@kya-os/mcp-i-core 1.2.2-canary.2 → 1.2.2-canary.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/identity/user-did-manager.d.ts +39 -1
- package/dist/identity/user-did-manager.d.ts.map +1 -1
- package/dist/identity/user-did-manager.js +69 -3
- package/dist/identity/user-did-manager.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -1
- package/dist/index.js.map +1 -1
- package/dist/runtime/audit-logger.d.ts +37 -0
- package/dist/runtime/audit-logger.d.ts.map +1 -0
- package/dist/runtime/audit-logger.js +9 -0
- package/dist/runtime/audit-logger.js.map +1 -0
- package/dist/runtime/base.d.ts +58 -2
- package/dist/runtime/base.d.ts.map +1 -1
- package/dist/runtime/base.js +266 -11
- package/dist/runtime/base.js.map +1 -1
- package/dist/services/access-control.service.d.ts.map +1 -1
- package/dist/services/access-control.service.js +79 -7
- package/dist/services/access-control.service.js.map +1 -1
- package/dist/services/tool-protection.service.d.ts +73 -5
- package/dist/services/tool-protection.service.d.ts.map +1 -1
- package/dist/services/tool-protection.service.js +220 -69
- package/dist/services/tool-protection.service.js.map +1 -1
- package/package.json +16 -6
|
@@ -8,6 +8,27 @@
|
|
|
8
8
|
* requiring user registration or persistent identity.
|
|
9
9
|
*/
|
|
10
10
|
import { CryptoProvider } from '../providers/base';
|
|
11
|
+
/**
|
|
12
|
+
* OAuth identity for persistent user DID lookup
|
|
13
|
+
*/
|
|
14
|
+
export interface OAuthIdentity {
|
|
15
|
+
/**
|
|
16
|
+
* OAuth provider name (e.g., "google", "github", "microsoft")
|
|
17
|
+
*/
|
|
18
|
+
provider: string;
|
|
19
|
+
/**
|
|
20
|
+
* OAuth subject identifier (unique user ID from provider)
|
|
21
|
+
*/
|
|
22
|
+
subject: string;
|
|
23
|
+
/**
|
|
24
|
+
* User's email address from OAuth provider (optional)
|
|
25
|
+
*/
|
|
26
|
+
email?: string;
|
|
27
|
+
/**
|
|
28
|
+
* User's display name from OAuth provider (optional)
|
|
29
|
+
*/
|
|
30
|
+
name?: string;
|
|
31
|
+
}
|
|
11
32
|
/**
|
|
12
33
|
* User DID storage interface
|
|
13
34
|
*/
|
|
@@ -24,6 +45,16 @@ export interface UserDidStorage {
|
|
|
24
45
|
* Delete user DID for a session
|
|
25
46
|
*/
|
|
26
47
|
delete(sessionId: string): Promise<void>;
|
|
48
|
+
/**
|
|
49
|
+
* Get user DID by OAuth identity (optional - for persistent user DID lookup)
|
|
50
|
+
* If not implemented, OAuth-based lookup will be skipped
|
|
51
|
+
*/
|
|
52
|
+
getByOAuth?(provider: string, subject: string): Promise<string | null>;
|
|
53
|
+
/**
|
|
54
|
+
* Store user DID mapping for OAuth identity (optional - for persistent user DID storage)
|
|
55
|
+
* If not implemented, OAuth-based storage will be skipped
|
|
56
|
+
*/
|
|
57
|
+
setByOAuth?(provider: string, subject: string, did: string, ttl?: number): Promise<void>;
|
|
27
58
|
}
|
|
28
59
|
/**
|
|
29
60
|
* User DID Manager configuration
|
|
@@ -61,12 +92,19 @@ export declare class UserDidManager {
|
|
|
61
92
|
* Generate or retrieve user DID for a session
|
|
62
93
|
*
|
|
63
94
|
* If a user DID already exists for the session, it is returned.
|
|
95
|
+
* If OAuth identity is provided, checks for persistent user DID mapping first.
|
|
64
96
|
* Otherwise, a new ephemeral did:key is generated.
|
|
65
97
|
*
|
|
66
98
|
* @param sessionId - MCP session ID
|
|
99
|
+
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
67
100
|
* @returns User DID (did:key format)
|
|
101
|
+
*
|
|
102
|
+
* @remarks
|
|
103
|
+
* - If OAuth identity provided, checks for existing mapping first
|
|
104
|
+
* - Falls back to ephemeral DID generation if OAuth unavailable
|
|
105
|
+
* - Caches result in session storage for performance
|
|
68
106
|
*/
|
|
69
|
-
getOrCreateUserDid(sessionId: string): Promise<string>;
|
|
107
|
+
getOrCreateUserDid(sessionId: string, oauthIdentity?: OAuthIdentity | null): Promise<string>;
|
|
70
108
|
/**
|
|
71
109
|
* Generate a new ephemeral user DID
|
|
72
110
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAE/C;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAE/C;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzC;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAEvE;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC1F;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,OAAO,CAAC,EAAE,cAAc,CAAC;IAEzB;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;;GAKG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,eAAe,CAA6B;gBAExC,MAAM,EAAE,oBAAoB;IAIxC;;;;;;;;;;;;;;;OAeG;IACG,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;IA2GlG;;;;;OAKG;YACW,eAAe;IAkB7B;;;;;OAKG;IACH,OAAO,CAAC,2BAA2B;IAiBnC;;;OAGG;IACH,OAAO,CAAC,YAAY;IAwBpB;;OAEG;IACH,OAAO,CAAC,aAAa;IAerB;;OAEG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkB3D;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAapD;;OAEG;IACH,UAAU,IAAI,IAAI;CAGnB"}
|
|
@@ -26,22 +26,73 @@ class UserDidManager {
|
|
|
26
26
|
* Generate or retrieve user DID for a session
|
|
27
27
|
*
|
|
28
28
|
* If a user DID already exists for the session, it is returned.
|
|
29
|
+
* If OAuth identity is provided, checks for persistent user DID mapping first.
|
|
29
30
|
* Otherwise, a new ephemeral did:key is generated.
|
|
30
31
|
*
|
|
31
32
|
* @param sessionId - MCP session ID
|
|
33
|
+
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
32
34
|
* @returns User DID (did:key format)
|
|
35
|
+
*
|
|
36
|
+
* @remarks
|
|
37
|
+
* - If OAuth identity provided, checks for existing mapping first
|
|
38
|
+
* - Falls back to ephemeral DID generation if OAuth unavailable
|
|
39
|
+
* - Caches result in session storage for performance
|
|
33
40
|
*/
|
|
34
|
-
async getOrCreateUserDid(sessionId) {
|
|
41
|
+
async getOrCreateUserDid(sessionId, oauthIdentity) {
|
|
35
42
|
// Check cache first
|
|
36
43
|
if (this.sessionDidCache.has(sessionId)) {
|
|
37
44
|
return this.sessionDidCache.get(sessionId);
|
|
38
45
|
}
|
|
39
|
-
//
|
|
46
|
+
// PRIORITY 1: If OAuth identity provided, check for persistent user DID mapping
|
|
47
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage?.getByOAuth) {
|
|
48
|
+
try {
|
|
49
|
+
const persistentUserDid = await this.config.storage.getByOAuth(oauthIdentity.provider, oauthIdentity.subject);
|
|
50
|
+
if (persistentUserDid) {
|
|
51
|
+
console.log('[UserDidManager] Found persistent user DID from OAuth mapping:', {
|
|
52
|
+
provider: oauthIdentity.provider,
|
|
53
|
+
userDid: persistentUserDid.substring(0, 20) + '...',
|
|
54
|
+
});
|
|
55
|
+
// Cache it for this session
|
|
56
|
+
this.sessionDidCache.set(sessionId, persistentUserDid);
|
|
57
|
+
// Also store in session storage for faster future lookups
|
|
58
|
+
if (this.config.storage) {
|
|
59
|
+
try {
|
|
60
|
+
await this.config.storage.set(sessionId, persistentUserDid, 1800); // 30 minutes TTL
|
|
61
|
+
}
|
|
62
|
+
catch (error) {
|
|
63
|
+
// Log but continue - DID is cached and will be returned
|
|
64
|
+
console.warn('[UserDidManager] Failed to cache persistent DID in session storage:', error);
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
return persistentUserDid;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
catch (error) {
|
|
71
|
+
// Log but continue - will check session storage or generate new DID
|
|
72
|
+
console.warn('[UserDidManager] OAuth lookup failed, falling back to session storage:', error);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
// PRIORITY 2: Check session storage if available
|
|
40
76
|
if (this.config.storage) {
|
|
41
77
|
try {
|
|
42
78
|
const storedDid = await this.config.storage.get(sessionId);
|
|
43
79
|
if (storedDid) {
|
|
44
80
|
this.sessionDidCache.set(sessionId, storedDid);
|
|
81
|
+
// If OAuth identity provided but no persistent mapping found, create one now
|
|
82
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage.setByOAuth) {
|
|
83
|
+
try {
|
|
84
|
+
await this.config.storage.setByOAuth(oauthIdentity.provider, oauthIdentity.subject, storedDid, 90 * 24 * 60 * 60 // 90 days TTL for persistent mapping
|
|
85
|
+
);
|
|
86
|
+
console.log('[UserDidManager] Created persistent OAuth mapping for existing user DID:', {
|
|
87
|
+
provider: oauthIdentity.provider,
|
|
88
|
+
userDid: storedDid.substring(0, 20) + '...',
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
catch (error) {
|
|
92
|
+
// Log but continue - mapping creation failed, but DID is still valid
|
|
93
|
+
console.warn('[UserDidManager] Failed to create OAuth mapping:', error);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
45
96
|
return storedDid;
|
|
46
97
|
}
|
|
47
98
|
}
|
|
@@ -50,7 +101,7 @@ class UserDidManager {
|
|
|
50
101
|
console.warn('[UserDidManager] Storage.get failed, generating new DID:', error);
|
|
51
102
|
}
|
|
52
103
|
}
|
|
53
|
-
// Generate new user DID
|
|
104
|
+
// PRIORITY 3: Generate new user DID
|
|
54
105
|
const userDid = await this.generateUserDid();
|
|
55
106
|
// Cache it
|
|
56
107
|
this.sessionDidCache.set(sessionId, userDid);
|
|
@@ -64,6 +115,21 @@ class UserDidManager {
|
|
|
64
115
|
console.warn('[UserDidManager] Storage.set failed, continuing with cached DID:', error);
|
|
65
116
|
}
|
|
66
117
|
}
|
|
118
|
+
// If OAuth identity provided, create persistent mapping
|
|
119
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage?.setByOAuth) {
|
|
120
|
+
try {
|
|
121
|
+
await this.config.storage.setByOAuth(oauthIdentity.provider, oauthIdentity.subject, userDid, 90 * 24 * 60 * 60 // 90 days TTL for persistent mapping
|
|
122
|
+
);
|
|
123
|
+
console.log('[UserDidManager] Created persistent OAuth mapping for new user DID:', {
|
|
124
|
+
provider: oauthIdentity.provider,
|
|
125
|
+
userDid: userDid.substring(0, 20) + '...',
|
|
126
|
+
});
|
|
127
|
+
}
|
|
128
|
+
catch (error) {
|
|
129
|
+
// Log but continue - mapping creation failed, but DID is still valid
|
|
130
|
+
console.warn('[UserDidManager] Failed to create OAuth mapping:', error);
|
|
131
|
+
}
|
|
132
|
+
}
|
|
67
133
|
return userDid;
|
|
68
134
|
}
|
|
69
135
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-did-manager.js","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;
|
|
1
|
+
{"version":3,"file":"user-did-manager.js","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAuFH;;;;;GAKG;AACH,MAAa,cAAc;IACjB,MAAM,CAAuB;IAC7B,eAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;IAEpD,YAAY,MAA4B;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB,EAAE,aAAoC;QAC9E,oBAAoB;QACpB,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;QAC9C,CAAC;QAED,gFAAgF;QAChF,IAAI,aAAa,IAAI,aAAa,CAAC,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACxG,IAAI,CAAC;gBACH,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAC5D,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,CACtB,CAAC;gBACF,IAAI,iBAAiB,EAAE,CAAC;oBACtB,OAAO,CAAC,GAAG,CAAC,gEAAgE,EAAE;wBAC5E,QAAQ,EAAE,aAAa,CAAC,QAAQ;wBAChC,OAAO,EAAE,iBAAiB,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACpD,CAAC,CAAC;oBACH,4BAA4B;oBAC5B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;oBACvD,0DAA0D;oBAC1D,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACxB,IAAI,CAAC;4BACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,iBAAiB,EAAE,IAAI,CAAC,CAAC,CAAC,iBAAiB;wBACtF,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,wDAAwD;4BACxD,OAAO,CAAC,IAAI,CAAC,qEAAqE,EAAE,KAAK,CAAC,CAAC;wBAC7F,CAAC;oBACH,CAAC;oBACD,OAAO,iBAAiB,CAAC;gBAC3B,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,oEAAoE;gBACpE,OAAO,CAAC,IAAI,CAAC,wEAAwE,EAAE,KAAK,CAAC,CAAC;YAChG,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAC3D,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;oBAC/C,6EAA6E;oBAC7E,IAAI,aAAa,IAAI,aAAa,CAAC,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;wBACvG,IAAI,CAAC;4BACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAClC,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,EACrB,SAAS,EACT,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,qCAAqC;6BACxD,CAAC;4BACF,OAAO,CAAC,GAAG,CAAC,0EAA0E,EAAE;gCACtF,QAAQ,EAAE,aAAa,CAAC,QAAQ;gCAChC,OAAO,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;6BAC5C,CAAC,CAAC;wBACL,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,qEAAqE;4BACrE,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;wBAC1E,CAAC;oBACH,CAAC;oBACD,OAAO,SAAS,CAAC;gBACnB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,2CAA2C;gBAC3C,OAAO,CAAC,IAAI,CAAC,0DAA0D,EAAE,KAAK,CAAC,CAAC;YAClF,CAAC;QACH,CAAC;QAED,oCAAoC;QACpC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7C,WAAW;QACX,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAE7C,mCAAmC;QACnC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,iBAAiB;YAC5E,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,wDAAwD;gBACxD,OAAO,CAAC,IAAI,CAAC,kEAAkE,EAAE,KAAK,CAAC,CAAC;YAC1F,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,IAAI,aAAa,IAAI,aAAa,CAAC,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACxG,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAClC,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,EACrB,OAAO,EACP,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,qCAAqC;iBACxD,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,qEAAqE,EAAE;oBACjF,QAAQ,EAAE,aAAa,CAAC,QAAQ;oBAChC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;iBAC1C,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,qEAAqE;gBACrE,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,eAAe;QAC3B,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YACvD,+CAA+C;YAC/C,gCAAgC;YAChC,+CAA+C;YAC/C,OAAO,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QAC9E,CAAC;QAED,wCAAwC;QACxC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;QAE3D,kDAAkD;QAClD,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE7D,mCAAmC;QACnC,OAAO,IAAI,CAAC,2BAA2B,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;OAKG;IACK,2BAA2B,CAAC,cAA0B;QAC5D,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;QAEtD,8BAA8B;QAC9B,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,gBAAgB,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACtF,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QACpC,aAAa,CAAC,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAE3D,gDAAgD;QAChD,sDAAsD;QACtD,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;QAEvD,0CAA0C;QAC1C,OAAO,YAAY,aAAa,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACK,YAAY,CAAC,KAAiB;QACpC,MAAM,QAAQ,GAAG,4DAA4D,CAAC;QAC9E,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAEpB,+BAA+B;QAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,CAAC;QAED,oBAAoB;QACpB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,OAAO,GAAG,GAAG,CAAC,EAAE,CAAC;YACf,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;YACrD,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;QACzB,CAAC;QAED,oBAAoB;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,MAAc;QAClC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,sBAAsB;YACtB,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QACvD,CAAC;aAAM,CAAC;YACN,8BAA8B;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,KAAK,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,SAAiB;QAChC,cAAc;QACd,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;QAC9C,CAAC;QAED,gBAAgB;QAChB,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAC3D,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;gBAC/C,OAAO,SAAS,CAAC;YACnB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,SAAiB;QAClC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEvC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAC9C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,8CAA8C;gBAC9C,OAAO,CAAC,IAAI,CAAC,qDAAqD,EAAE,KAAK,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;IAC/B,CAAC;CACF;AA3QD,wCA2QC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -8,6 +8,7 @@ export { CryptoProvider, ClockProvider, FetchProvider, StorageProvider, NonceCac
|
|
|
8
8
|
export { MemoryStorageProvider, MemoryNonceCacheProvider, MemoryIdentityProvider, } from "./providers/memory";
|
|
9
9
|
export { MCPIRuntimeBase } from "./runtime/base";
|
|
10
10
|
export type { RuntimeWithAccessControl } from "./runtime/base";
|
|
11
|
+
export type { IAuditLogger } from "./runtime/audit-logger";
|
|
11
12
|
export * from "./utils";
|
|
12
13
|
export { ToolProtectionService } from "./services/tool-protection.service";
|
|
13
14
|
export { CryptoService } from "./services/crypto.service";
|
|
@@ -37,6 +38,7 @@ export { canonicalizeJSON } from "./delegation/utils";
|
|
|
37
38
|
import type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord } from "@kya-os/contracts";
|
|
38
39
|
export type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord, };
|
|
39
40
|
export * from "./config";
|
|
41
|
+
export { fetchRemoteConfig, type RemoteConfigCache, type RemoteConfigOptions, } from "./config/remote-config";
|
|
40
42
|
export { UserDidManager } from "./identity/user-did-manager";
|
|
41
43
|
export type { UserDidStorage, UserDidManagerConfig, } from "./identity/user-did-manager";
|
|
42
44
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,aAAa,GACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,YAAY,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG/D,cAAc,SAAS,CAAC;AAExB,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAGvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAE5E,YAAY,EACV,6BAA6B,EAC7B,8BAA8B,GAC/B,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EACV,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,4BAA4B,CAAC;AAGpC,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,EACL,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,+BAA+B,CAAC;AAEvC,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAGlE,OAAO,EACL,0BAA0B,EAC1B,sBAAsB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,IAAI,0BAA0B,GACpD,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,4BAA4B,EAC5B,wBAAwB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,GACnC,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,GAChC,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,gBAAgB,EAChB,UAAU,EACV,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,GAC3B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,KAAK,cAAc,EACnB,KAAK,8BAA8B,GACpC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,EAChC,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,0BAA0B,GAChC,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gDAAgD,CAAC;AAEzF,OAAO,EAAE,4BAA4B,EAAE,MAAM,2CAA2C,CAAC;AAGzF,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,GAC1B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAItD,OAAO,KAAK,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,GACZ,CAAC;AAGF,cAAc,UAAU,CAAC;AAGzB,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,YAAY,EACV,cAAc,EACd,oBAAoB,GACrB,MAAM,6BAA6B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,aAAa,GACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,YAAY,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG/D,YAAY,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAG3D,cAAc,SAAS,CAAC;AAExB,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAGvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAE5E,YAAY,EACV,6BAA6B,EAC7B,8BAA8B,GAC/B,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EACV,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,4BAA4B,CAAC;AAGpC,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,EACL,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,+BAA+B,CAAC;AAEvC,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAGlE,OAAO,EACL,0BAA0B,EAC1B,sBAAsB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,IAAI,0BAA0B,GACpD,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,4BAA4B,EAC5B,wBAAwB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,GACnC,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,GAChC,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,gBAAgB,EAChB,UAAU,EACV,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,GAC3B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,KAAK,cAAc,EACnB,KAAK,8BAA8B,GACpC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,EAChC,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,0BAA0B,GAChC,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gDAAgD,CAAC;AAEzF,OAAO,EAAE,4BAA4B,EAAE,MAAM,2CAA2C,CAAC;AAGzF,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,GAC1B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAItD,OAAO,KAAK,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,GACZ,CAAC;AAGF,cAAc,UAAU,CAAC;AAGzB,OAAO,EACL,iBAAiB,EACjB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,GACzB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,YAAY,EACV,cAAc,EACd,oBAAoB,GACrB,MAAM,6BAA6B,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -20,7 +20,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
20
20
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
21
21
|
};
|
|
22
22
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23
|
-
exports.UserDidManager = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.MemoryDelegationGraphStorage = exports.MemoryStatusListStorage = exports.createCascadingRevocationManager = exports.CascadingRevocationManager = exports.createDelegationGraph = exports.DelegationGraphManager = exports.isIndexSet = exports.BitstringManager = exports.createStatusListManager = exports.StatusList2021Manager = exports.createDelegationVerifier = exports.DelegationCredentialVerifier = exports.createDelegationIssuer = exports.DelegationCredentialIssuer = exports.DelegationRequiredError = exports.NoOpToolProtectionCache = exports.InMemoryToolProtectionCache = exports.createProofVerificationError = exports.PROOF_VERIFICATION_ERROR_CODES = exports.ProofVerificationError = exports.migrateLegacyKeys = exports.StorageKeyHelpers = exports.createStorageProviders = exports.AccessControlApiService = exports.ProofVerifier = exports.CryptoService = exports.ToolProtectionService = exports.MCPIRuntimeBase = exports.MemoryIdentityProvider = exports.MemoryNonceCacheProvider = exports.MemoryStorageProvider = exports.IdentityProvider = exports.NonceCacheProvider = exports.StorageProvider = exports.FetchProvider = exports.ClockProvider = exports.CryptoProvider = void 0;
|
|
23
|
+
exports.UserDidManager = exports.fetchRemoteConfig = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.MemoryDelegationGraphStorage = exports.MemoryStatusListStorage = exports.createCascadingRevocationManager = exports.CascadingRevocationManager = exports.createDelegationGraph = exports.DelegationGraphManager = exports.isIndexSet = exports.BitstringManager = exports.createStatusListManager = exports.StatusList2021Manager = exports.createDelegationVerifier = exports.DelegationCredentialVerifier = exports.createDelegationIssuer = exports.DelegationCredentialIssuer = exports.DelegationRequiredError = exports.NoOpToolProtectionCache = exports.InMemoryToolProtectionCache = exports.createProofVerificationError = exports.PROOF_VERIFICATION_ERROR_CODES = exports.ProofVerificationError = exports.migrateLegacyKeys = exports.StorageKeyHelpers = exports.createStorageProviders = exports.AccessControlApiService = exports.ProofVerifier = exports.CryptoService = exports.ToolProtectionService = exports.MCPIRuntimeBase = exports.MemoryIdentityProvider = exports.MemoryNonceCacheProvider = exports.MemoryStorageProvider = exports.IdentityProvider = exports.NonceCacheProvider = exports.StorageProvider = exports.FetchProvider = exports.ClockProvider = exports.CryptoProvider = void 0;
|
|
24
24
|
// Base providers
|
|
25
25
|
var base_1 = require("./providers/base");
|
|
26
26
|
Object.defineProperty(exports, "CryptoProvider", { enumerable: true, get: function () { return base_1.CryptoProvider; } });
|
|
@@ -107,6 +107,9 @@ var utils_1 = require("./delegation/utils");
|
|
|
107
107
|
Object.defineProperty(exports, "canonicalizeJSON", { enumerable: true, get: function () { return utils_1.canonicalizeJSON; } });
|
|
108
108
|
// Configuration types and utilities
|
|
109
109
|
__exportStar(require("./config"), exports);
|
|
110
|
+
// Remote configuration fetching
|
|
111
|
+
var remote_config_1 = require("./config/remote-config");
|
|
112
|
+
Object.defineProperty(exports, "fetchRemoteConfig", { enumerable: true, get: function () { return remote_config_1.fetchRemoteConfig; } });
|
|
110
113
|
// User DID Manager (Phase 4)
|
|
111
114
|
var user_did_manager_1 = require("./identity/user-did-manager");
|
|
112
115
|
Object.defineProperty(exports, "UserDidManager", { enumerable: true, get: function () { return user_did_manager_1.UserDidManager; } });
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;AAEH,iBAAiB;AACjB,yCAQ0B;AAPxB,sGAAA,cAAc,OAAA;AACd,qGAAA,aAAa,OAAA;AACb,qGAAA,aAAa,OAAA;AACb,uGAAA,eAAe,OAAA;AACf,0GAAA,kBAAkB,OAAA;AAClB,wGAAA,gBAAgB,OAAA;AAIlB,mBAAmB;AACnB,6CAI4B;AAH1B,+GAAA,qBAAqB,OAAA;AACrB,kHAAA,wBAAwB,OAAA;AACxB,gHAAA,sBAAsB,OAAA;AAGxB,UAAU;AACV,uCAAiD;AAAxC,uGAAA,eAAe,OAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;AAEH,iBAAiB;AACjB,yCAQ0B;AAPxB,sGAAA,cAAc,OAAA;AACd,qGAAA,aAAa,OAAA;AACb,qGAAA,aAAa,OAAA;AACb,uGAAA,eAAe,OAAA;AACf,0GAAA,kBAAkB,OAAA;AAClB,wGAAA,gBAAgB,OAAA;AAIlB,mBAAmB;AACnB,6CAI4B;AAH1B,+GAAA,qBAAqB,OAAA;AACrB,kHAAA,wBAAwB,OAAA;AACxB,gHAAA,sBAAsB,OAAA;AAGxB,UAAU;AACV,uCAAiD;AAAxC,uGAAA,eAAe,OAAA;AAMxB,YAAY;AACZ,0CAAwB;AACxB,kBAAkB;AAClB,8EAA2E;AAAlE,gIAAA,qBAAqB,OAAA;AAE9B,iBAAiB;AACjB,4DAA0D;AAAjD,+GAAA,aAAa,OAAA;AAItB,yBAAyB;AACzB,4DAA0D;AAAjD,+GAAA,aAAa,OAAA;AAOtB,gDAAgD;AAChD,4EAA4E;AAAnE,iIAAA,uBAAuB,OAAA;AAOhC,0BAA0B;AAC1B,8DAIoC;AAHlC,yHAAA,sBAAsB,OAAA;AACtB,oHAAA,iBAAiB,OAAA;AACjB,oHAAA,iBAAiB,OAAA;AAQnB,4BAA4B;AAC5B,4CAI2B;AAHzB,gHAAA,sBAAsB,OAAA;AACtB,wHAAA,8BAA8B,OAAA;AAC9B,sHAAA,4BAA4B,OAAA;AAK9B,uEAIuC;AAFrC,oIAAA,2BAA2B,OAAA;AAC3B,gIAAA,uBAAuB,OAAA;AASzB,2DAAkE;AAAzD,0HAAA,uBAAuB,OAAA;AAEhC,4BAA4B;AAC5B,oDAMgC;AAL9B,uHAAA,0BAA0B,OAAA;AAC1B,mHAAA,sBAAsB,OAAA;AAMxB,wDAUkC;AAThC,2HAAA,4BAA4B,OAAA;AAC5B,uHAAA,wBAAwB,OAAA;AAU1B,iBAAiB;AACjB,sEAKyC;AAJvC,2HAAA,qBAAqB,OAAA;AACrB,6HAAA,uBAAuB,OAAA;AAKzB,oDAKgC;AAJ9B,6GAAA,gBAAgB,OAAA;AAChB,uGAAA,UAAU,OAAA;AAKZ,0CAA0C;AAC1C,kEAKuC;AAJrC,0HAAA,sBAAsB,OAAA;AACtB,yHAAA,qBAAqB,OAAA;AAKvB,0EAM2C;AALzC,kIAAA,0BAA0B,OAAA;AAC1B,wIAAA,gCAAgC,OAAA;AAMlC,qDAAqD;AACrD,4FAAyF;AAAhF,oIAAA,uBAAuB,OAAA;AAEhC,kFAAyF;AAAhF,oIAAA,4BAA4B,OAAA;AAErC,8DAA8D;AAC9D,gEAOsC;AANpC,iHAAA,cAAc,OAAA;AACd,uHAAA,oBAAoB,OAAA;AAOtB,gEAOsC;AANpC,kHAAA,eAAe,OAAA;AACf,gHAAA,aAAa,OAAA;AACb,uHAAA,oBAAoB,OAAA;AACpB,gHAAA,aAAa,OAAA;AACb,qHAAA,kBAAkB,OAAA;AAClB,iHAAA,cAAc,OAAA;AAGhB,4CAAsD;AAA7C,yGAAA,gBAAgB,OAAA;AA4BzB,oCAAoC;AACpC,2CAAyB;AAEzB,gCAAgC;AAChC,wDAIgC;AAH9B,kHAAA,iBAAiB,OAAA;AAKnB,6BAA6B;AAC7B,gEAA6D;AAApD,kHAAA,cAAc,OAAA"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Audit Logger Interface
|
|
3
|
+
*
|
|
4
|
+
* Platform-agnostic interface for audit logging in the MCP-I framework.
|
|
5
|
+
* Implementations should be provided by platform-specific packages.
|
|
6
|
+
*/
|
|
7
|
+
import type { AuditContext, AuditEventContext } from "@kya-os/contracts/audit";
|
|
8
|
+
/**
|
|
9
|
+
* Interface for audit logging implementations
|
|
10
|
+
*
|
|
11
|
+
* This interface is platform-agnostic and can be implemented by:
|
|
12
|
+
* - Node.js implementations (using Node.js crypto)
|
|
13
|
+
* - Cloudflare Workers implementations (using Web Crypto API)
|
|
14
|
+
* - Other platform-specific implementations
|
|
15
|
+
*/
|
|
16
|
+
export interface IAuditLogger {
|
|
17
|
+
/**
|
|
18
|
+
* Log an audit record (with session deduplication)
|
|
19
|
+
*
|
|
20
|
+
* This method logs audit records using the frozen audit.v1 format.
|
|
21
|
+
* Only the first call per session is logged (deduplication).
|
|
22
|
+
*
|
|
23
|
+
* @param context - Audit context with identity, session, hashes, and verification status
|
|
24
|
+
*/
|
|
25
|
+
logAuditRecord(context: AuditContext): Promise<void>;
|
|
26
|
+
/**
|
|
27
|
+
* Log an event (without session deduplication)
|
|
28
|
+
*
|
|
29
|
+
* This method logs events using the frozen audit.v1 format.
|
|
30
|
+
* Unlike logAuditRecord(), this always logs the event, allowing
|
|
31
|
+
* multiple events per session (e.g., consent events).
|
|
32
|
+
*
|
|
33
|
+
* @param context - Event context with eventType, identity, session, and optional eventData
|
|
34
|
+
*/
|
|
35
|
+
logEvent(context: AuditEventContext): Promise<void>;
|
|
36
|
+
}
|
|
37
|
+
//# sourceMappingURL=audit-logger.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../../src/runtime/audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE/E;;;;;;;GAOG;AACH,MAAM,WAAW,YAAY;IAC3B;;;;;;;OAOG;IACH,cAAc,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAErD;;;;;;;;OAQG;IACH,QAAQ,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACrD"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Audit Logger Interface
|
|
4
|
+
*
|
|
5
|
+
* Platform-agnostic interface for audit logging in the MCP-I framework.
|
|
6
|
+
* Implementations should be provided by platform-specific packages.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
//# sourceMappingURL=audit-logger.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../../src/runtime/audit-logger.ts"],"names":[],"mappings":";AAAA;;;;;GAKG"}
|
package/dist/runtime/base.d.ts
CHANGED
|
@@ -9,13 +9,16 @@ import { CryptoProvider, ClockProvider, FetchProvider, StorageProvider, NonceCac
|
|
|
9
9
|
import { type Ed25519JWK } from "../services/crypto.service.js";
|
|
10
10
|
import { ProofVerifier } from "../services/proof-verifier.js";
|
|
11
11
|
import type { MCPIdentity, WellKnownConfig, WellKnownResponse } from "@kya-os/contracts/well-known";
|
|
12
|
+
import type { AccessControlApiService } from "../services/access-control.service.js";
|
|
12
13
|
import type { ProviderRuntimeConfig } from "../config";
|
|
13
14
|
/**
|
|
14
15
|
* Interface for runtime instances that have AccessControlApiService available
|
|
15
16
|
* This allows type-safe access to the access control service without using `as any`
|
|
17
|
+
*
|
|
18
|
+
* @deprecated AccessControlApiService is now directly available as protected property on MCPIRuntimeBase
|
|
16
19
|
*/
|
|
17
20
|
export interface RuntimeWithAccessControl {
|
|
18
|
-
accessControlService?:
|
|
21
|
+
accessControlService?: AccessControlApiService;
|
|
19
22
|
}
|
|
20
23
|
export declare class MCPIRuntimeBase {
|
|
21
24
|
protected crypto: CryptoProvider;
|
|
@@ -32,6 +35,7 @@ export declare class MCPIRuntimeBase {
|
|
|
32
35
|
private interceptedCalls;
|
|
33
36
|
private cryptoService?;
|
|
34
37
|
protected proofVerifier?: ProofVerifier;
|
|
38
|
+
protected accessControlService?: AccessControlApiService;
|
|
35
39
|
constructor(config: ProviderRuntimeConfig);
|
|
36
40
|
/**
|
|
37
41
|
* Initialize the runtime
|
|
@@ -44,7 +48,20 @@ export declare class MCPIRuntimeBase {
|
|
|
44
48
|
/**
|
|
45
49
|
* Handle handshake request
|
|
46
50
|
*/
|
|
47
|
-
|
|
51
|
+
/**
|
|
52
|
+
* Handle MCP handshake request
|
|
53
|
+
*
|
|
54
|
+
* @param request - Handshake request object (may include oauthIdentity for persistent user DID lookup)
|
|
55
|
+
* @returns Handshake response with session ID and agent DID
|
|
56
|
+
*
|
|
57
|
+
* @remarks
|
|
58
|
+
* - Accepts optional oauthIdentity via request.oauthIdentity (backward compatible)
|
|
59
|
+
* - If OAuth identity provided, uses it to retrieve/create persistent user DID
|
|
60
|
+
* - Falls back to ephemeral user DID generation if OAuth unavailable
|
|
61
|
+
*/
|
|
62
|
+
handleHandshake(request: any & {
|
|
63
|
+
oauthIdentity?: import("../identity/user-did-manager").OAuthIdentity | null;
|
|
64
|
+
}): Promise<any>;
|
|
48
65
|
/**
|
|
49
66
|
* Process tool call with automatic proof generation
|
|
50
67
|
* Returns clean result only - proof is stored for out-of-band retrieval
|
|
@@ -155,6 +172,45 @@ export declare class MCPIRuntimeBase {
|
|
|
155
172
|
private signData;
|
|
156
173
|
private generateNonce;
|
|
157
174
|
private generateSessionId;
|
|
175
|
+
/**
|
|
176
|
+
* Log structured events in JSON format (NOT frozen audit format).
|
|
177
|
+
*
|
|
178
|
+
* **Important:** This method logs events in JSON format for general runtime events
|
|
179
|
+
* (e.g., "runtime_initialized", "tool_executed", "keys_rotated").
|
|
180
|
+
*
|
|
181
|
+
* **For frozen format audit logs** (MCP-I spec compliance), use `AuditLogger.logAuditRecord()`
|
|
182
|
+
* from `@kya-os/mcp-i/runtime` instead. The frozen format is:
|
|
183
|
+
* ```
|
|
184
|
+
* audit.v1 ts=<unix> session=<id> audience=<host> did=<did> kid=<kid> reqHash=<sha256:..> resHash=<sha256:..> verified=yes|no scope=<scopeId|->
|
|
185
|
+
* ```
|
|
186
|
+
*
|
|
187
|
+
* **Format:** JSON object with `event`, `data`, `timestamp`, and `timestampFormatted` fields.
|
|
188
|
+
*
|
|
189
|
+
* **Privacy:** If `includePayloads` is false (default), the `data` field is omitted.
|
|
190
|
+
*
|
|
191
|
+
* **Use Cases:**
|
|
192
|
+
* - Developer debugging and local logging
|
|
193
|
+
* - Runtime initialization events
|
|
194
|
+
* - Tool execution tracking (non-spec-compliant)
|
|
195
|
+
* - Key rotation events
|
|
196
|
+
*
|
|
197
|
+
* **NOT for:**
|
|
198
|
+
* - MCP-I spec-compliant audit logs (use `AuditLogger`)
|
|
199
|
+
* - Production audit trails (use `AuditLogger`)
|
|
200
|
+
* - Compliance requirements (use `AuditLogger`)
|
|
201
|
+
*
|
|
202
|
+
* @param event - Event name (e.g., "runtime_initialized", "tool_executed")
|
|
203
|
+
* @param data - Event data (only included if `includePayloads` is true)
|
|
204
|
+
*
|
|
205
|
+
* @example
|
|
206
|
+
* ```typescript
|
|
207
|
+
* // Logs: {"event":"runtime_initialized","timestamp":1234567890,"timestampFormatted":"2024-01-01T00:00:00Z"}
|
|
208
|
+
* this.logAudit("runtime_initialized", { did: "did:key:..." });
|
|
209
|
+
* ```
|
|
210
|
+
*
|
|
211
|
+
* @internal This is a private method for internal runtime events.
|
|
212
|
+
* Use AuditLogger for spec-compliant frozen format audit logs.
|
|
213
|
+
*/
|
|
158
214
|
private logAudit;
|
|
159
215
|
private createDIDDocument;
|
|
160
216
|
private extractPublicKey;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../src/runtime/base.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,EACd,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAiB,KAAK,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D,OAAO,KAAK,EAGV,WAAW,EACX,eAAe,EACf,iBAAiB,EAClB,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../src/runtime/base.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,EACd,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAiB,KAAK,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D,OAAO,KAAK,EAGV,WAAW,EACX,eAAe,EACf,iBAAiB,EAClB,MAAM,8BAA8B,CAAC;AACtC,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAKrF,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AAIvD;;;;;GAKG;AACH,MAAM,WAAW,wBAAwB;IACvC,oBAAoB,CAAC,EAAE,uBAAuB,CAAC;CAChD;AAED,qBAAa,eAAe;IAC1B,SAAS,CAAC,MAAM,EAAE,cAAc,CAAC;IACjC,SAAS,CAAC,KAAK,EAAE,aAAa,CAAC;IAC/B,SAAS,CAAC,KAAK,EAAE,aAAa,CAAC;IAC/B,SAAS,CAAC,OAAO,EAAE,eAAe,CAAC;IACnC,SAAS,CAAC,UAAU,EAAE,kBAAkB,CAAC;IACzC,SAAS,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IACrC,SAAS,CAAC,MAAM,EAAE,qBAAqB,CAAC;IACxC,OAAO,CAAC,cAAc,CAAC,CAAgB;IACvC,OAAO,CAAC,QAAQ,CAA+B;IAC/C,OAAO,CAAC,SAAS,CAAC,CAAM;IACxB,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,gBAAgB,CAA+B;IACvD,OAAO,CAAC,aAAa,CAAC,CAAgB;IACtC,SAAS,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC;IACxC,SAAS,CAAC,oBAAoB,CAAC,EAAE,uBAAuB,CAAC;gBAE7C,MAAM,EAAE,qBAAqB;IAYzC;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA2CjC;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;IAO3C;;OAEG;IACH;;;;;;;;;;OAUG;IACG,eAAe,CACnB,OAAO,EAAE,GAAG,GAAG;QACb,aAAa,CAAC,EACV,OAAO,8BAA8B,EAAE,aAAa,GACpD,IAAI,CAAC;KACV,GACA,OAAO,CAAC,GAAG,CAAC;IAgGf;;;;;;;;OAQG;IACG,eAAe,CACnB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,GAAG,EACT,OAAO,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,EACpC,OAAO,CAAC,EAAE,GAAG,GACZ,OAAO,CAAC,GAAG,CAAC;IA8Zf;;;;;;;OAOG;IACG,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,EACpC,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,GAAG,CAAC;IAyCf;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAoB3B;;OAEG;IACH,OAAO,CAAC,8BAA8B;IAStC;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAS,CAAC,eAAe,CACvB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAAE,EAChB,OAAO,CAAC,EAAE,GAAG,EACb,WAAW,CAAC,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,MAAM,GACjB,MAAM;IAyBT;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAapD;;OAEG;IACG,WAAW,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;IAyCzD;;;;;;;;;OASG;IACG,WAAW,CAAC,WAAW,EAAE,GAAG,EAAE,cAAc,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC;IA2D3E;;;OAGG;YACW,iBAAiB;IAqD/B;;;;;;;;;;OAUG;IACG,cAAc,CAClB,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,UAAU,EACxB,eAAe,CAAC,EAAE,MAAM,GAAG,UAAU,GACpC,OAAO,CAAC,OAAO,CAAC;IAgBnB;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,GAAG,CAAC;IAUvC;;OAEG;IACH,YAAY,IAAI,GAAG;IAInB;;OAEG;IACH,sBAAsB,CACpB,MAAM,CAAC,EAAE,eAAe,GACvB,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,iBAAiB,GAAG,WAAW,GAAG,IAAI,CAAC;IA+DpE;;OAEG;IACH,mBAAmB,IAAI,GAAG;IAyB1B;;OAEG;IACH,cAAc,IAAI,GAAG;IAMrB;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,aAAa,CAAC;YAkB5B,QAAQ;YAOR,aAAa;YAKb,iBAAiB;IAK/B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAsCG;IACH,OAAO,CAAC,QAAQ;IAmBhB,OAAO,CAAC,iBAAiB;IAmBzB,OAAO,CAAC,gBAAgB;IAYxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA+B3B,OAAO,CAAC,aAAa;IAIrB,OAAO,CAAC,aAAa;IAIrB,OAAO,CAAC,UAAU;CAGnB"}
|