */
703
- export declare function normalizeToolProtection(raw: ToolProtection | PartialToolProtection): ToolProtection;