@kya-os/mcp-i-cloudflare 1.5.8-canary.5 → 1.5.8-canary.51
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +130 -0
- package/dist/__tests__/e2e/test-config.d.ts +37 -0
- package/dist/__tests__/e2e/test-config.d.ts.map +1 -0
- package/dist/__tests__/e2e/test-config.js +62 -0
- package/dist/__tests__/e2e/test-config.js.map +1 -0
- package/dist/adapter.d.ts +44 -0
- package/dist/adapter.d.ts.map +1 -1
- package/dist/adapter.js +677 -88
- package/dist/adapter.js.map +1 -1
- package/dist/agent.d.ts +45 -1
- package/dist/agent.d.ts.map +1 -1
- package/dist/agent.js +406 -12
- package/dist/agent.js.map +1 -1
- package/dist/app.d.ts.map +1 -1
- package/dist/app.js +19 -3
- package/dist/app.js.map +1 -1
- package/dist/cache/kv-oauth-config-cache.d.ts +47 -0
- package/dist/cache/kv-oauth-config-cache.d.ts.map +1 -0
- package/dist/cache/kv-oauth-config-cache.js +82 -0
- package/dist/cache/kv-oauth-config-cache.js.map +1 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +33 -4
- package/dist/config.js.map +1 -1
- package/dist/helpers/env-mapper.d.ts +60 -1
- package/dist/helpers/env-mapper.d.ts.map +1 -1
- package/dist/helpers/env-mapper.js +136 -6
- package/dist/helpers/env-mapper.js.map +1 -1
- package/dist/index.d.ts +3 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -2
- package/dist/index.js.map +1 -1
- package/dist/runtime/audit-logger.d.ts +96 -0
- package/dist/runtime/audit-logger.d.ts.map +1 -0
- package/dist/runtime/audit-logger.js +276 -0
- package/dist/runtime/audit-logger.js.map +1 -0
- package/dist/runtime/oauth-handler.d.ts +5 -0
- package/dist/runtime/oauth-handler.d.ts.map +1 -1
- package/dist/runtime/oauth-handler.js +287 -35
- package/dist/runtime/oauth-handler.js.map +1 -1
- package/dist/runtime.d.ts +12 -1
- package/dist/runtime.d.ts.map +1 -1
- package/dist/runtime.js +34 -4
- package/dist/runtime.js.map +1 -1
- package/dist/server.d.ts +7 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +55 -2
- package/dist/server.js.map +1 -1
- package/dist/services/admin.service.d.ts.map +1 -1
- package/dist/services/admin.service.js +42 -1
- package/dist/services/admin.service.js.map +1 -1
- package/dist/services/consent-audit.service.d.ts +91 -0
- package/dist/services/consent-audit.service.d.ts.map +1 -0
- package/dist/services/consent-audit.service.js +243 -0
- package/dist/services/consent-audit.service.js.map +1 -0
- package/dist/services/consent-config.service.d.ts +2 -2
- package/dist/services/consent-config.service.d.ts.map +1 -1
- package/dist/services/consent-config.service.js +55 -24
- package/dist/services/consent-config.service.js.map +1 -1
- package/dist/services/consent-page-renderer.d.ts +14 -0
- package/dist/services/consent-page-renderer.d.ts.map +1 -1
- package/dist/services/consent-page-renderer.js +42 -0
- package/dist/services/consent-page-renderer.js.map +1 -1
- package/dist/services/consent.service.d.ts +82 -4
- package/dist/services/consent.service.d.ts.map +1 -1
- package/dist/services/consent.service.js +1717 -34
- package/dist/services/consent.service.js.map +1 -1
- package/dist/services/delegation.service.d.ts.map +1 -1
- package/dist/services/delegation.service.js +67 -29
- package/dist/services/delegation.service.js.map +1 -1
- package/dist/services/idp-token-storage.d.ts +68 -0
- package/dist/services/idp-token-storage.d.ts.map +1 -0
- package/dist/services/idp-token-storage.js +157 -0
- package/dist/services/idp-token-storage.js.map +1 -0
- package/dist/services/oauth-service.d.ts +66 -0
- package/dist/services/oauth-service.d.ts.map +1 -0
- package/dist/services/oauth-service.js +223 -0
- package/dist/services/oauth-service.js.map +1 -0
- package/dist/services/proof.service.d.ts +5 -3
- package/dist/services/proof.service.d.ts.map +1 -1
- package/dist/services/proof.service.js +35 -8
- package/dist/services/proof.service.js.map +1 -1
- package/dist/services/tool-context-builder.d.ts +55 -0
- package/dist/services/tool-context-builder.d.ts.map +1 -0
- package/dist/services/tool-context-builder.js +124 -0
- package/dist/services/tool-context-builder.js.map +1 -0
- package/dist/types/tool-context.d.ts +35 -0
- package/dist/types/tool-context.d.ts.map +1 -0
- package/dist/types/tool-context.js +13 -0
- package/dist/types/tool-context.js.map +1 -0
- package/dist/types.d.ts +30 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +27 -60
package/dist/agent.js
CHANGED
|
@@ -6,10 +6,15 @@
|
|
|
6
6
|
* Users only need to extend this class and register their tools.
|
|
7
7
|
*/
|
|
8
8
|
import { McpAgent } from "agents/mcp";
|
|
9
|
-
import { McpServer } from "@modelcontextprotocol/sdk/server/
|
|
9
|
+
import { Server as McpServer } from "@modelcontextprotocol/sdk/server/index.js";
|
|
10
10
|
import { CloudflareRuntime } from "./runtime";
|
|
11
11
|
import { createCloudflareRuntime } from "./index";
|
|
12
12
|
import { mapPrefixedEnv } from "./helpers/env-mapper";
|
|
13
|
+
import { STORAGE_KEYS } from "./constants/storage-keys";
|
|
14
|
+
import { OAuthConfigService, OAuthService, IdpTokenResolver, ToolContextBuilder, OAuthRequiredError, DelegationRequiredError, } from "@kya-os/mcp-i-core";
|
|
15
|
+
import { KVOAuthConfigCache } from "./cache/kv-oauth-config-cache";
|
|
16
|
+
import { IdpTokenStorage } from "./services/idp-token-storage";
|
|
17
|
+
import { OAuthSecurityService } from "./services/oauth-security.service";
|
|
13
18
|
// Global registry for agent options (set by createMCPIApp)
|
|
14
19
|
const agentOptionsRegistry = new Map();
|
|
15
20
|
/**
|
|
@@ -30,6 +35,8 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
30
35
|
server = new McpServer({
|
|
31
36
|
name: "MCP-I Agent",
|
|
32
37
|
version: "1.0.0",
|
|
38
|
+
}, {
|
|
39
|
+
capabilities: {}
|
|
33
40
|
});
|
|
34
41
|
mcpiRuntime;
|
|
35
42
|
env;
|
|
@@ -51,6 +58,8 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
51
58
|
this.server = new McpServer({
|
|
52
59
|
name: this.options.name,
|
|
53
60
|
version: this.options.version || "1.0.0",
|
|
61
|
+
}, {
|
|
62
|
+
capabilities: {}
|
|
54
63
|
});
|
|
55
64
|
// Map prefixed environment to standard CloudflareEnv
|
|
56
65
|
const mappedEnv = this.options.envPrefix
|
|
@@ -73,10 +82,13 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
73
82
|
mappedEnv.AGENTSHIELD_PROJECT_ID,
|
|
74
83
|
cacheTtl: runtimeConfig.toolProtection.agentShield?.cacheTtl || 300000,
|
|
75
84
|
debug: runtimeConfig.environment === "development",
|
|
85
|
+
// Wrap fallback ToolProtectionMap into ToolProtectionConfig format
|
|
86
|
+
// Handle both wrapped and unwrapped formats for backward compatibility
|
|
76
87
|
fallbackConfig: runtimeConfig.toolProtection.fallback
|
|
77
|
-
?
|
|
78
|
-
|
|
79
|
-
|
|
88
|
+
? runtimeConfig.toolProtection.fallback.toolProtections !==
|
|
89
|
+
undefined
|
|
90
|
+
? runtimeConfig.toolProtection.fallback // Already wrapped
|
|
91
|
+
: { toolProtections: runtimeConfig.toolProtection.fallback } // Wrap it
|
|
80
92
|
: undefined,
|
|
81
93
|
})
|
|
82
94
|
: undefined;
|
|
@@ -105,24 +117,96 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
105
117
|
* Call this after construction to set up the runtime and register tools
|
|
106
118
|
*/
|
|
107
119
|
async init() {
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
120
|
+
try {
|
|
121
|
+
await this.mcpiRuntime?.initialize();
|
|
122
|
+
const identity = await this.mcpiRuntime?.getIdentity();
|
|
123
|
+
console.log("[MCP-I] Initialized with DID:", identity?.did);
|
|
124
|
+
// Ensure server is initialized before registering tools
|
|
125
|
+
if (!this.server) {
|
|
126
|
+
throw new Error("Server not initialized. This should not happen - server is initialized in constructor.");
|
|
127
|
+
}
|
|
128
|
+
// Register tools (implemented by subclasses)
|
|
129
|
+
await this.registerTools();
|
|
130
|
+
}
|
|
131
|
+
catch (error) {
|
|
132
|
+
console.error("[MCPICloudflareAgent] Initialization failed:", error);
|
|
133
|
+
throw error;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* Register a tool with automatic session ID extraction and proof generation
|
|
138
|
+
*
|
|
139
|
+
* This helper method automatically extracts `sessionId` from `ToolExtraArguments`
|
|
140
|
+
* and passes it to `executeToolWithProof`, eliminating the need for manual extraction
|
|
141
|
+
* in every tool handler.
|
|
142
|
+
*
|
|
143
|
+
* @example
|
|
144
|
+
* ```typescript
|
|
145
|
+
* this.registerToolWithProof(
|
|
146
|
+
* greetTool.name,
|
|
147
|
+
* greetTool.description,
|
|
148
|
+
* greetTool.inputSchema.shape,
|
|
149
|
+
* greetTool.handler
|
|
150
|
+
* );
|
|
151
|
+
* ```
|
|
152
|
+
*
|
|
153
|
+
* @param name - Tool name
|
|
154
|
+
* @param description - Tool description
|
|
155
|
+
* @param schema - Tool input schema (Zod schema shape)
|
|
156
|
+
* @param handler - Tool handler function that receives args and returns result
|
|
157
|
+
*/
|
|
158
|
+
registerToolWithProof(name, description, schema, handler) {
|
|
159
|
+
// Safety check: ensure server is initialized
|
|
160
|
+
if (!this.server) {
|
|
161
|
+
throw new Error(`Cannot register tool "${name}": server not initialized. Make sure to call init() before registering tools.`);
|
|
162
|
+
}
|
|
163
|
+
try {
|
|
164
|
+
this.server.tool(name, description, schema, async (args, extra) => {
|
|
165
|
+
// ✅ Automatically extract sessionId from ToolExtraArguments
|
|
166
|
+
// This ensures delegation tokens stored with the original session ID
|
|
167
|
+
// can be retrieved on subsequent tool calls
|
|
168
|
+
// Note: extra is typed as 'any' to match MCP SDK's ToolExtraArguments type
|
|
169
|
+
const sessionId = extra?.sessionId;
|
|
170
|
+
return this.executeToolWithProof(name, args, handler, sessionId);
|
|
171
|
+
});
|
|
172
|
+
}
|
|
173
|
+
catch (error) {
|
|
174
|
+
console.error(`[MCPICloudflareAgent] Failed to register tool "${name}":`, error);
|
|
175
|
+
throw error;
|
|
176
|
+
}
|
|
113
177
|
}
|
|
114
178
|
/**
|
|
115
179
|
* Execute a tool with automatic proof generation
|
|
116
180
|
* Use this helper method when registering tools to ensure proofs are generated
|
|
181
|
+
*
|
|
182
|
+
* @param toolName - Name of the tool being executed
|
|
183
|
+
* @param args - Tool arguments
|
|
184
|
+
* @param handler - Tool handler function
|
|
185
|
+
* @param providedSessionId - Optional session ID from MCP request (extracted from ToolExtraArguments.sessionId)
|
|
186
|
+
* If provided, uses this session ID for delegation token lookup.
|
|
187
|
+
* If not provided, falls back to getSessionId() or generates ephemeral ID.
|
|
117
188
|
*/
|
|
118
|
-
async executeToolWithProof(toolName, args, handler) {
|
|
189
|
+
async executeToolWithProof(toolName, args, handler, providedSessionId) {
|
|
119
190
|
if (!this.mcpiRuntime) {
|
|
120
191
|
throw new Error("MCP-I runtime not initialized. Call init() first.");
|
|
121
192
|
}
|
|
122
193
|
// Create session
|
|
194
|
+
// ✅ CRITICAL: Use provided sessionId if available (from MCP request params)
|
|
195
|
+
// This ensures delegation tokens stored with the original session ID can be retrieved
|
|
123
196
|
const timestamp = Date.now();
|
|
124
|
-
const sessionId =
|
|
197
|
+
const sessionId = providedSessionId ||
|
|
198
|
+
this.getSessionId() ||
|
|
125
199
|
`ephemeral-${timestamp}-${Math.random().toString(36).substring(2, 10)}`;
|
|
200
|
+
// Log session ID source for debugging
|
|
201
|
+
if (this.options?.getRuntimeConfig(this.env).environment ===
|
|
202
|
+
"development") {
|
|
203
|
+
console.log("[MCPICloudflareAgent] Session ID source:", {
|
|
204
|
+
provided: !!providedSessionId,
|
|
205
|
+
fromGetSessionId: !!this.getSessionId(),
|
|
206
|
+
isEphemeral: !providedSessionId && !this.getSessionId(),
|
|
207
|
+
sessionId: sessionId.slice(0, 20) + "...",
|
|
208
|
+
});
|
|
209
|
+
}
|
|
126
210
|
// Get server URL from env var (MCP_SERVER_URL) for consent URL building
|
|
127
211
|
// In production, this should be set to the deployed worker URL
|
|
128
212
|
const mappedEnv = this.options?.envPrefix
|
|
@@ -136,6 +220,92 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
136
220
|
// Auto-add https:// if protocol missing
|
|
137
221
|
serverUrl = `https://${serverUrl}`;
|
|
138
222
|
}
|
|
223
|
+
// ✅ Look up delegation token from KV storage (3-priority system)
|
|
224
|
+
let delegationToken;
|
|
225
|
+
let userDid; // Extract userDid for IDP token resolution
|
|
226
|
+
const delegationStorage = mappedEnv.DELEGATION_STORAGE;
|
|
227
|
+
if (delegationStorage) {
|
|
228
|
+
try {
|
|
229
|
+
const agentDid = (await this.mcpiRuntime.getIdentity()).did;
|
|
230
|
+
console.log("[MCPICloudflareAgent] 🔍 Starting delegation token lookup:", {
|
|
231
|
+
sessionId: sessionId.slice(0, 20) + "...",
|
|
232
|
+
agentDid: agentDid.slice(0, 20) + "...",
|
|
233
|
+
hasDelegationStorage: !!delegationStorage,
|
|
234
|
+
});
|
|
235
|
+
// PRIORITY 1: User+Agent scoped token (user-specific, most secure)
|
|
236
|
+
// Try to get userDid from session cache
|
|
237
|
+
const sessionKey = STORAGE_KEYS.session(sessionId);
|
|
238
|
+
const sessionData = (await delegationStorage.get(sessionKey, "json"));
|
|
239
|
+
userDid = sessionData?.userDid;
|
|
240
|
+
if (userDid) {
|
|
241
|
+
const userAgentKey = STORAGE_KEYS.delegation(userDid, agentDid);
|
|
242
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 1: Checking user+agent scoped key:", {
|
|
243
|
+
key: userAgentKey,
|
|
244
|
+
userDid: userDid.slice(0, 20) + "...",
|
|
245
|
+
agentDid: agentDid.slice(0, 20) + "...",
|
|
246
|
+
});
|
|
247
|
+
const userAgentToken = await delegationStorage.get(userAgentKey, "text");
|
|
248
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 1: User+agent scoped lookup result:", {
|
|
249
|
+
found: !!userAgentToken,
|
|
250
|
+
tokenLength: userAgentToken?.length || 0,
|
|
251
|
+
});
|
|
252
|
+
if (userAgentToken) {
|
|
253
|
+
delegationToken = userAgentToken;
|
|
254
|
+
}
|
|
255
|
+
}
|
|
256
|
+
// PRIORITY 2: Session-scoped token (if session ID persists)
|
|
257
|
+
if (!delegationToken) {
|
|
258
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 2: Checking session-scoped key:", {
|
|
259
|
+
key: sessionKey,
|
|
260
|
+
sessionId: sessionId.slice(0, 20) + "...",
|
|
261
|
+
});
|
|
262
|
+
const sessionTokenData = (await delegationStorage.get(sessionKey, "json"));
|
|
263
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 2: Session-scoped lookup result:", {
|
|
264
|
+
found: !!sessionTokenData,
|
|
265
|
+
hasDelegationToken: !!sessionTokenData?.delegationToken,
|
|
266
|
+
tokenLength: sessionTokenData?.delegationToken?.length || 0,
|
|
267
|
+
});
|
|
268
|
+
if (sessionTokenData?.delegationToken) {
|
|
269
|
+
delegationToken = sessionTokenData.delegationToken;
|
|
270
|
+
}
|
|
271
|
+
}
|
|
272
|
+
// PRIORITY 3: Agent-scoped token (legacy fallback - DEPRECATED)
|
|
273
|
+
// Only use when userDid is unavailable (backward compatibility)
|
|
274
|
+
if (!delegationToken && !userDid) {
|
|
275
|
+
const agentKey = STORAGE_KEYS.legacyDelegation(agentDid);
|
|
276
|
+
console.warn("[MCPICloudflareAgent] ⚠️ DEPRECATION: Using agent-scoped token (legacy format). Migrate to user+agent scoped tokens for proper user isolation.", {
|
|
277
|
+
key: agentKey,
|
|
278
|
+
agentDid: agentDid.slice(0, 20) + "...",
|
|
279
|
+
reason: "userDid unavailable",
|
|
280
|
+
});
|
|
281
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 3: Checking agent-scoped key (legacy):", {
|
|
282
|
+
key: agentKey,
|
|
283
|
+
agentDid: agentDid.slice(0, 20) + "...",
|
|
284
|
+
});
|
|
285
|
+
delegationToken = await delegationStorage.get(agentKey, "text");
|
|
286
|
+
console.log("[MCPICloudflareAgent] 🔍 PRIORITY 3: Agent-scoped lookup result:", {
|
|
287
|
+
found: !!delegationToken,
|
|
288
|
+
tokenLength: delegationToken?.length || 0,
|
|
289
|
+
});
|
|
290
|
+
}
|
|
291
|
+
if (delegationToken) {
|
|
292
|
+
console.log("[MCPICloudflareAgent] ✅ Delegation token retrieved:", {
|
|
293
|
+
sessionId: sessionId.slice(0, 20) + "...",
|
|
294
|
+
tokenLength: delegationToken.length,
|
|
295
|
+
source: "kv-storage",
|
|
296
|
+
});
|
|
297
|
+
}
|
|
298
|
+
else {
|
|
299
|
+
console.log("[MCPICloudflareAgent] ⚠️ No delegation token found in KV storage:", {
|
|
300
|
+
sessionId: sessionId.slice(0, 20) + "...",
|
|
301
|
+
agentDid: agentDid.slice(0, 20) + "...",
|
|
302
|
+
});
|
|
303
|
+
}
|
|
304
|
+
}
|
|
305
|
+
catch (error) {
|
|
306
|
+
console.warn("[MCPICloudflareAgent] Failed to retrieve delegation token:", error);
|
|
307
|
+
}
|
|
308
|
+
}
|
|
139
309
|
const session = {
|
|
140
310
|
id: sessionId,
|
|
141
311
|
audience: "https://kya.vouched.id",
|
|
@@ -143,11 +313,235 @@ export class MCPICloudflareAgent extends McpAgent {
|
|
|
143
313
|
createdAt: timestamp,
|
|
144
314
|
expiresAt: timestamp + 30 * 60 * 1000, // 30 minutes
|
|
145
315
|
serverOrigin: serverUrl, // Use MCP_SERVER_URL for consent URL building
|
|
316
|
+
delegationToken, // ✅ Include token in session if found
|
|
317
|
+
};
|
|
318
|
+
// ✅ NEW: Build tool execution context with IDP token (Phase 1 - MH-7)
|
|
319
|
+
let toolContext;
|
|
320
|
+
try {
|
|
321
|
+
toolContext = await this.buildToolContext(toolName, userDid, sessionId, delegationToken, mappedEnv);
|
|
322
|
+
}
|
|
323
|
+
catch (error) {
|
|
324
|
+
// Handle OAuthRequiredError - build OAuth URL and throw DelegationRequiredError
|
|
325
|
+
if (error instanceof OAuthRequiredError) {
|
|
326
|
+
try {
|
|
327
|
+
const oauthUrl = await this.buildOAuthUrlForError(error, sessionId, mappedEnv);
|
|
328
|
+
// Generate resume token using runtime's internal method
|
|
329
|
+
// The runtime will generate it when DelegationRequiredError is thrown
|
|
330
|
+
const resumeToken = `resume_${Date.now()}_${Math.random().toString(36).substring(2, 11)}`;
|
|
331
|
+
// Throw DelegationRequiredError with OAuth URL
|
|
332
|
+
throw new DelegationRequiredError(error.toolName, error.requiredScopes, oauthUrl, // Use OAuth URL as consent URL
|
|
333
|
+
undefined, // interceptedCall
|
|
334
|
+
resumeToken);
|
|
335
|
+
}
|
|
336
|
+
catch (oauthError) {
|
|
337
|
+
// If OAuth URL building fails, re-throw the original error
|
|
338
|
+
throw oauthError instanceof DelegationRequiredError
|
|
339
|
+
? oauthError
|
|
340
|
+
: error;
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
// Log other errors but don't fail tool execution (backward compatibility)
|
|
344
|
+
console.warn("[MCPICloudflareAgent] Failed to build tool context:", error);
|
|
345
|
+
}
|
|
346
|
+
// Wrap handler to pass context as optional second parameter
|
|
347
|
+
// For backward compatibility, handlers can accept (args) or (args, context)
|
|
348
|
+
// If handler doesn't accept context, it will be ignored
|
|
349
|
+
const handlerWithContext = async (handlerArgs) => {
|
|
350
|
+
// Try to call handler with context if available
|
|
351
|
+
// TypeScript function types don't preserve length, so we try both signatures
|
|
352
|
+
try {
|
|
353
|
+
// Try calling with context (for handlers that accept it)
|
|
354
|
+
if (toolContext) {
|
|
355
|
+
return handler(handlerArgs, toolContext);
|
|
356
|
+
}
|
|
357
|
+
else {
|
|
358
|
+
return handler(handlerArgs);
|
|
359
|
+
}
|
|
360
|
+
}
|
|
361
|
+
catch (error) {
|
|
362
|
+
// If handler doesn't accept context parameter, fall back to args-only call
|
|
363
|
+
// This maintains backward compatibility
|
|
364
|
+
return handler(handlerArgs);
|
|
365
|
+
}
|
|
146
366
|
};
|
|
147
367
|
// Execute tool with automatic proof generation
|
|
148
|
-
const result = await this.mcpiRuntime.processToolCall(toolName, args,
|
|
368
|
+
const result = await this.mcpiRuntime.processToolCall(toolName, args, handlerWithContext, session);
|
|
149
369
|
return result;
|
|
150
370
|
}
|
|
371
|
+
/**
|
|
372
|
+
* Build tool execution context with IDP token (Phase 1 - MH-7)
|
|
373
|
+
*
|
|
374
|
+
* @private
|
|
375
|
+
*/
|
|
376
|
+
async buildToolContext(toolName, userDid, sessionId, delegationToken, env) {
|
|
377
|
+
// Only build context if userDid is available and services are configured
|
|
378
|
+
if (!userDid || !env.AGENTSHIELD_API_KEY || !env.DELEGATION_STORAGE) {
|
|
379
|
+
return undefined;
|
|
380
|
+
}
|
|
381
|
+
// Check if tool protection service is available
|
|
382
|
+
const toolProtectionService = this.mcpiRuntime.config
|
|
383
|
+
?.toolProtectionService;
|
|
384
|
+
if (!toolProtectionService) {
|
|
385
|
+
return undefined;
|
|
386
|
+
}
|
|
387
|
+
try {
|
|
388
|
+
// Get tool protection configuration
|
|
389
|
+
const agentDid = (await this.mcpiRuntime.getIdentity()).did;
|
|
390
|
+
const protection = await toolProtectionService.checkToolProtection(toolName, agentDid);
|
|
391
|
+
// Only build context if tool requires OAuth
|
|
392
|
+
if (!protection?.requiredScopes?.length) {
|
|
393
|
+
return undefined;
|
|
394
|
+
}
|
|
395
|
+
// Get project ID from tool protection service
|
|
396
|
+
const projectId = toolProtectionService.getProjectId();
|
|
397
|
+
if (!projectId) {
|
|
398
|
+
return undefined;
|
|
399
|
+
}
|
|
400
|
+
// Initialize OAuth services lazily
|
|
401
|
+
const fetchProvider = this.mcpiRuntime.fetch;
|
|
402
|
+
if (!fetchProvider) {
|
|
403
|
+
return undefined;
|
|
404
|
+
}
|
|
405
|
+
// Use KV cache for OAuth config if available, otherwise in-memory
|
|
406
|
+
const oauthConfigCache = env.TOOL_PROTECTION_KV
|
|
407
|
+
? new KVOAuthConfigCache({ kv: env.TOOL_PROTECTION_KV })
|
|
408
|
+
: undefined;
|
|
409
|
+
const oauthConfigService = new OAuthConfigService({
|
|
410
|
+
baseUrl: env.AGENTSHIELD_API_URL || "https://kya.vouched.id",
|
|
411
|
+
apiKey: env.AGENTSHIELD_API_KEY,
|
|
412
|
+
fetchProvider,
|
|
413
|
+
cache: oauthConfigCache,
|
|
414
|
+
});
|
|
415
|
+
// Phase 2: Initialize provider registry and resolver
|
|
416
|
+
const { OAuthProviderRegistry, ProviderResolver, } = await import("@kya-os/mcp-i-core");
|
|
417
|
+
const providerRegistry = new OAuthProviderRegistry(oauthConfigService);
|
|
418
|
+
const providerResolver = new ProviderResolver(providerRegistry, oauthConfigService);
|
|
419
|
+
const oauthService = new OAuthService({
|
|
420
|
+
configService: oauthConfigService,
|
|
421
|
+
fetchProvider,
|
|
422
|
+
agentShieldApiUrl: env.AGENTSHIELD_API_URL || "https://kya.vouched.id",
|
|
423
|
+
agentShieldApiKey: env.AGENTSHIELD_API_KEY,
|
|
424
|
+
projectId,
|
|
425
|
+
});
|
|
426
|
+
const oauthSecurityService = new OAuthSecurityService(env.DELEGATION_STORAGE, env.OAUTH_ENCRYPTION_SECRET);
|
|
427
|
+
const idpTokenStorage = new IdpTokenStorage({
|
|
428
|
+
storage: env.DELEGATION_STORAGE,
|
|
429
|
+
oauthSecurityService,
|
|
430
|
+
});
|
|
431
|
+
const tokenResolver = new IdpTokenResolver({
|
|
432
|
+
tokenStorage: idpTokenStorage,
|
|
433
|
+
oauthService,
|
|
434
|
+
});
|
|
435
|
+
const contextBuilder = new ToolContextBuilder({
|
|
436
|
+
tokenResolver,
|
|
437
|
+
configService: oauthConfigService,
|
|
438
|
+
providerResolver: providerResolver, // Phase 2: Pass ProviderResolver (type assertion for dist/src compatibility)
|
|
439
|
+
projectId,
|
|
440
|
+
});
|
|
441
|
+
// Build context
|
|
442
|
+
return await contextBuilder.buildContext(toolName, userDid, sessionId, delegationToken, protection);
|
|
443
|
+
}
|
|
444
|
+
catch (error) {
|
|
445
|
+
// Re-throw OAuthRequiredError so it can be handled by executeToolWithProof
|
|
446
|
+
if (error instanceof OAuthRequiredError) {
|
|
447
|
+
throw error;
|
|
448
|
+
}
|
|
449
|
+
console.warn("[MCPICloudflareAgent] Failed to build tool context:", error);
|
|
450
|
+
return undefined;
|
|
451
|
+
}
|
|
452
|
+
}
|
|
453
|
+
/**
|
|
454
|
+
* Build OAuth URL for OAuthRequiredError
|
|
455
|
+
*
|
|
456
|
+
* Creates OAuth authorization URL with PKCE challenge for secure token exchange.
|
|
457
|
+
*
|
|
458
|
+
* @private
|
|
459
|
+
*/
|
|
460
|
+
async buildOAuthUrlForError(error, sessionId, env) {
|
|
461
|
+
const agentShieldUrl = env.AGENTSHIELD_API_URL || "https://kya.vouched.id";
|
|
462
|
+
const toolProtectionService = this.mcpiRuntime.config
|
|
463
|
+
?.toolProtectionService;
|
|
464
|
+
const projectId = toolProtectionService?.getProjectId();
|
|
465
|
+
if (!projectId) {
|
|
466
|
+
throw new Error("Project ID not available for OAuth URL building");
|
|
467
|
+
}
|
|
468
|
+
// Get server URL
|
|
469
|
+
let serverUrl = env.MCP_SERVER_URL;
|
|
470
|
+
if (serverUrl &&
|
|
471
|
+
!serverUrl.startsWith("http://") &&
|
|
472
|
+
!serverUrl.startsWith("https://")) {
|
|
473
|
+
serverUrl = `https://${serverUrl}`;
|
|
474
|
+
}
|
|
475
|
+
if (!serverUrl) {
|
|
476
|
+
throw new Error("MCP_SERVER_URL not configured for OAuth callback");
|
|
477
|
+
}
|
|
478
|
+
// TypeScript: projectId is guaranteed to be defined after the check above
|
|
479
|
+
// Use non-null assertion since we've already validated it
|
|
480
|
+
const safeProjectId = projectId;
|
|
481
|
+
const agentDid = (await this.mcpiRuntime.getIdentity()).did;
|
|
482
|
+
// Generate PKCE challenge if OAuthSecurityService is available
|
|
483
|
+
let codeChallenge;
|
|
484
|
+
let stateParam;
|
|
485
|
+
if (env.DELEGATION_STORAGE && env.OAUTH_ENCRYPTION_SECRET) {
|
|
486
|
+
try {
|
|
487
|
+
const oauthSecurityService = new OAuthSecurityService(env.DELEGATION_STORAGE, env.OAUTH_ENCRYPTION_SECRET);
|
|
488
|
+
const pkceChallenge = await oauthSecurityService.generatePKCEChallenge();
|
|
489
|
+
codeChallenge = pkceChallenge.challenge;
|
|
490
|
+
// Build state data
|
|
491
|
+
const stateData = {
|
|
492
|
+
project_id: safeProjectId,
|
|
493
|
+
agent_did: agentDid,
|
|
494
|
+
session_id: sessionId || "",
|
|
495
|
+
scopes: error.requiredScopes,
|
|
496
|
+
storedAt: Date.now(),
|
|
497
|
+
code_verifier: pkceChallenge.verifier,
|
|
498
|
+
code_challenge: pkceChallenge.challenge,
|
|
499
|
+
redirect_uri: `${serverUrl}/oauth/callback`,
|
|
500
|
+
};
|
|
501
|
+
// Store state securely
|
|
502
|
+
const randomBytes = crypto.getRandomValues(new Uint8Array(32));
|
|
503
|
+
const stateValue = btoa(String.fromCharCode(...randomBytes))
|
|
504
|
+
.replace(/\+/g, "-")
|
|
505
|
+
.replace(/\//g, "_")
|
|
506
|
+
.replace(/=/g, "");
|
|
507
|
+
await oauthSecurityService.storeOAuthState(stateValue, stateData, 600);
|
|
508
|
+
stateParam = stateValue;
|
|
509
|
+
}
|
|
510
|
+
catch (err) {
|
|
511
|
+
console.warn("[MCPICloudflareAgent] Failed to generate PKCE challenge, using insecure state:", err);
|
|
512
|
+
// Fallback to insecure state encoding
|
|
513
|
+
const stateData = {
|
|
514
|
+
project_id: safeProjectId,
|
|
515
|
+
agent_did: agentDid,
|
|
516
|
+
session_id: sessionId || "",
|
|
517
|
+
scopes: error.requiredScopes,
|
|
518
|
+
};
|
|
519
|
+
stateParam = btoa(JSON.stringify(stateData));
|
|
520
|
+
}
|
|
521
|
+
}
|
|
522
|
+
else {
|
|
523
|
+
// Fallback to insecure state encoding
|
|
524
|
+
const stateData = {
|
|
525
|
+
project_id: safeProjectId,
|
|
526
|
+
agent_did: agentDid,
|
|
527
|
+
session_id: sessionId || "",
|
|
528
|
+
scopes: error.requiredScopes,
|
|
529
|
+
};
|
|
530
|
+
stateParam = btoa(JSON.stringify(stateData));
|
|
531
|
+
}
|
|
532
|
+
// Build OAuth authorization URL
|
|
533
|
+
const oauthUrl = new URL(`${agentShieldUrl}/bouncer/oauth/authorize`);
|
|
534
|
+
oauthUrl.searchParams.set("response_type", "code");
|
|
535
|
+
oauthUrl.searchParams.set("client_id", safeProjectId);
|
|
536
|
+
oauthUrl.searchParams.set("redirect_uri", `${serverUrl}/oauth/callback`);
|
|
537
|
+
oauthUrl.searchParams.set("scope", error.requiredScopes.join(" "));
|
|
538
|
+
oauthUrl.searchParams.set("state", stateParam);
|
|
539
|
+
if (codeChallenge) {
|
|
540
|
+
oauthUrl.searchParams.set("code_challenge", codeChallenge);
|
|
541
|
+
oauthUrl.searchParams.set("code_challenge_method", "S256");
|
|
542
|
+
}
|
|
543
|
+
return oauthUrl.toString();
|
|
544
|
+
}
|
|
151
545
|
/**
|
|
152
546
|
* Get Durable Object instance ID based on routing strategy
|
|
153
547
|
*/
|
package/dist/agent.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent.js","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAIpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAgDtD,2DAA2D;AAC3D,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAGjC,CAAC;AAEJ;;;;;;;;;;GAUG;AACH,MAAM,OAAgB,mBAAoB,SAAQ,QAAQ;IACxD,4FAA4F;IAC5F,yDAAyD;IACzD,sFAAsF;IACtF,MAAM,GAAG,IAAI,SAAS,CAAC;QACrB,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,OAAO;KACjB,CAAQ,CAAC;IAEA,WAAW,CAAqB;IAChC,GAAG,CAAwB;IAC7B,OAAO,CAA8B;IAE7C,YAAY,KAAyB,EAAE,GAA0B;QAC/D,kFAAkF;QAClF,uFAAuF;QACvF,KAAK,CAAC,KAAY,EAAE,GAAG,CAAC,CAAC;QAEzB,0EAA0E;QAC1E,MAAM,UAAU,GAAG,GAAG,CAAC,MAAoC,CAAC;QAC5D,MAAM,OAAO,GAAG,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAErD,qDAAqD;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,mFAAmF,UAAU,CAAC,IAAI,GAAG,CACtG,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,wEAAwE;QACxE,IAAI,CAAC,MAAM,GAAG,IAAI,SAAS,CAAC;YAC1B,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO;SACzC,CAAQ,CAAC;QAEV,qDAAqD;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS;YACtC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAC7C,CAAC,CAAE,GAAqB,CAAC;QAE3B,uCAAuC;QACtC,SAA2B,CAAC,mBAAmB,GAAG,KAAK,CAAC;QAEzD,6BAA6B;QAC7B,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAE/D,+CAA+C;QAC/C,MAAM,qBAAqB,GACzB,aAAa,CAAC,cAAc;YAC5B,SAAS,CAAC,kBAAkB;YAC5B,SAAS,CAAC,mBAAmB;YAC3B,CAAC,CAAC,iBAAiB,CAAC,2BAA2B,CAC3C,SAAS,CAAC,kBAAkB,EAC5B;gBACE,MAAM,EACJ,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM;oBAChD,SAAS,CAAC,mBAAmB;oBAC7B,wBAAwB;gBAC1B,MAAM,EAAE,SAAS,CAAC,mBAAoB;gBACtC,SAAS,EACP,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS;oBACnD,SAAS,CAAC,sBAAsB;gBAClC,QAAQ,EACN,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,QAAQ,IAAI,MAAM;gBAC9D,KAAK,EAAE,aAAa,CAAC,WAAW,KAAK,aAAa;gBAClD,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ;oBACnD,CAAC,CAAC;wBACE,eAAe,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ;qBACvD;oBACH,CAAC,CAAC,SAAS;aACd,CACF;YACH,CAAC,CAAC,SAAS,CAAC;QAEhB,2BAA2B;QAC3B,IAAI,CAAC,WAAW,GAAG,uBAAuB,CAAC;YACzC,GAAG,EAAE,SAAS;YACd,WAAW,EAAE,aAAa,CAAC,WAAW;YACtC,KAAK,EAAE;gBACL,OAAO,EAAE,aAAa,CAAC,KAAK,EAAE,OAAO,IAAI,IAAI;gBAC7C,WAAW,EACT,aAAa,CAAC,KAAK,EAAE,WAAW;oBAChC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;aACrD;YACD,qBAAqB;YACrB,aAAa,EAAE,yDAAyD;SACzE,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,eAAe,CACpB,UAAsC,EACtC,OAAmC;QAEnC,oBAAoB,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,IAAI;QACR,MAAM,IAAI,CAAC,WAAW,EAAE,UAAU,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;QAE5D,6CAA6C;QAC7C,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;IAC7B,CAAC;IAQD;;;OAGG;IACO,KAAK,CAAC,oBAAoB,CAIlC,QAAgB,EAChB,IAAW,EACX,OAA0C;QAE1C,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QAED,iBAAiB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,SAAS,GACZ,IAAY,CAAC,YAAY,EAAE;YAC5B,aAAa,SAAS,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QAE1E,wEAAwE;QACxE,+DAA+D;QAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS;YACvC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAClD,CAAC,CAAE,IAAI,CAAC,GAAqB,CAAC;QAChC,IAAI,SAAS,GAAG,SAAS,CAAC,cAAc,CAAC;QAEzC,iDAAiD;QACjD,IACE,SAAS;YACT,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC;YAChC,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EACjC,CAAC;YACD,wCAAwC;YACxC,SAAS,GAAG,WAAW,SAAS,EAAE,CAAC;QACrC,CAAC;QAED,MAAM,OAAO,GAAG;YACd,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,wBAAwB;YAClC,QAAQ,EAAE,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG;YACpD,SAAS,EAAE,SAAS;YACpB,SAAS,EAAE,SAAS,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACpD,YAAY,EAAE,SAAS,EAAE,8CAA8C;SACxE,CAAC;QAEF,+CAA+C;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CACnD,QAAQ,EACR,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC;QAEF,OAAO,MAAiB,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,aAAa;QACX,IAAI,CAAC;YACH,MAAM,SAAS,GAAI,IAAY,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAAC;YAE3D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,OAAO,WAAW,SAAS,EAAE,CAAC;YAChC,CAAC;iBAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;gBAChC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC;gBAC7D,MAAM,eAAe,GACnB,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzD,IAAI,IAAI,GAAG,CAAC,CAAC;gBACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;oBACpD,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;gBACrB,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC;gBAC/C,OAAO,SAAS,KAAK,EAAE,CAAC;YAC1B,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAC;YACnE,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"agent.js","sourceRoot":"","sources":["../src/agent.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,2CAA2C,CAAC;AAIhF,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,GACxB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAgDzE,2DAA2D;AAC3D,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAGjC,CAAC;AAEJ;;;;;;;;;;GAUG;AACH,MAAM,OAAgB,mBAAoB,SAAQ,QAAQ;IACxD,4FAA4F;IAC5F,yDAAyD;IACzD,sFAAsF;IACtF,MAAM,GAAG,IAAI,SAAS,CACpB;QACE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,OAAO;KACjB,EACD;QACE,YAAY,EAAE,EAAE;KACjB,CACK,CAAC;IAEC,WAAW,CAAqB;IAChC,GAAG,CAAwB;IAC7B,OAAO,CAA8B;IAE7C,YAAY,KAAyB,EAAE,GAA0B;QAC/D,kFAAkF;QAClF,uFAAuF;QACvF,KAAK,CAAC,KAAY,EAAE,GAAG,CAAC,CAAC;QAEzB,0EAA0E;QAC1E,MAAM,UAAU,GAAG,GAAG,CAAC,MAAoC,CAAC;QAC5D,MAAM,OAAO,GAAG,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAErD,qDAAqD;QACrD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,mFAAmF,UAAU,CAAC,IAAI,GAAG,CACtG,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,wEAAwE;QACxE,IAAI,CAAC,MAAM,GAAG,IAAI,SAAS,CACzB;YACE,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO;SACzC,EACD;YACE,YAAY,EAAE,EAAE;SACjB,CACK,CAAC;QAET,qDAAqD;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS;YACtC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAC7C,CAAC,CAAE,GAAqB,CAAC;QAE3B,uCAAuC;QACtC,SAA2B,CAAC,mBAAmB,GAAG,KAAK,CAAC;QAEzD,6BAA6B;QAC7B,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAE/D,+CAA+C;QAC/C,MAAM,qBAAqB,GACzB,aAAa,CAAC,cAAc;YAC5B,SAAS,CAAC,kBAAkB;YAC5B,SAAS,CAAC,mBAAmB;YAC3B,CAAC,CAAC,iBAAiB,CAAC,2BAA2B,CAC3C,SAAS,CAAC,kBAAkB,EAC5B;gBACE,MAAM,EACJ,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM;oBAChD,SAAS,CAAC,mBAAmB;oBAC7B,wBAAwB;gBAC1B,MAAM,EAAE,SAAS,CAAC,mBAAoB;gBACtC,SAAS,EACP,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS;oBACnD,SAAS,CAAC,sBAAsB;gBAClC,QAAQ,EACN,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,QAAQ,IAAI,MAAM;gBAC9D,KAAK,EAAE,aAAa,CAAC,WAAW,KAAK,aAAa;gBAClD,mEAAmE;gBACnE,uEAAuE;gBACvE,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ;oBACnD,CAAC,CAAC,aAAa,CAAC,cAAc,CAAC,QAAQ,CAAC,eAAe;wBACrD,SAAS;wBACT,CAAC,CAAE,aAAa,CAAC,cAAc,CAAC,QAAgB,CAAC,kBAAkB;wBACnE,CAAC,CAAC,EAAE,eAAe,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC,UAAU;oBACzE,CAAC,CAAC,SAAS;aACd,CACF;YACH,CAAC,CAAC,SAAS,CAAC;QAEhB,2BAA2B;QAC3B,IAAI,CAAC,WAAW,GAAG,uBAAuB,CAAC;YACzC,GAAG,EAAE,SAAS;YACd,WAAW,EAAE,aAAa,CAAC,WAAW;YACtC,KAAK,EAAE;gBACL,OAAO,EAAE,aAAa,CAAC,KAAK,EAAE,OAAO,IAAI,IAAI;gBAC7C,WAAW,EACT,aAAa,CAAC,KAAK,EAAE,WAAW;oBAChC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;aACrD;YACD,qBAAqB;YACrB,aAAa,EAAE,yDAAyD;SACzE,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,eAAe,CACpB,UAAsC,EACtC,OAAmC;QAEnC,oBAAoB,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,WAAW,EAAE,UAAU,EAAE,CAAC;YACrC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;YAE5D,wDAAwD;YACxD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CACb,wFAAwF,CACzF,CAAC;YACJ,CAAC;YAED,6CAA6C;YAC7C,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,KAAK,CAAC,CAAC;YACrE,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAQD;;;;;;;;;;;;;;;;;;;;;OAqBG;IACO,qBAAqB,CAC7B,IAAY,EACZ,WAAmB,EACnB,MAA2B,EAC3B,OAAsC;QAEtC,6CAA6C;QAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,yBAAyB,IAAI,+EAA+E,CAC7G,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,IAAI,EACJ,WAAW,EACX,MAAM,EACN,KAAK,EAAE,IAAW,EAAE,KAAW,EAAE,EAAE;gBACjC,4DAA4D;gBAC5D,qEAAqE;gBACrE,4CAA4C;gBAC5C,2EAA2E;gBAC3E,MAAM,SAAS,GAAG,KAAK,EAAE,SAA+B,CAAC;gBACzD,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YACnE,CAAC,CACF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,kDAAkD,IAAI,IAAI,EAC1D,KAAK,CACN,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;;OAUG;IACO,KAAK,CAAC,oBAAoB,CAIlC,QAAgB,EAChB,IAAW,EACX,OAA0C,EAC1C,iBAA0B;QAE1B,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QAED,iBAAiB;QACjB,4EAA4E;QAC5E,sFAAsF;QACtF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,SAAS,GACb,iBAAiB;YAChB,IAAY,CAAC,YAAY,EAAE;YAC5B,aAAa,SAAS,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QAE1E,sCAAsC;QACtC,IACE,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,GAAoB,CAAC,CAAC,WAAW;YACrE,aAAa,EACb,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,0CAA0C,EAAE;gBACtD,QAAQ,EAAE,CAAC,CAAC,iBAAiB;gBAC7B,gBAAgB,EAAE,CAAC,CAAE,IAAY,CAAC,YAAY,EAAE;gBAChD,WAAW,EAAE,CAAC,iBAAiB,IAAI,CAAE,IAAY,CAAC,YAAY,EAAE;gBAChE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;aAC1C,CAAC,CAAC;QACL,CAAC;QAED,wEAAwE;QACxE,+DAA+D;QAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS;YACvC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAClD,CAAC,CAAE,IAAI,CAAC,GAAqB,CAAC;QAChC,IAAI,SAAS,GAAG,SAAS,CAAC,cAAc,CAAC;QAEzC,iDAAiD;QACjD,IACE,SAAS;YACT,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC;YAChC,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EACjC,CAAC;YACD,wCAAwC;YACxC,SAAS,GAAG,WAAW,SAAS,EAAE,CAAC;QACrC,CAAC;QAED,iEAAiE;QACjE,IAAI,eAAmC,CAAC;QACxC,IAAI,OAA2B,CAAC,CAAC,2CAA2C;QAC5E,MAAM,iBAAiB,GAAG,SAAS,CAAC,kBAAyB,CAAC;QAE9D,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG,CAAC;gBAE5D,OAAO,CAAC,GAAG,CACT,4DAA4D,EAC5D;oBACE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;oBACzC,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;oBACvC,oBAAoB,EAAE,CAAC,CAAC,iBAAiB;iBAC1C,CACF,CAAC;gBAEF,mEAAmE;gBACnE,wCAAwC;gBACxC,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gBACnD,MAAM,WAAW,GAAG,CAAC,MAAM,iBAAiB,CAAC,GAAG,CAC9C,UAAU,EACV,MAAM,CACP,CAGO,CAAC;gBACT,OAAO,GAAG,WAAW,EAAE,OAAO,CAAC;gBAE/B,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;oBAChE,OAAO,CAAC,GAAG,CACT,sEAAsE,EACtE;wBACE,GAAG,EAAE,YAAY;wBACjB,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACrC,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACxC,CACF,CAAC;oBACF,MAAM,cAAc,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAChD,YAAY,EACZ,MAAM,CACP,CAAC;oBACF,OAAO,CAAC,GAAG,CACT,uEAAuE,EACvE;wBACE,KAAK,EAAE,CAAC,CAAC,cAAc;wBACvB,WAAW,EAAE,cAAc,EAAE,MAAM,IAAI,CAAC;qBACzC,CACF,CAAC;oBACF,IAAI,cAAc,EAAE,CAAC;wBACnB,eAAe,GAAG,cAAc,CAAC;oBACnC,CAAC;gBACH,CAAC;gBAED,4DAA4D;gBAC5D,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrB,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE;wBACE,GAAG,EAAE,UAAU;wBACf,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBAC1C,CACF,CAAC;oBACF,MAAM,gBAAgB,GAAG,CAAC,MAAM,iBAAiB,CAAC,GAAG,CACnD,UAAU,EACV,MAAM,CACP,CAEO,CAAC;oBACT,OAAO,CAAC,GAAG,CACT,oEAAoE,EACpE;wBACE,KAAK,EAAE,CAAC,CAAC,gBAAgB;wBACzB,kBAAkB,EAAE,CAAC,CAAC,gBAAgB,EAAE,eAAe;wBACvD,WAAW,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,IAAI,CAAC;qBAC5D,CACF,CAAC;oBACF,IAAI,gBAAgB,EAAE,eAAe,EAAE,CAAC;wBACtC,eAAe,GAAG,gBAAgB,CAAC,eAAe,CAAC;oBACrD,CAAC;gBACH,CAAC;gBAED,gEAAgE;gBAChE,gEAAgE;gBAChE,IAAI,CAAC,eAAe,IAAI,CAAC,OAAO,EAAE,CAAC;oBACjC,MAAM,QAAQ,GAAG,YAAY,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;oBACzD,OAAO,CAAC,IAAI,CACV,gJAAgJ,EAChJ;wBACE,GAAG,EAAE,QAAQ;wBACb,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACvC,MAAM,EAAE,qBAAqB;qBAC9B,CACF,CAAC;oBACF,OAAO,CAAC,GAAG,CACT,0EAA0E,EAC1E;wBACE,GAAG,EAAE,QAAQ;wBACb,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACxC,CACF,CAAC;oBACF,eAAe,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oBAChE,OAAO,CAAC,GAAG,CACT,kEAAkE,EAClE;wBACE,KAAK,EAAE,CAAC,CAAC,eAAe;wBACxB,WAAW,EAAE,eAAe,EAAE,MAAM,IAAI,CAAC;qBAC1C,CACF,CAAC;gBACJ,CAAC;gBAED,IAAI,eAAe,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,qDAAqD,EAAE;wBACjE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACzC,WAAW,EAAE,eAAe,CAAC,MAAM;wBACnC,MAAM,EAAE,YAAY;qBACrB,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE;wBACE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACzC,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACxC,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,4DAA4D,EAC5D,KAAK,CACN,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAG;YACd,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,wBAAwB;YAClC,QAAQ,EAAE,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG;YACpD,SAAS,EAAE,SAAS;YACpB,SAAS,EAAE,SAAS,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;YACpD,YAAY,EAAE,SAAS,EAAE,8CAA8C;YACvE,eAAe,EAAE,sCAAsC;SACxD,CAAC;QAEF,sEAAsE;QACtE,IAAI,WAA6C,CAAC;QAClD,IAAI,CAAC;YACH,WAAW,GAAG,MAAM,IAAI,CAAC,gBAAgB,CACvC,QAAQ,EACR,OAAO,EACP,SAAS,EACT,eAAe,EACf,SAAS,CACV,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,gFAAgF;YAChF,IAAI,KAAK,YAAY,kBAAkB,EAAE,CAAC;gBACxC,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAC/C,KAAK,EACL,SAAS,EACT,SAAS,CACV,CAAC;oBAEF,wDAAwD;oBACxD,sEAAsE;oBACtE,MAAM,WAAW,GAAG,UAAU,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;oBAE1F,+CAA+C;oBAC/C,MAAM,IAAI,uBAAuB,CAC/B,KAAK,CAAC,QAAQ,EACd,KAAK,CAAC,cAAc,EACpB,QAAQ,EAAE,+BAA+B;oBACzC,SAAS,EAAE,kBAAkB;oBAC7B,WAAW,CACZ,CAAC;gBACJ,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBACpB,2DAA2D;oBAC3D,MAAM,UAAU,YAAY,uBAAuB;wBACjD,CAAC,CAAC,UAAU;wBACZ,CAAC,CAAC,KAAK,CAAC;gBACZ,CAAC;YACH,CAAC;YAED,0EAA0E;YAC1E,OAAO,CAAC,IAAI,CACV,qDAAqD,EACrD,KAAK,CACN,CAAC;QACJ,CAAC;QAED,4DAA4D;QAC5D,4EAA4E;QAC5E,wDAAwD;QACxD,MAAM,kBAAkB,GAAG,KAAK,EAAE,WAAkB,EAAoB,EAAE;YACxE,gDAAgD;YAChD,6EAA6E;YAC7E,IAAI,CAAC;gBACH,yDAAyD;gBACzD,IAAI,WAAW,EAAE,CAAC;oBAChB,OAAQ,OAAe,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;gBACpD,CAAC;qBAAM,CAAC;oBACN,OAAO,OAAO,CAAC,WAAW,CAAC,CAAC;gBAC9B,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,2EAA2E;gBAC3E,wCAAwC;gBACxC,OAAO,OAAO,CAAC,WAAW,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC;QAEF,+CAA+C;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CACnD,QAAQ,EACR,IAAI,EACJ,kBAAkB,EAClB,OAAO,CACR,CAAC;QAEF,OAAO,MAAiB,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,gBAAgB,CAC5B,QAAgB,EAChB,OAA2B,EAC3B,SAA6B,EAC7B,eAAmC,EACnC,GAAkB;QAElB,yEAAyE;QACzE,IAAI,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC;YACpE,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,gDAAgD;QAChD,MAAM,qBAAqB,GAAI,IAAI,CAAC,WAAmB,CAAC,MAAM;YAC5D,EAAE,qBAAqB,CAAC;QAC1B,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,CAAC;YACH,oCAAoC;YACpC,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,WAAY,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG,CAAC;YAC7D,MAAM,UAAU,GAAG,MAAM,qBAAqB,CAAC,mBAAmB,CAChE,QAAQ,EACR,QAAQ,CACT,CAAC;YAEF,4CAA4C;YAC5C,IAAI,CAAC,UAAU,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC;gBACxC,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,8CAA8C;YAC9C,MAAM,SAAS,GAAG,qBAAqB,CAAC,YAAY,EAAE,CAAC;YACvD,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,mCAAmC;YACnC,MAAM,aAAa,GAAI,IAAI,CAAC,WAAmB,CAAC,KAAK,CAAC;YACtD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,kEAAkE;YAClE,MAAM,gBAAgB,GAAG,GAAG,CAAC,kBAAkB;gBAC7C,CAAC,CAAC,IAAI,kBAAkB,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,kBAAyB,EAAE,CAAC;gBAC/D,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,kBAAkB,GAAG,IAAI,kBAAkB,CAAC;gBAChD,OAAO,EAAE,GAAG,CAAC,mBAAmB,IAAI,wBAAwB;gBAC5D,MAAM,EAAE,GAAG,CAAC,mBAAmB;gBAC/B,aAAa;gBACb,KAAK,EAAE,gBAAgB;aACxB,CAAC,CAAC;YAEH,qDAAqD;YACrD,MAAM,EACJ,qBAAqB,EACrB,gBAAgB,GACjB,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;YAEvC,MAAM,gBAAgB,GAAG,IAAI,qBAAqB,CAAC,kBAAkB,CAAC,CAAC;YACvE,MAAM,gBAAgB,GAAG,IAAI,gBAAgB,CAC3C,gBAAgB,EAChB,kBAAkB,CACnB,CAAC;YAEF,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC;gBACpC,aAAa,EAAE,kBAAkB;gBACjC,aAAa;gBACb,iBAAiB,EAAE,GAAG,CAAC,mBAAmB,IAAI,wBAAwB;gBACtE,iBAAiB,EAAE,GAAG,CAAC,mBAAoB;gBAC3C,SAAS;aACV,CAAC,CAAC;YAEH,MAAM,oBAAoB,GAAG,IAAI,oBAAoB,CACnD,GAAG,CAAC,kBAAyB,EAC7B,GAAG,CAAC,uBAAuB,CAC5B,CAAC;YAEF,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC;gBAC1C,OAAO,EAAE,GAAG,CAAC,kBAAyB;gBACtC,oBAAoB;aACrB,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,IAAI,gBAAgB,CAAC;gBACzC,YAAY,EAAE,eAAe;gBAC7B,YAAY;aACb,CAAC,CAAC;YAEH,MAAM,cAAc,GAAG,IAAI,kBAAkB,CAAC;gBAC5C,aAAa;gBACb,aAAa,EAAE,kBAAkB;gBACjC,gBAAgB,EAAE,gBAAuB,EAAE,6EAA6E;gBACxH,SAAS;aACV,CAAC,CAAC;YAEH,gBAAgB;YAChB,OAAO,MAAM,cAAc,CAAC,YAAY,CACtC,QAAQ,EACR,OAAO,EACP,SAAS,EACT,eAAe,EACf,UAAU,CACX,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,2EAA2E;YAC3E,IAAI,KAAK,YAAY,kBAAkB,EAAE,CAAC;gBACxC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,OAAO,CAAC,IAAI,CACV,qDAAqD,EACrD,KAAK,CACN,CAAC;YACF,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,qBAAqB,CACjC,KAAyB,EACzB,SAA6B,EAC7B,GAAkB;QAElB,MAAM,cAAc,GAAG,GAAG,CAAC,mBAAmB,IAAI,wBAAwB,CAAC;QAC3E,MAAM,qBAAqB,GAAI,IAAI,CAAC,WAAmB,CAAC,MAAM;YAC5D,EAAE,qBAAqB,CAAC;QAC1B,MAAM,SAAS,GAAG,qBAAqB,EAAE,YAAY,EAAE,CAAC;QAExD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QAED,iBAAiB;QACjB,IAAI,SAAS,GAAG,GAAG,CAAC,cAAc,CAAC;QACnC,IACE,SAAS;YACT,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC;YAChC,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EACjC,CAAC;YACD,SAAS,GAAG,WAAW,SAAS,EAAE,CAAC;QACrC,CAAC;QACD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QAED,0EAA0E;QAC1E,0DAA0D;QAC1D,MAAM,aAAa,GAAG,SAAU,CAAC;QACjC,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,WAAY,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG,CAAC;QAE7D,+DAA+D;QAC/D,IAAI,aAAiC,CAAC;QACtC,IAAI,UAAkB,CAAC;QAEvB,IAAI,GAAG,CAAC,kBAAkB,IAAI,GAAG,CAAC,uBAAuB,EAAE,CAAC;YAC1D,IAAI,CAAC;gBACH,MAAM,oBAAoB,GAAG,IAAI,oBAAoB,CACnD,GAAG,CAAC,kBAAyB,EAC7B,GAAG,CAAC,uBAAuB,CAC5B,CAAC;gBAEF,MAAM,aAAa,GACjB,MAAM,oBAAoB,CAAC,qBAAqB,EAAE,CAAC;gBACrD,aAAa,GAAG,aAAa,CAAC,SAAS,CAAC;gBAExC,mBAAmB;gBACnB,MAAM,SAAS,GAA4B;oBACzC,UAAU,EAAE,aAAa;oBACzB,SAAS,EAAE,QAAQ;oBACnB,UAAU,EAAE,SAAS,IAAI,EAAE;oBAC3B,MAAM,EAAE,KAAK,CAAC,cAAc;oBAC5B,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE;oBACpB,aAAa,EAAE,aAAa,CAAC,QAAQ;oBACrC,cAAc,EAAE,aAAa,CAAC,SAAS;oBACvC,YAAY,EAAE,GAAG,SAAS,iBAAiB;iBAC5C,CAAC;gBAEF,uBAAuB;gBACvB,MAAM,WAAW,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,WAAW,CAAC,CAAC;qBACzD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;qBACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;qBACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBAErB,MAAM,oBAAoB,CAAC,eAAe,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;gBACvE,UAAU,GAAG,UAAU,CAAC;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CACV,gFAAgF,EAChF,GAAG,CACJ,CAAC;gBACF,sCAAsC;gBACtC,MAAM,SAAS,GAAG;oBAChB,UAAU,EAAE,aAAa;oBACzB,SAAS,EAAE,QAAQ;oBACnB,UAAU,EAAE,SAAS,IAAI,EAAE;oBAC3B,MAAM,EAAE,KAAK,CAAC,cAAc;iBAC7B,CAAC;gBACF,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,sCAAsC;YACtC,MAAM,SAAS,GAAG;gBAChB,UAAU,EAAE,aAAa;gBACzB,SAAS,EAAE,QAAQ;gBACnB,UAAU,EAAE,SAAS,IAAI,EAAE;gBAC3B,MAAM,EAAE,KAAK,CAAC,cAAc;aAC7B,CAAC;YACF,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;QAC/C,CAAC;QAED,gCAAgC;QAChC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,cAAc,0BAA0B,CAAC,CAAC;QACtE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QACnD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QACtD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,SAAS,iBAAiB,CAAC,CAAC;QACzE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACnE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAE/C,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;YAC3D,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,QAAQ,CAAC,QAAQ,EAAE,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,aAAa;QACX,IAAI,CAAC;YACH,MAAM,SAAS,GAAI,IAAY,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,SAAS,CAAC;YAE3D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,OAAO,WAAW,SAAS,EAAE,CAAC;YAChC,CAAC;iBAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;gBAChC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC;gBAC7D,MAAM,eAAe,GACnB,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzD,IAAI,IAAI,GAAG,CAAC,CAAC;gBACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC1C,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;oBACpD,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;gBACrB,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC;gBAC/C,OAAO,SAAS,KAAK,EAAE,CAAC;YAC1B,CAAC;YAED,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,4CAA4C,EAAE,KAAK,CAAC,CAAC;YACnE,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;CACF"}
|
package/dist/app.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7C,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AAIxD,OAAO,EAAE,mBAAmB,EAAE,KAAK,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG1E,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,gBAAgB,EAAE,CAAC,GAAG,EAAE,aAAa,KAAK,uBAAuB,CAAC;IAElE;;OAEG;IACH,UAAU,EAAE,OAAO,mBAAmB,CAAC;IAEvC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,oBAAoB;;
|
|
1
|
+
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7C,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AAIxD,OAAO,EAAE,mBAAmB,EAAE,KAAK,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAG1E,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,gBAAgB,EAAE,CAAC,GAAG,EAAE,aAAa,KAAK,uBAAuB,CAAC;IAElE;;OAEG;IACH,UAAU,EAAE,OAAO,mBAAmB,CAAC;IAEvC;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,oBAAoB;;qBA6IhC,cAAc,OAAO,qBAAqB,OAAO,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;EAK3G"}
|
package/dist/app.js
CHANGED
|
@@ -59,10 +59,12 @@ export function createMCPIApp(options) {
|
|
|
59
59
|
mappedEnv.AGENTSHIELD_PROJECT_ID,
|
|
60
60
|
cacheTtl: runtimeConfig.toolProtection.agentShield?.cacheTtl || 300000,
|
|
61
61
|
debug: runtimeConfig.environment === "development",
|
|
62
|
+
// Wrap fallback ToolProtectionMap into ToolProtectionConfig format
|
|
63
|
+
// Handle both wrapped and unwrapped formats for backward compatibility
|
|
62
64
|
fallbackConfig: runtimeConfig.toolProtection.fallback
|
|
63
|
-
?
|
|
64
|
-
|
|
65
|
-
|
|
65
|
+
? (runtimeConfig.toolProtection.fallback.toolProtections !== undefined
|
|
66
|
+
? runtimeConfig.toolProtection.fallback // Already wrapped
|
|
67
|
+
: { toolProtections: runtimeConfig.toolProtection.fallback }) // Wrap it
|
|
66
68
|
: undefined,
|
|
67
69
|
})
|
|
68
70
|
: undefined;
|
|
@@ -99,7 +101,21 @@ export function createMCPIApp(options) {
|
|
|
99
101
|
const server = await getMcpiServer(c.env);
|
|
100
102
|
return server.handleRequest(c.req.raw, c.executionCtx);
|
|
101
103
|
});
|
|
104
|
+
// Admin routes - handle both exact /admin and /admin/* paths
|
|
105
|
+
app.all("/admin", async (c) => {
|
|
106
|
+
console.log("[App] Admin route (exact) requested:", {
|
|
107
|
+
pathname: c.req.path,
|
|
108
|
+
method: c.req.method,
|
|
109
|
+
});
|
|
110
|
+
const server = await getMcpiServer(c.env);
|
|
111
|
+
return server.handleRequest(c.req.raw, c.executionCtx);
|
|
112
|
+
});
|
|
102
113
|
app.all("/admin/*", async (c) => {
|
|
114
|
+
console.log("[App] Admin route (wildcard) requested:", {
|
|
115
|
+
pathname: c.req.path,
|
|
116
|
+
method: c.req.method,
|
|
117
|
+
url: c.req.url,
|
|
118
|
+
});
|
|
103
119
|
const server = await getMcpiServer(c.env);
|
|
104
120
|
return server.handleRequest(c.req.raw, c.executionCtx);
|
|
105
121
|
});
|
package/dist/app.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app.js","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAIjC,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAA8B,MAAM,SAAS,CAAC;AA+B1E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,aAAa,CAAC,OAA6B;IACzD,gDAAgD;IAChD,mBAAmB,CAAC,eAAe,CAAC,OAAO,CAAC,UAAU,EAAE;QACtD,IAAI,EAAE,OAAO,CAAC,SAAS;QACvB,OAAO,EAAE,OAAO,CAAC,YAAY;QAC7B,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;KAC3C,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,uDAAuD;IACvD,IAAI,UAAU,GAAgC,IAAI,CAAC;IAEnD,KAAK,UAAU,aAAa,CAC1B,GAA0B;QAE1B,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,6CAA6C;YAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS;gBACjC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,OAAO,CAAC,SAAS,CAAC;gBACxC,CAAC,CAAE,GAAqB,CAAC;YAE3B,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAE1D,0CAA0C;YAC1C,MAAM,qBAAqB,GACzB,aAAa,CAAC,cAAc;gBAC5B,SAAS,CAAC,kBAAkB;gBAC5B,SAAS,CAAC,mBAAmB;gBAC3B,CAAC,CAAC,iBAAiB,CAAC,2BAA2B,CAC3C,SAAS,CAAC,kBAAkB,EAC5B;oBACE,MAAM,EACJ,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM;wBAChD,SAAS,CAAC,mBAAmB;wBAC7B,wBAAwB;oBAC1B,MAAM,EAAE,SAAS,CAAC,mBAAoB;oBACtC,SAAS,EACP,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS;wBACnD,SAAS,CAAC,sBAAsB;oBAClC,QAAQ,EACN,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,QAAQ,IAAI,MAAM;oBAC9D,KAAK,EAAE,aAAa,CAAC,WAAW,KAAK,aAAa;oBAClD,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ;wBACnD,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"app.js","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAIjC,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAA8B,MAAM,SAAS,CAAC;AA+B1E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,aAAa,CAAC,OAA6B;IACzD,gDAAgD;IAChD,mBAAmB,CAAC,eAAe,CAAC,OAAO,CAAC,UAAU,EAAE;QACtD,IAAI,EAAE,OAAO,CAAC,SAAS;QACvB,OAAO,EAAE,OAAO,CAAC,YAAY;QAC7B,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;KAC3C,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;IAErB,uDAAuD;IACvD,IAAI,UAAU,GAAgC,IAAI,CAAC;IAEnD,KAAK,UAAU,aAAa,CAC1B,GAA0B;QAE1B,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,6CAA6C;YAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS;gBACjC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,OAAO,CAAC,SAAS,CAAC;gBACxC,CAAC,CAAE,GAAqB,CAAC;YAE3B,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAE1D,0CAA0C;YAC1C,MAAM,qBAAqB,GACzB,aAAa,CAAC,cAAc;gBAC5B,SAAS,CAAC,kBAAkB;gBAC5B,SAAS,CAAC,mBAAmB;gBAC3B,CAAC,CAAC,iBAAiB,CAAC,2BAA2B,CAC3C,SAAS,CAAC,kBAAkB,EAC5B;oBACE,MAAM,EACJ,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM;wBAChD,SAAS,CAAC,mBAAmB;wBAC7B,wBAAwB;oBAC1B,MAAM,EAAE,SAAS,CAAC,mBAAoB;oBACtC,SAAS,EACP,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,SAAS;wBACnD,SAAS,CAAC,sBAAsB;oBAClC,QAAQ,EACN,aAAa,CAAC,cAAc,CAAC,WAAW,EAAE,QAAQ,IAAI,MAAM;oBAC9D,KAAK,EAAE,aAAa,CAAC,WAAW,KAAK,aAAa;oBAClD,mEAAmE;oBACnE,uEAAuE;oBACvE,cAAc,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ;wBACnD,CAAC,CAAC,CAAC,aAAa,CAAC,cAAc,CAAC,QAAQ,CAAC,eAAe,KAAK,SAAS;4BAClE,CAAC,CAAC,aAAa,CAAC,cAAc,CAAC,QAAe,CAAC,kBAAkB;4BACjE,CAAC,CAAC,EAAE,eAAe,EAAE,aAAa,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC,UAAU;wBAC5E,CAAC,CAAC,SAAS;iBACd,CACF;gBACH,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,uBAAuB,CAAC;gBACtC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,aAAa,CAAC,WAAW;gBACtC,KAAK,EAAE;oBACL,OAAO,EAAE,aAAa,CAAC,KAAK,EAAE,OAAO,IAAI,IAAI;oBAC7C,WAAW,EACT,aAAa,CAAC,KAAK,EAAE,WAAW;wBAChC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;iBACrD;gBACD,qBAAqB;gBACrB,aAAa,EAAE,yDAAyD;aACzE,CAAC,CAAC;YAEH,UAAU,GAAG,IAAI,oBAAoB,CAAC;gBACpC,GAAG,EAAE,SAAS;gBACd,MAAM,EAAE,aAAa;gBACrB,OAAO;aACR,CAAC,CAAC;QACL,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,oDAAoD;IACpD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QAClC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,mEAAmE;IACnE,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QACnC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,6DAA6D;IAC7D,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QACjC,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE;YAClD,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI;YACpB,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;SACrB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QACnC,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE;YACrD,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI;YACpB,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;YACpB,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;SACf,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,CAAM,EAAE,EAAE;QAC1C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,GAA4B,CAAC,CAAC;QACnE,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,8CAA8C;IAC9C,iEAAiE;IACjE,gDAAgD;IAChD,2DAA2D;IAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAwC,CAAC;IACpE,iFAAiF;IACjF,8BAA8B;IAC7B,GAAW,CAAC,KAAK,CAChB,MAAM,EACN,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK,EACjC,EAAE,cAAc,EAAE,KAAK,EAAE,CAC1B,CAAC;IACD,GAAW,CAAC,KAAK,CAChB,MAAM,EACN,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,KAAK,EAC9B,EAAE,cAAc,EAAE,KAAK,EAAE,CAC1B,CAAC;IAEF,yEAAyE;IACzE,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1B,KAAK,CAAC,SAAS,CAAC,KAAqB,EAAE,GAA0B,EAAE,GAAqB;YACtF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAC;YACxC,MAAM,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Cloudflare KV-based cache implementation for OAuth provider configurations
|
|
3
|
+
*
|
|
4
|
+
* Uses Cloudflare KV for distributed caching across Workers instances.
|
|
5
|
+
* Suitable for production Cloudflare Workers deployments.
|
|
6
|
+
*
|
|
7
|
+
* @package @kya-os/mcp-i-cloudflare
|
|
8
|
+
*/
|
|
9
|
+
import type { OAuthConfig } from "@kya-os/contracts/config";
|
|
10
|
+
import type { OAuthConfigCache } from "@kya-os/mcp-i-core";
|
|
11
|
+
/**
|
|
12
|
+
* Minimal KV interface for compatibility across @cloudflare/workers-types versions
|
|
13
|
+
*/
|
|
14
|
+
interface KVNamespaceLike {
|
|
15
|
+
get(key: string, options?: {
|
|
16
|
+
type?: 'text' | 'json' | 'arrayBuffer' | 'stream';
|
|
17
|
+
}): Promise<string | null>;
|
|
18
|
+
put(key: string, value: string, options?: {
|
|
19
|
+
expirationTtl?: number;
|
|
20
|
+
}): Promise<void>;
|
|
21
|
+
delete(key: string): Promise<void>;
|
|
22
|
+
}
|
|
23
|
+
export interface KVOAuthConfigCacheConfig {
|
|
24
|
+
/** KV namespace for storing cached configs */
|
|
25
|
+
kv: KVNamespaceLike;
|
|
26
|
+
/** Optional key prefix (default: "oauth-config:") */
|
|
27
|
+
keyPrefix?: string;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* KV-based cache implementation for OAuth configs
|
|
31
|
+
*
|
|
32
|
+
* Storage format:
|
|
33
|
+
* - Key: `oauth-config:{projectId}`
|
|
34
|
+
* - Value: JSON stringified OAuthConfig
|
|
35
|
+
* - Metadata: expiration timestamp stored in KV metadata
|
|
36
|
+
*/
|
|
37
|
+
export declare class KVOAuthConfigCache implements OAuthConfigCache {
|
|
38
|
+
private kv;
|
|
39
|
+
private keyPrefix;
|
|
40
|
+
constructor(config: KVOAuthConfigCacheConfig);
|
|
41
|
+
get(key: string): Promise<OAuthConfig | null>;
|
|
42
|
+
set(key: string, value: OAuthConfig, ttl: number): Promise<void>;
|
|
43
|
+
clear(): Promise<void>;
|
|
44
|
+
delete(key: string): Promise<void>;
|
|
45
|
+
}
|
|
46
|
+
export {};
|
|
47
|
+
//# sourceMappingURL=kv-oauth-config-cache.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"kv-oauth-config-cache.d.ts","sourceRoot":"","sources":["../../src/cache/kv-oauth-config-cache.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAE3D;;GAEG;AACH,UAAU,eAAe;IACvB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,GAAG,QAAQ,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC1G,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrF,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,wBAAwB;IACvC,8CAA8C;IAC9C,EAAE,EAAE,eAAe,CAAC;IAEpB,qDAAqD;IACrD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;;GAOG;AACH,qBAAa,kBAAmB,YAAW,gBAAgB;IACzD,OAAO,CAAC,EAAE,CAAkB;IAC5B,OAAO,CAAC,SAAS,CAAS;gBAEd,MAAM,EAAE,wBAAwB;IAKtC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAwB7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBhE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAStB,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAazC"}
|