@kya-os/mcp-i-cloudflare 1.7.16 → 1.7.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent.d.ts.map +1 -1
- package/dist/agent.js +6 -32
- package/dist/agent.js.map +1 -1
- package/dist/runtime/oauth-handler.d.ts.map +1 -1
- package/dist/runtime/oauth-handler.js +1 -4
- package/dist/runtime/oauth-handler.js.map +1 -1
- package/dist/services/consent-page-renderer.js +1 -1
- package/dist/services/consent-page-renderer.js.map +1 -1
- package/dist/services/consent-templates/template-renderer.d.ts +1 -0
- package/dist/services/consent-templates/template-renderer.d.ts.map +1 -1
- package/dist/services/consent-templates/template-renderer.js +6 -0
- package/dist/services/consent-templates/template-renderer.js.map +1 -1
- package/dist/services/consent-templates/types.d.ts +6 -0
- package/dist/services/consent-templates/types.d.ts.map +1 -1
- package/dist/services/consent.service.d.ts +2 -0
- package/dist/services/consent.service.d.ts.map +1 -1
- package/dist/services/consent.service.js +91 -15
- package/dist/services/consent.service.js.map +1 -1
- package/dist/services/delegation.service.d.ts +8 -3
- package/dist/services/delegation.service.d.ts.map +1 -1
- package/dist/services/delegation.service.js +27 -5
- package/dist/services/delegation.service.js.map +1 -1
- package/dist/services/provider-loader.service.d.ts +4 -1
- package/dist/services/provider-loader.service.d.ts.map +1 -1
- package/dist/services/provider-loader.service.js.map +1 -1
- package/package.json +9 -2
|
@@ -111,10 +111,16 @@ export class TemplateRenderer {
|
|
|
111
111
|
oauthIdentity,
|
|
112
112
|
bundlePath: this.bundlePath,
|
|
113
113
|
pageTitle: consentConfig.ui?.title || "Permission Request",
|
|
114
|
+
// Set authMode explicitly for OAuth flow
|
|
115
|
+
// This ensures the mcp-consent component renders the OAuth button
|
|
116
|
+
authMode: config.oauthRequired ? "oauth" : undefined,
|
|
117
|
+
provider: config.provider, // Pass the OAuth provider name (e.g., 'github')
|
|
114
118
|
// Pass credential auth params for 3-screen flow (Auth → Clickwrap → Success)
|
|
115
119
|
// These ensure the delegation is created with 'password' type after credential auth
|
|
116
120
|
credentialProviderType: config.credentialProviderType,
|
|
117
121
|
credentialProvider: config.credentialProvider,
|
|
122
|
+
// CRITICAL: Pass userDid directly to bypass KV eventual consistency issues
|
|
123
|
+
userDid: config.userDid,
|
|
118
124
|
};
|
|
119
125
|
return generateConsentShell(shellOptions);
|
|
120
126
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"template-renderer.js","sourceRoot":"","sources":["../../../src/services/consent-templates/template-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,cAAc,GACf,MAAM,YAAY,CAAC;AAWpB,OAAO,EACL,oBAAoB,GAGrB,MAAM,iBAAiB,CAAC;AAEzB;;;GAGG;AACH,MAAM,mBAAmB,GAAG,aAAa,CAAC;AAE1C;;;;;;;;;GASG;AACH,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAU;IAChB,UAAU,CAAS;IAE3B,YAAY,OAAmD;QAC7D,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC;QACtC,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,UAAU,IAAI,mBAAmB,CAAC;IAC/D,CAAC;IAED;;;;;;;;;OASG;IACH,MAAM,CACJ,
|
|
1
|
+
{"version":3,"file":"template-renderer.js","sourceRoot":"","sources":["../../../src/services/consent-templates/template-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,cAAc,GACf,MAAM,YAAY,CAAC;AAWpB,OAAO,EACL,oBAAoB,GAGrB,MAAM,iBAAiB,CAAC;AAEzB;;;GAGG;AACH,MAAM,mBAAmB,GAAG,aAAa,CAAC;AAE1C;;;;;;;;;GASG;AACH,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAU;IAChB,UAAU,CAAS;IAE3B,YAAY,OAAmD;QAC7D,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC;QACtC,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,UAAU,IAAI,mBAAmB,CAAC;IAC/D,CAAC;IAED;;;;;;;;;OASG;IACH,MAAM,CACJ,MAMC,EACD,aAA6B;QAE7B,wCAAwC;QACxC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAC/C,CAAC;QAED,oDAAoD;QACpD,yDAAyD;QACzD,MAAM,cAAc,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAExD,uDAAuD;QACvD,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEpD,kDAAkD;QAClD,IAAI,QAAQ,GAAG,cAAc,CAAC,cAAc,CAAC,CAAC;QAE9C,+DAA+D;QAC/D,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC5C,OAAO,sBAAsB,CAC3B,cAAc,EACd,MAAM,CAAC,QAAQ,EACf,YAAY,CACb,CAAC;QACJ,CAAC;QAED,sFAAsF;QACtF,IAAI,aAAa,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC3C,+DAA+D;YAC/D,QAAQ,GAAG,cAAc,CAAC;YAC1B,4DAA4D;YAC5D,cAAc,CAAC,aAAa,GAAG,aAAa,CAAC;QAC/C,CAAC;QAED,OAAO,iBAAiB,CAAC,cAAc,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;IACnE,CAAC;IAED;;;;;;;;;;;;OAYG;IACK,SAAS,CACf,MAMC,EACD,aAA6B;QAE7B,wCAAwC;QACxC,MAAM,aAAa,GAAkB;YACnC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,6BAA6B;YAC7B,EAAE,EAAG,MAAc,CAAC,EAAE;YACtB,sCAAsC;YACtC,WAAW,EAAG,MAAc,CAAC,WAAW;YACxC,yBAAyB;YACzB,KAAK,EAAE,MAAM,CAAC,aAAa;gBACzB,CAAC,CAAC;oBACE,YAAY,EAAE,MAAM,CAAC,QAAQ;oBAC7B,UAAU,EAAE,iBAAiB,MAAM,CAAC,QAAQ,IAAI,OAAO,EAAE;iBAC1D;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;QAEF,sBAAsB;QACtB,MAAM,YAAY,GAAwB;YACxC,MAAM,EAAE,aAAa;YACrB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,aAAa;YACb,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,SAAS,EAAE,aAAa,CAAC,EAAE,EAAE,KAAK,IAAI,oBAAoB;YAC1D,yCAAyC;YACzC,kEAAkE;YAClE,QAAQ,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YACpD,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,gDAAgD;YAC3E,6EAA6E;YAC7E,oFAAoF;YACpF,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;YACrD,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;YAC7C,2EAA2E;YAC3E,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC;QAEF,OAAO,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAC5C,CAAC;IAED;;;;;;;;OAQG;IACH,oBAAoB,CAClB,MAAyB,EACzB,gBAA0C,EAC1C,QAAgB,EAChB,SAAiB;QAEjB,8DAA8D;QAC9D,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,uBAAuB,CAAC,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;QACrF,CAAC;QAED,wDAAwD;QACxD,MAAM,cAAc,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;QACxD,cAAc,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEnC,gEAAgE;QAChE,MAAM,GAAG,GAAG,gBAAuB,CAAC;QACpC,cAAc,CAAC,UAAU,GAAG;YAC1B,WAAW,EAAE;gBACX,aAAa,EAAE,GAAG,CAAC,aAAa,IAAI,UAAU;gBAC9C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,qBAAqB;gBACrE,aAAa,EAAE,GAAG,CAAC,aAAa,IAAI,UAAU;gBAC9C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,qBAAqB;gBACrE,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;gBAC1C,kBAAkB,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK;gBACnD,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;aACzC;SACF,CAAC;QAEF,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEpD,OAAO,iBAAiB,CAAC,cAAc,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;IACxE,CAAC;IAED;;;;;;;;OAQG;IACK,uBAAuB,CAC7B,MAAyB,EACzB,gBAA0C,EAC1C,QAAgB,EAChB,SAAiB;QAEjB,gEAAgE;QAChE,MAAM,GAAG,GAAG,gBAAuB,CAAC;QAEpC,gEAAgE;QAChE,MAAM,aAAa,GAAkB;YACnC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,EAAE,EAAG,MAAc,CAAC,EAAE;YACtB,mDAAmD;YACnD,WAAW,EAAE;gBACX,aAAa,EAAE,GAAG,CAAC,aAAa,IAAI,UAAU;gBAC9C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,qBAAqB;gBACrE,aAAa,EAAE,GAAG,CAAC,aAAa,IAAI,UAAU;gBAC9C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,qBAAqB;gBACrE,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;gBAC1C,kBAAkB,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK;gBACnD,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;aACzC;SACF,CAAC;QAEF,4CAA4C;QAC5C,MAAM,YAAY,GAAwB;YACxC,MAAM,EAAE,aAAa;YACrB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,SAAS,EAAE,aAAa,CAAC,EAAE,EAAE,KAAK,IAAI,oBAAoB;YAC1D,yBAAyB;YACzB,QAAQ,EAAE,aAAa;YACvB,QAAQ,EAAE,QAAQ;YAClB,uCAAuC;YACvC,SAAS,EAAE,SAAS;SACrB,CAAC;QAEF,OAAO,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAC5C,CAAC;IAED;;;;;;OAMG;IACH,aAAa,CAAC,OAGb;QACC,OAAO,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAC7E,CAAC;IAED;;;;;;;OAOG;IACH,iBAAiB,CACf,YAAoB,EACpB,SAAiB,EACjB,SAAmB;QAEnB,+BAA+B;QAC/B,uDAAuD;QACvD,MAAM,eAAe,GAAG,CAAC,IAAY,EAAU,EAAE;YAC/C,MAAM,QAAQ,GAA2B;gBACvC,GAAG,EAAE,OAAO;gBACZ,GAAG,EAAE,MAAM;gBACX,GAAG,EAAE,MAAM;gBACX,GAAG,EAAE,QAAQ;gBACb,GAAG,EAAE,QAAQ;aACd,CAAC;YACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;QACpE,CAAC,CAAC;QAEF,MAAM,eAAe,GAAG,SAAS;YAC/B,CAAC,CAAC,0DAA0D;YAC5D,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;;;;;;;;;;;;;;;;;;;;;;;;0GAwB+F,eAAe,CAAC,YAAY,CAAC;;;;;;;IAOnI,eAAe;;QAEX,CAAC;IACP,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,MAGC;QAED,OAAO;YACL,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,cAAc,EAAE,EAAE,EAAE,uCAAuC;SAC5D,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,MAAyB;QACjD,uEAAuE;QACvE,MAAM,cAAc,GAAG,MAAa,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAe,CAAC;QAExC,OAAO;YACL,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACvB,CAAC,CAAC;oBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,YAAY;oBAC1C,cAAc,EAAE,QAAQ,EAAE,cAAc;oBACxC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO;oBAChC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;iBACzC;gBACH,CAAC,CAAC,SAAS;YACb,KAAK,EAAE,MAAM,CAAC,KAAK;gBACjB,CAAC,CAAC;oBACE,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI;oBACvB,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG;oBACrB,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ;iBAChC;gBACH,CAAC,CAAC,SAAS;YACb,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,0DAA0D;YAC1D,EAAE,EAAE,cAAc,CAAC,EAAE;gBACnB,CAAC,CAAC;oBACE,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC,KAAK;oBAC9B,WAAW,EAAE,cAAc,CAAC,EAAE,CAAC,WAAW;oBAC1C,cAAc,EAAE,cAAc,CAAC,EAAE,CAAC,cAAc;oBAChD,gBAAgB,EAAE,cAAc,CAAC,EAAE,CAAC,gBAAgB;oBACpD,gBAAgB,EAAE,cAAc,CAAC,EAAE,CAAC,gBAAgB;oBACpD,iBAAiB,EAAE,cAAc,CAAC,EAAE,CAAC,iBAAiB;iBACvD;gBACH,CAAC,CAAC,SAAS;YACb,yBAAyB;YACzB,WAAW,EAAE,cAAc,CAAC,WAAW;YACvC,sBAAsB;YACtB,cAAc,EAAE,cAAc,CAAC,cAAc;SAC9C,CAAC;IACJ,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAGtC;IACC,OAAO,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC"}
|
|
@@ -160,6 +160,12 @@ export interface ExtendedConsentPageConfig {
|
|
|
160
160
|
credentialUserEmail?: string;
|
|
161
161
|
/** User ID from credential auth (for display) */
|
|
162
162
|
credentialUserId?: string;
|
|
163
|
+
/**
|
|
164
|
+
* User DID from prior auth step (credential or OAuth)
|
|
165
|
+
* CRITICAL: Bypasses KV eventual consistency issues by passing userDid directly
|
|
166
|
+
* through the redirect flow instead of reading from KV
|
|
167
|
+
*/
|
|
168
|
+
userDid?: string;
|
|
163
169
|
}
|
|
164
170
|
/**
|
|
165
171
|
* Remote consent config with metadata.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/services/consent-templates/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,YAAY,EACV,iBAAiB,EACjB,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,GACd,MAAM,2BAA2B,CAAC;AAMnC;;;GAGG;AACH,eAAO,MAAM,UAAU;;;;;;CAMb,CAAC;AAEX,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC;AAMpE;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,2DAA2D;IAC3D,WAAW,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,mBAAmB,EAAE,MAAM,CAAC;IAC5B,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,0BAA0B;IAC1B,gBAAgB,EAAE,MAAM,CAAC;IACzB,kCAAkC;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,iCAAiC;IACjC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,gCAAgC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,mCAAmC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,+CAA+C;IAC/C,OAAO,EAAE;QACP,mBAAmB,EAAE,MAAM,CAAC;QAC5B,qBAAqB,EAAE,MAAM,CAAC;KAC/B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,QAAQ,EAAE,uBAAuB,CAAC;IAClC,YAAY,EAAE,OAAO,2BAA2B,EAAE,kBAAkB,EAAE,CAAC;CACxE;AAMD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,GAAG,CAAC,EAAE,SAAS,CAAC;CACjB;AAMD;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,gBAAgB;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qCAAqC;IACrC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,mCAAmC;IACnC,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kFAAkF;IAClF,aAAa,CAAC,EAAE,OAAO,2BAA2B,EAAE,aAAa,CAAC;IASlE,6EAA6E;IAC7E,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAEhC,gFAAgF;IAChF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oDAAoD;IACpD,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B,iDAAiD;IACjD,gBAAgB,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/services/consent-templates/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,YAAY,EACV,iBAAiB,EACjB,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,GACd,MAAM,2BAA2B,CAAC;AAMnC;;;GAGG;AACH,eAAO,MAAM,UAAU;;;;;;CAMb,CAAC;AAEX,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,OAAO,UAAU,CAAC,CAAC;AAMpE;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,2DAA2D;IAC3D,WAAW,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,mBAAmB,EAAE,MAAM,CAAC;IAC5B,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,0BAA0B;IAC1B,gBAAgB,EAAE,MAAM,CAAC;IACzB,kCAAkC;IAClC,gBAAgB,EAAE,MAAM,CAAC;IACzB,iCAAiC;IACjC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,gCAAgC;IAChC,YAAY,EAAE,MAAM,CAAC;IACrB,mCAAmC;IACnC,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,+CAA+C;IAC/C,OAAO,EAAE;QACP,mBAAmB,EAAE,MAAM,CAAC;QAC5B,qBAAqB,EAAE,MAAM,CAAC;KAC/B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,QAAQ,EAAE,uBAAuB,CAAC;IAClC,YAAY,EAAE,OAAO,2BAA2B,EAAE,kBAAkB,EAAE,CAAC;CACxE;AAMD;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,GAAG,CAAC,EAAE,SAAS,CAAC;CACjB;AAMD;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,gBAAgB;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qCAAqC;IACrC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,mCAAmC;IACnC,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,kFAAkF;IAClF,aAAa,CAAC,EAAE,OAAO,2BAA2B,EAAE,aAAa,CAAC;IASlE,6EAA6E;IAC7E,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAEhC,gFAAgF;IAChF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oDAAoD;IACpD,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B,iDAAiD;IACjD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAMD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,EAAE;QACT,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,EAAE,CAAC,EAAE;QACH,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;KACnC,CAAC;IACF,KAAK,CAAC,EAAE;QACN,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC;IACF,YAAY,CAAC,EAAE,OAAO,2BAA2B,EAAE,kBAAkB,EAAE,CAAC;IACxE,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE;QACT,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH"}
|
|
@@ -342,6 +342,7 @@ export declare class ConsentService {
|
|
|
342
342
|
* @param agentDid - Agent DID
|
|
343
343
|
* @param token - Delegation token
|
|
344
344
|
* @param delegationId - Delegation ID
|
|
345
|
+
* @param providedUserDid - Optional userDid passed directly (bypasses KV read for consistency)
|
|
345
346
|
*/
|
|
346
347
|
private storeDelegationToken;
|
|
347
348
|
/**
|
|
@@ -364,6 +365,7 @@ export declare class ConsentService {
|
|
|
364
365
|
* via AgentShield, stores token with usage metadata, and creates delegation.
|
|
365
366
|
*
|
|
366
367
|
* @param body - Raw request body with credential fields
|
|
368
|
+
* @param request - Original request (for URL derivation if MCP_SERVER_URL not set)
|
|
367
369
|
* @returns JSON response
|
|
368
370
|
*/
|
|
369
371
|
private handleCredentialApproval;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent.service.d.ts","sourceRoot":"","sources":["../../src/services/consent.service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAapD,OAAO,KAAK,EAIV,aAAa,EACd,MAAM,2BAA2B,CAAC;AAYnC,OAAO,EAcL,KAAK,WAAW,EAChB,KAAK,8BAA8B,EACpC,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAsB,KAAK,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAY9E,qBAAa,cAAc;IACzB,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,GAAG,CAAgB;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAoB;IACpC,OAAO,CAAC,cAAc,CAAC,CAAiB;IAGxC,OAAO,CAAC,YAAY,CAAC,CAAsB;IAC3C,OAAO,CAAC,gBAAgB,CAAC,CAAgB;IAGzC,OAAO,CAAC,gBAAgB,CAAC,CAAgD;IACzE,OAAO,CAAC,gBAAgB,CAAC,CAAqD;IAE9E;;;OAGG;gBAED,GAAG,EAAE,aAAa,EAClB,OAAO,CAAC,EAAE,iBAAiB,EAC3B,gBAAgB,CAAC,EAAE,OAAO,oBAAoB,EAAE,gBAAgB,EAChE,gBAAgB,CAAC,EAAE,OAAO,oBAAoB,EAAE,qBAAqB;IAWvE;;;;;;;OAOG;YACW,eAAe;IAmC7B;;;;;;;OAOG;IACG,mBAAmB,CAAC,KAAK,EAAE;QAC/B,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,UAAU,EAAE,MAAM,CAAA;SAAE,CAAC;KACzD,GAAG,OAAO,CAAC,IAAI,CAAC;IAMX,kBAAkB,CAAC,KAAK,EAAE;QAC9B,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjB;;;;;OAKG;YACW,sBAAsB;IA8CpC;;;;;;;;;;OAUG;YACW,sBAAsB;IAqEpC;;;;;;;;;;;;;;OAcG;IACU,oBAAoB,CAC/B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAuDzB;;;;;;;;;OASG;IACU,yBAAyB,CACpC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,IAAI,CAAC;IA8GhB;;;;;;;;;OASG;IACU,oBAAoB,CAC/B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAsE9B;;;;;;;;;;;;;;OAcG;IACU,yBAAyB,CACpC,SAAS,EAAE,MAAM,EACjB,aAAa,EAAE,aAAa,GAC3B,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IA0F9B;;;;OAIG;IACH,OAAO,CAAC,2BAA2B;IAInC;;;;;;;;;;;;;OAaG;IACU,kCAAkC,CAC7C,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAmGzB;;;;;;;;;;;;;OAaG;IACU,iBAAiB,CAC5B,UAAU,EAAE,gBAAgB,EAC5B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,EACpC,eAAe,CAAC,EAAE,WAAW,GAAG,IAAI,GACnC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA4DzB;;;;;;;;;;;;;;;;OAgBG;IACU,kBAAkB,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;QACR,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB,GACA,OAAO,CAAC,8BAA8B,GAAG,IAAI,CAAC;IA+HjD;;;;;;;;;;;;OAYG;IACG,eAAe,CACnB,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,EAC7B,iBAAiB,CAAC,EAAE,MAAM,EAC1B,cAAc,CAAC,EAAE,OAAO,mCAAmC,EAAE,cAAc,GAC1E,OAAO,CAAC,OAAO,CAAC;IA+HnB;;;;;;;;;;;;;;;;;;;OAmBG;IACG,aAAa,CACjB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EAAE,EAChB,SAAS,EAAE,MAAM,EACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,6DAA6D;IAChF,oBAAoB,CAAC,EAAE,OAAO,0BAA0B,EAAE,oBAAoB,EAC9E,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,MAAM,CAAC;IA4PlB;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,mBAAmB;IAmE3B;;;;;;;;;;;OAWG;IACG,kBAAkB,CACtB,aAAa,EAAE,aAAa,EAC5B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,CAAC;IAyElB;;;;;;;;;;OAUG;IACG,oBAAoB,CACxB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAgFhB;;;;;;;;;;OAUG;IACG,MAAM,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0BjD;;;;;;;OAOG;IACH,OAAO,CAAC,kBAAkB;IAe1B;;;;;;;;;;;;;OAaG;YACW,iBAAiB;
|
|
1
|
+
{"version":3,"file":"consent.service.d.ts","sourceRoot":"","sources":["../../src/services/consent.service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAapD,OAAO,KAAK,EAIV,aAAa,EACd,MAAM,2BAA2B,CAAC;AAYnC,OAAO,EAcL,KAAK,WAAW,EAChB,KAAK,8BAA8B,EACpC,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAsB,KAAK,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAY9E,qBAAa,cAAc;IACzB,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,GAAG,CAAgB;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAoB;IACpC,OAAO,CAAC,cAAc,CAAC,CAAiB;IAGxC,OAAO,CAAC,YAAY,CAAC,CAAsB;IAC3C,OAAO,CAAC,gBAAgB,CAAC,CAAgB;IAGzC,OAAO,CAAC,gBAAgB,CAAC,CAAgD;IACzE,OAAO,CAAC,gBAAgB,CAAC,CAAqD;IAE9E;;;OAGG;gBAED,GAAG,EAAE,aAAa,EAClB,OAAO,CAAC,EAAE,iBAAiB,EAC3B,gBAAgB,CAAC,EAAE,OAAO,oBAAoB,EAAE,gBAAgB,EAChE,gBAAgB,CAAC,EAAE,OAAO,oBAAoB,EAAE,qBAAqB;IAWvE;;;;;;;OAOG;YACW,eAAe;IAmC7B;;;;;;;OAOG;IACG,mBAAmB,CAAC,KAAK,EAAE;QAC/B,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,UAAU,EAAE,MAAM,CAAA;SAAE,CAAC;KACzD,GAAG,OAAO,CAAC,IAAI,CAAC;IAMX,kBAAkB,CAAC,KAAK,EAAE;QAC9B,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjB;;;;;OAKG;YACW,sBAAsB;IA8CpC;;;;;;;;;;OAUG;YACW,sBAAsB;IAqEpC;;;;;;;;;;;;;;OAcG;IACU,oBAAoB,CAC/B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAuDzB;;;;;;;;;OASG;IACU,yBAAyB,CACpC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,IAAI,CAAC;IA8GhB;;;;;;;;;OASG;IACU,oBAAoB,CAC/B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAsE9B;;;;;;;;;;;;;;OAcG;IACU,yBAAyB,CACpC,SAAS,EAAE,MAAM,EACjB,aAAa,EAAE,aAAa,GAC3B,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IA0F9B;;;;OAIG;IACH,OAAO,CAAC,2BAA2B;IAInC;;;;;;;;;;;;;OAaG;IACU,kCAAkC,CAC7C,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAmGzB;;;;;;;;;;;;;OAaG;IACU,iBAAiB,CAC5B,UAAU,EAAE,gBAAgB,EAC5B,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,EACpC,eAAe,CAAC,EAAE,WAAW,GAAG,IAAI,GACnC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA4DzB;;;;;;;;;;;;;;;;OAgBG;IACU,kBAAkB,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;QACR,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB,GACA,OAAO,CAAC,8BAA8B,GAAG,IAAI,CAAC;IA+HjD;;;;;;;;;;;;OAYG;IACG,eAAe,CACnB,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,EAC7B,iBAAiB,CAAC,EAAE,MAAM,EAC1B,cAAc,CAAC,EAAE,OAAO,mCAAmC,EAAE,cAAc,GAC1E,OAAO,CAAC,OAAO,CAAC;IA+HnB;;;;;;;;;;;;;;;;;;;OAmBG;IACG,aAAa,CACjB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EAAE,EAChB,SAAS,EAAE,MAAM,EACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,6DAA6D;IAChF,oBAAoB,CAAC,EAAE,OAAO,0BAA0B,EAAE,oBAAoB,EAC9E,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,MAAM,CAAC;IA4PlB;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,mBAAmB;IAmE3B;;;;;;;;;;;OAWG;IACG,kBAAkB,CACtB,aAAa,EAAE,aAAa,EAC5B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,CAAC;IAyElB;;;;;;;;;;OAUG;IACG,oBAAoB,CACxB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAgFhB;;;;;;;;;;OAUG;IACG,MAAM,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0BjD;;;;;;;OAOG;IACH,OAAO,CAAC,kBAAkB;IAe1B;;;;;;;;;;;;;OAaG;YACW,iBAAiB;IAkf/B;;;;;;;;OAQG;YACW,gBAAgB;IA2lC9B;;;;;;;;OAQG;YACW,cAAc;IAyY5B;;;;;OAKG;YACW,gBAAgB;IA4S9B;;;;;;;;;;OAUG;YACW,oBAAoB;IAgHlC;;;;;OAKG;YACW,iBAAiB;IAmC/B;;;;OAIG;YACW,sBAAsB;IA4FpC;;;;;;;;;OASG;YACW,wBAAwB;IAqWtC;;;;;;;;;OASG;IACH,OAAO,CAAC,WAAW;IA2BnB;;;;;;;OAOG;YACW,2BAA2B;IA8FzC;;;;;;;;;OASG;IACH,OAAO,CAAC,2BAA2B;IA4GnC;;OAEG;YACW,yBAAyB;IAsDvC;;OAEG;YACW,oBAAoB;IAmDlC;;;;;;;;;OASG;YACW,2BAA2B;IAsCzC;;;;;;;OAOG;IACU,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA4BzE;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAY3B;;OAEG;YACW,sBAAsB;IAmCpC;;;;;;;;;OASG;IACH,OAAO,CAAC,WAAW;IAMnB;;;;;;;;;OASG;IACH,OAAO,CAAC,4BAA4B;IAiHpC;;OAEG;YACW,UAAU;IAqDxB;;;;;OAKG;YACW,WAAW;IA0GzB;;OAEG;YACW,qBAAqB;CAsBpC"}
|
|
@@ -1337,6 +1337,10 @@ export class ConsentService {
|
|
|
1337
1337
|
// They ensure the delegation is created with 'password' type instead of 'none'
|
|
1338
1338
|
const credentialProviderType = params.get("credential_provider_type");
|
|
1339
1339
|
const credentialProvider = params.get("credential_provider");
|
|
1340
|
+
// ✅ CRITICAL: Extract userDid from redirect to bypass KV eventual consistency issues
|
|
1341
|
+
// When credential auth completes, userDid is passed through redirect URL
|
|
1342
|
+
// This ensures storeDelegationToken can use the correct user+agent key immediately
|
|
1343
|
+
const userDidFromParams = params.get("user_did");
|
|
1340
1344
|
// ✅ Extract mode param for post-credential clickwrap detection
|
|
1341
1345
|
// When credential auth completes, user is redirected to /consent?mode=consent-only&credential_provider_type=password
|
|
1342
1346
|
const mode = params.get("mode");
|
|
@@ -1517,10 +1521,17 @@ export class ConsentService {
|
|
|
1517
1521
|
let isOAuthRequired = false;
|
|
1518
1522
|
// ✅ CONFIG-BASED CREDENTIAL DETECTION (replaces string matching)
|
|
1519
1523
|
// Fetch credential provider config ONCE and reuse throughout the method
|
|
1520
|
-
// Only fetch when:
|
|
1524
|
+
// Only fetch when:
|
|
1525
|
+
// 1. provider exists
|
|
1526
|
+
// 2. NOT in post-credential clickwrap state
|
|
1527
|
+
// 3. Tool actually requires password auth (not consent-only)
|
|
1521
1528
|
// This avoids unnecessary network calls for pure consent-only tools and post-auth clickwrap
|
|
1522
1529
|
let credentialProviderConfig = null;
|
|
1523
|
-
|
|
1530
|
+
const isConsentOnlyTool = protection?.authorization?.type === "none";
|
|
1531
|
+
if (provider &&
|
|
1532
|
+
projectId &&
|
|
1533
|
+
!isPostCredentialClickwrap &&
|
|
1534
|
+
!isConsentOnlyTool) {
|
|
1524
1535
|
try {
|
|
1525
1536
|
credentialProviderConfig = await this.getCredentialProviderConfig(projectId, provider);
|
|
1526
1537
|
}
|
|
@@ -1529,6 +1540,9 @@ export class ConsentService {
|
|
|
1529
1540
|
logger.warn("[ConsentService] Failed to fetch credential provider config:", err);
|
|
1530
1541
|
}
|
|
1531
1542
|
}
|
|
1543
|
+
if (isConsentOnlyTool && provider) {
|
|
1544
|
+
logger.debug("[ConsentService] Tool is consent-only (authorization.type=none), skipping credential provider config fetch", { projectId, tool, provider });
|
|
1545
|
+
}
|
|
1532
1546
|
// Determine if this is a credentials provider based on config existence (not string matching)
|
|
1533
1547
|
const isCredentialsProvider = !!credentialProviderConfig;
|
|
1534
1548
|
if (isCredentialsProvider && oauthRequired) {
|
|
@@ -1621,6 +1635,9 @@ export class ConsentService {
|
|
|
1621
1635
|
// They ensure the delegation is created with 'password' type instead of 'none'
|
|
1622
1636
|
credentialProviderType: credentialProviderType || undefined,
|
|
1623
1637
|
credentialProvider: credentialProvider || undefined,
|
|
1638
|
+
// ✅ CRITICAL: Pass userDid to bypass KV eventual consistency issues
|
|
1639
|
+
// This is passed through the redirect URL from credential auth
|
|
1640
|
+
userDid: userDidFromParams || undefined,
|
|
1624
1641
|
};
|
|
1625
1642
|
// CRED-003: Render credential form if this is a credential provider
|
|
1626
1643
|
// Guard conditions:
|
|
@@ -2774,7 +2791,7 @@ export class ConsentService {
|
|
|
2774
2791
|
logger.debug("[ConsentService] Credential submission detected", {
|
|
2775
2792
|
provider_type: providerType,
|
|
2776
2793
|
});
|
|
2777
|
-
return this.handleCredentialApproval(bodyObj);
|
|
2794
|
+
return this.handleCredentialApproval(bodyObj, request);
|
|
2778
2795
|
}
|
|
2779
2796
|
// ✅ Consent-only mode (provider_type: 'none')
|
|
2780
2797
|
// This can be:
|
|
@@ -2803,14 +2820,27 @@ export class ConsentService {
|
|
|
2803
2820
|
provider_type: CONSENT_PROVIDER_TYPES.PASSWORD,
|
|
2804
2821
|
};
|
|
2805
2822
|
}
|
|
2823
|
+
// CRITICAL FIX: Read userDid from URL params passed through redirect
|
|
2824
|
+
// This bypasses KV eventual consistency issues - we don't need to read
|
|
2825
|
+
// from KV because userDid was passed directly in the redirect URL
|
|
2826
|
+
const userDidFromRedirect = bodyObj.user_did;
|
|
2827
|
+
if (userDidFromRedirect) {
|
|
2828
|
+
logger.debug("[ConsentService] ✅ Using userDid from redirect (bypassing KV):", {
|
|
2829
|
+
sessionId: sessionId?.substring(0, 20) + "...",
|
|
2830
|
+
userDid: userDidFromRedirect.substring(0, 30) + "...",
|
|
2831
|
+
source: "redirect-param",
|
|
2832
|
+
});
|
|
2833
|
+
// Ensure userDid is in bodyObj for createDelegation and storeDelegationToken
|
|
2834
|
+
bodyObj.user_did = userDidFromRedirect;
|
|
2835
|
+
}
|
|
2806
2836
|
logger.debug("[ConsentService] ✅ Using credential auth provider_type for delegation:", {
|
|
2807
2837
|
sessionId: sessionId?.substring(0, 20) + "...",
|
|
2808
2838
|
providerType: CONSENT_PROVIDER_TYPES.PASSWORD,
|
|
2809
2839
|
provider: credentialProvider,
|
|
2840
|
+
hasUserDid: !!userDidFromRedirect,
|
|
2810
2841
|
note: "Delegation will have authorization.type='password' to match tool protection",
|
|
2811
2842
|
});
|
|
2812
|
-
// The userDid
|
|
2813
|
-
// We don't need to generate ephemeral one
|
|
2843
|
+
// The userDid is passed via redirect URL - no need to read from KV
|
|
2814
2844
|
}
|
|
2815
2845
|
else {
|
|
2816
2846
|
// Pure consent-only mode - no prior authentication
|
|
@@ -2960,7 +2990,9 @@ export class ConsentService {
|
|
|
2960
2990
|
delegationId: delegationResult.delegation_id?.substring(0, 20) + "...",
|
|
2961
2991
|
});
|
|
2962
2992
|
// Store delegation token in KV
|
|
2963
|
-
|
|
2993
|
+
// Pass user_did directly if available (from redirect params) to bypass KV consistency issues
|
|
2994
|
+
await this.storeDelegationToken(approvalRequest.session_id, approvalRequest.agent_did, delegationResult.delegation_token, delegationResult.delegation_id, approvalRequest.user_did // Pass userDid directly to bypass KV read
|
|
2995
|
+
);
|
|
2964
2996
|
// ✅ After successful delegation creation - log audit events
|
|
2965
2997
|
if (auditService && delegationResult.success) {
|
|
2966
2998
|
try {
|
|
@@ -3256,8 +3288,9 @@ export class ConsentService {
|
|
|
3256
3288
|
* @param agentDid - Agent DID
|
|
3257
3289
|
* @param token - Delegation token
|
|
3258
3290
|
* @param delegationId - Delegation ID
|
|
3291
|
+
* @param providedUserDid - Optional userDid passed directly (bypasses KV read for consistency)
|
|
3259
3292
|
*/
|
|
3260
|
-
async storeDelegationToken(sessionId, agentDid, token, delegationId) {
|
|
3293
|
+
async storeDelegationToken(sessionId, agentDid, token, delegationId, providedUserDid) {
|
|
3261
3294
|
const delegationStorage = this.env.DELEGATION_STORAGE;
|
|
3262
3295
|
if (!delegationStorage) {
|
|
3263
3296
|
logger.warn("[ConsentService] No delegation storage configured, token not stored");
|
|
@@ -3266,13 +3299,22 @@ export class ConsentService {
|
|
|
3266
3299
|
try {
|
|
3267
3300
|
// Default TTL: 7 days (same as delegation expiration)
|
|
3268
3301
|
const ttl = 7 * 24 * 60 * 60; // 7 days in seconds
|
|
3269
|
-
// Get userDID from
|
|
3270
|
-
//
|
|
3271
|
-
|
|
3272
|
-
|
|
3302
|
+
// Get userDID from:
|
|
3303
|
+
// 1. Provided directly (bypasses KV for consistency - from redirect params)
|
|
3304
|
+
// 2. Fall back to session cache (for OAuth flow or when not passed)
|
|
3305
|
+
let userDid = providedUserDid;
|
|
3306
|
+
// Try to get userDID from session cache (only if not provided)
|
|
3273
3307
|
const sessionKey = STORAGE_KEYS.session(sessionId);
|
|
3274
3308
|
const sessionData = (await delegationStorage.get(sessionKey, "json"));
|
|
3275
|
-
userDid
|
|
3309
|
+
if (!userDid) {
|
|
3310
|
+
userDid = sessionData?.userDid;
|
|
3311
|
+
if (userDid) {
|
|
3312
|
+
logger.debug("[ConsentService] userDid from session cache (KV):", userDid.substring(0, 30) + "...");
|
|
3313
|
+
}
|
|
3314
|
+
}
|
|
3315
|
+
else {
|
|
3316
|
+
logger.debug("[ConsentService] userDid from redirect param (bypassing KV):", userDid.substring(0, 30) + "...");
|
|
3317
|
+
}
|
|
3276
3318
|
// Primary: User+Agent scoped (no conflicts) - Phase 4
|
|
3277
3319
|
if (userDid) {
|
|
3278
3320
|
const userAgentKey = STORAGE_KEYS.delegation(userDid, agentDid);
|
|
@@ -3424,9 +3466,10 @@ export class ConsentService {
|
|
|
3424
3466
|
* via AgentShield, stores token with usage metadata, and creates delegation.
|
|
3425
3467
|
*
|
|
3426
3468
|
* @param body - Raw request body with credential fields
|
|
3469
|
+
* @param request - Original request (for URL derivation if MCP_SERVER_URL not set)
|
|
3427
3470
|
* @returns JSON response
|
|
3428
3471
|
*/
|
|
3429
|
-
async handleCredentialApproval(body) {
|
|
3472
|
+
async handleCredentialApproval(body, request) {
|
|
3430
3473
|
logger.debug("[ConsentService] Processing credential approval");
|
|
3431
3474
|
// Extract standard fields
|
|
3432
3475
|
const { tool, scopes: rawScopes, agent_did, session_id, project_id, provider, provider_type, csrf_token, ...credentials } = body;
|
|
@@ -3600,7 +3643,31 @@ export class ConsentService {
|
|
|
3600
3643
|
//
|
|
3601
3644
|
// This matches the OAuth flow pattern for consistency.
|
|
3602
3645
|
// ================================================================================
|
|
3603
|
-
|
|
3646
|
+
// Get server URL for redirect - required for constructing valid absolute URLs
|
|
3647
|
+
// Priority: 1) env var, 2) request origin, 3) error if neither available
|
|
3648
|
+
let serverUrl = this.env.MCP_SERVER_URL;
|
|
3649
|
+
if (!serverUrl) {
|
|
3650
|
+
// Fallback to request origin
|
|
3651
|
+
try {
|
|
3652
|
+
const requestUrl = new URL(request.url);
|
|
3653
|
+
serverUrl = requestUrl.origin;
|
|
3654
|
+
}
|
|
3655
|
+
catch {
|
|
3656
|
+
// Request URL parsing failed
|
|
3657
|
+
}
|
|
3658
|
+
}
|
|
3659
|
+
// Validate that we have a valid server URL
|
|
3660
|
+
if (!serverUrl || serverUrl === "null" || !serverUrl.startsWith("http")) {
|
|
3661
|
+
logger.error("[ConsentService] MCP_SERVER_URL not configured and cannot be derived from request", { hasEnvVar: !!this.env.MCP_SERVER_URL, requestUrl: request.url });
|
|
3662
|
+
return new Response(JSON.stringify({
|
|
3663
|
+
success: false,
|
|
3664
|
+
error: "Server URL not configured. Please set MCP_SERVER_URL environment variable.",
|
|
3665
|
+
error_code: "server_url_required",
|
|
3666
|
+
}), {
|
|
3667
|
+
status: 500,
|
|
3668
|
+
headers: { "Content-Type": "application/json" },
|
|
3669
|
+
});
|
|
3670
|
+
}
|
|
3604
3671
|
// Build clickwrap URL with all necessary parameters
|
|
3605
3672
|
const clickwrapUrl = new URL(`${serverUrl}/consent`);
|
|
3606
3673
|
// Mode is consent-only since credential auth is complete
|
|
@@ -3625,6 +3692,12 @@ export class ConsentService {
|
|
|
3625
3692
|
if (authResult.userId) {
|
|
3626
3693
|
clickwrapUrl.searchParams.set("credential_user_id", authResult.userId);
|
|
3627
3694
|
}
|
|
3695
|
+
// CRITICAL FIX: Pass userDid through redirect to avoid KV eventual consistency issues
|
|
3696
|
+
// Without this, the clickwrap approval might read stale session data from KV
|
|
3697
|
+
// that doesn't yet have the userDid from updateSessionWithIdentity above.
|
|
3698
|
+
// By passing userDid in the URL, we ensure the delegation is stored with the
|
|
3699
|
+
// correct user+agent scoped key regardless of KV propagation timing.
|
|
3700
|
+
clickwrapUrl.searchParams.set("user_did", identityResult.userDid);
|
|
3628
3701
|
logger.debug("[ConsentService] ✅ Credential auth complete, redirecting to clickwrap", {
|
|
3629
3702
|
sessionId: session_id.substring(0, 20) + "...",
|
|
3630
3703
|
userDid: identityResult.userDid.substring(0, 30) + "...",
|
|
@@ -3727,7 +3800,10 @@ export class ConsentService {
|
|
|
3727
3800
|
const providers = result.data.providers;
|
|
3728
3801
|
if (providerName in providers) {
|
|
3729
3802
|
const rawProvider = providers[providerName];
|
|
3730
|
-
|
|
3803
|
+
// AUTH-TYPE-UNIFICATION: 'password' is the canonical type for form-based auth
|
|
3804
|
+
// AgentShield now returns type: 'password' (updated 2025-12-29)
|
|
3805
|
+
// See: proposals/2025-01-delegation-schema-fix/AUTH-TYPE-UNIFICATION.md
|
|
3806
|
+
if (rawProvider.type === CONSENT_PROVIDER_TYPES.PASSWORD) {
|
|
3731
3807
|
// Map snake_case fields to camelCase (same pattern as OAuthConfigService)
|
|
3732
3808
|
// AgentShield API may return snake_case fields from database
|
|
3733
3809
|
const provider = this.mapCredentialProviderFields(rawProvider, providerName);
|