@kya-os/mcp-i-core 1.2.3-canary.7 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/settings.local.json +9 -0
- package/.turbo/turbo-build.log +4 -0
- package/.turbo/turbo-test.log +2979 -0
- package/COMPLIANCE_IMPROVEMENT_REPORT.md +483 -0
- package/Composer 3.md +615 -0
- package/GPT-5.md +1169 -0
- package/OPUS-plan.md +352 -0
- package/PHASE_3_AND_4.1_SUMMARY.md +585 -0
- package/PHASE_3_SUMMARY.md +317 -0
- package/PHASE_4.1.3_SUMMARY.md +428 -0
- package/PHASE_4.1_COMPLETE.md +525 -0
- package/PHASE_4_USER_DID_IDENTITY_LINKING_PLAN.md +1240 -0
- package/SCHEMA_COMPLIANCE_REPORT.md +275 -0
- package/TEST_PLAN.md +571 -0
- package/coverage/coverage-final.json +57 -0
- package/dist/__tests__/utils/mock-providers.d.ts +1 -2
- package/dist/__tests__/utils/mock-providers.d.ts.map +1 -1
- package/dist/__tests__/utils/mock-providers.js.map +1 -1
- package/dist/cache/oauth-config-cache.d.ts +69 -0
- package/dist/cache/oauth-config-cache.d.ts.map +1 -0
- package/dist/cache/oauth-config-cache.js +76 -0
- package/dist/cache/oauth-config-cache.js.map +1 -0
- package/dist/identity/idp-token-resolver.d.ts +53 -0
- package/dist/identity/idp-token-resolver.d.ts.map +1 -0
- package/dist/identity/idp-token-resolver.js +108 -0
- package/dist/identity/idp-token-resolver.js.map +1 -0
- package/dist/identity/idp-token-storage.interface.d.ts +42 -0
- package/dist/identity/idp-token-storage.interface.d.ts.map +1 -0
- package/dist/identity/idp-token-storage.interface.js +12 -0
- package/dist/identity/idp-token-storage.interface.js.map +1 -0
- package/dist/identity/user-did-manager.d.ts +39 -1
- package/dist/identity/user-did-manager.d.ts.map +1 -1
- package/dist/identity/user-did-manager.js +69 -3
- package/dist/identity/user-did-manager.js.map +1 -1
- package/dist/index.d.ts +22 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +39 -1
- package/dist/index.js.map +1 -1
- package/dist/runtime/audit-logger.d.ts +37 -0
- package/dist/runtime/audit-logger.d.ts.map +1 -0
- package/dist/runtime/audit-logger.js +9 -0
- package/dist/runtime/audit-logger.js.map +1 -0
- package/dist/runtime/base.d.ts +58 -2
- package/dist/runtime/base.d.ts.map +1 -1
- package/dist/runtime/base.js +266 -11
- package/dist/runtime/base.js.map +1 -1
- package/dist/services/access-control.service.d.ts.map +1 -1
- package/dist/services/access-control.service.js +200 -35
- package/dist/services/access-control.service.js.map +1 -1
- package/dist/services/authorization/authorization-registry.d.ts +29 -0
- package/dist/services/authorization/authorization-registry.d.ts.map +1 -0
- package/dist/services/authorization/authorization-registry.js +57 -0
- package/dist/services/authorization/authorization-registry.js.map +1 -0
- package/dist/services/authorization/types.d.ts +53 -0
- package/dist/services/authorization/types.d.ts.map +1 -0
- package/dist/services/authorization/types.js +10 -0
- package/dist/services/authorization/types.js.map +1 -0
- package/dist/services/batch-delegation.service.d.ts +53 -0
- package/dist/services/batch-delegation.service.d.ts.map +1 -0
- package/dist/services/batch-delegation.service.js +95 -0
- package/dist/services/batch-delegation.service.js.map +1 -0
- package/dist/services/oauth-config.service.d.ts +53 -0
- package/dist/services/oauth-config.service.d.ts.map +1 -0
- package/dist/services/oauth-config.service.js +119 -0
- package/dist/services/oauth-config.service.js.map +1 -0
- package/dist/services/oauth-provider-registry.d.ts +88 -0
- package/dist/services/oauth-provider-registry.d.ts.map +1 -0
- package/dist/services/oauth-provider-registry.js +128 -0
- package/dist/services/oauth-provider-registry.js.map +1 -0
- package/dist/services/oauth-service.d.ts +77 -0
- package/dist/services/oauth-service.d.ts.map +1 -0
- package/dist/services/oauth-service.js +348 -0
- package/dist/services/oauth-service.js.map +1 -0
- package/dist/services/oauth-token-retrieval.service.d.ts +49 -0
- package/dist/services/oauth-token-retrieval.service.d.ts.map +1 -0
- package/dist/services/oauth-token-retrieval.service.js +150 -0
- package/dist/services/oauth-token-retrieval.service.js.map +1 -0
- package/dist/services/provider-resolver.d.ts +48 -0
- package/dist/services/provider-resolver.d.ts.map +1 -0
- package/dist/services/provider-resolver.js +121 -0
- package/dist/services/provider-resolver.js.map +1 -0
- package/dist/services/provider-validator.d.ts +55 -0
- package/dist/services/provider-validator.d.ts.map +1 -0
- package/dist/services/provider-validator.js +135 -0
- package/dist/services/provider-validator.js.map +1 -0
- package/dist/services/tool-context-builder.d.ts +57 -0
- package/dist/services/tool-context-builder.d.ts.map +1 -0
- package/dist/services/tool-context-builder.js +125 -0
- package/dist/services/tool-context-builder.js.map +1 -0
- package/dist/services/tool-protection.service.d.ts +87 -10
- package/dist/services/tool-protection.service.d.ts.map +1 -1
- package/dist/services/tool-protection.service.js +282 -112
- package/dist/services/tool-protection.service.js.map +1 -1
- package/dist/types/oauth-required-error.d.ts +40 -0
- package/dist/types/oauth-required-error.d.ts.map +1 -0
- package/dist/types/oauth-required-error.js +40 -0
- package/dist/types/oauth-required-error.js.map +1 -0
- package/dist/utils/did-helpers.d.ts +33 -0
- package/dist/utils/did-helpers.d.ts.map +1 -1
- package/dist/utils/did-helpers.js +40 -0
- package/dist/utils/did-helpers.js.map +1 -1
- package/dist/utils/index.d.ts +1 -0
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +1 -0
- package/dist/utils/index.js.map +1 -1
- package/docs/API_REFERENCE.md +1362 -0
- package/docs/COMPLIANCE_MATRIX.md +691 -0
- package/docs/STATUSLIST2021_GUIDE.md +696 -0
- package/docs/W3C_VC_DELEGATION_GUIDE.md +710 -0
- package/package.json +24 -50
- package/scripts/audit-compliance.ts +724 -0
- package/src/__tests__/cache/tool-protection-cache.test.ts +640 -0
- package/src/__tests__/config/provider-runtime-config.test.ts +309 -0
- package/src/__tests__/delegation-e2e.test.ts +690 -0
- package/src/__tests__/identity/user-did-manager.test.ts +213 -0
- package/src/__tests__/index.test.ts +56 -0
- package/src/__tests__/integration/full-flow.test.ts +776 -0
- package/src/__tests__/integration.test.ts +281 -0
- package/src/__tests__/providers/base.test.ts +173 -0
- package/src/__tests__/providers/memory.test.ts +319 -0
- package/src/__tests__/regression/phase2-regression.test.ts +429 -0
- package/src/__tests__/runtime/audit-logger.test.ts +154 -0
- package/src/__tests__/runtime/base-extensions.test.ts +593 -0
- package/src/__tests__/runtime/base.test.ts +869 -0
- package/src/__tests__/runtime/delegation-flow.test.ts +164 -0
- package/src/__tests__/runtime/proof-client-did.test.ts +375 -0
- package/src/__tests__/runtime/route-interception.test.ts +686 -0
- package/src/__tests__/runtime/tool-protection-enforcement.test.ts +908 -0
- package/src/__tests__/services/agentshield-integration.test.ts +784 -0
- package/src/__tests__/services/provider-resolver-edge-cases.test.ts +591 -0
- package/src/__tests__/services/tool-protection-oauth-provider.test.ts +480 -0
- package/src/__tests__/services/tool-protection.service.test.ts +1366 -0
- package/src/__tests__/utils/mock-providers.ts +340 -0
- package/src/cache/oauth-config-cache.d.ts +69 -0
- package/src/cache/oauth-config-cache.d.ts.map +1 -0
- package/src/cache/oauth-config-cache.js.map +1 -0
- package/src/cache/oauth-config-cache.ts +123 -0
- package/src/cache/tool-protection-cache.ts +171 -0
- package/src/compliance/EXAMPLE.md +412 -0
- package/src/compliance/__tests__/schema-verifier.test.ts +797 -0
- package/src/compliance/index.ts +8 -0
- package/src/compliance/schema-registry.ts +460 -0
- package/src/compliance/schema-verifier.ts +708 -0
- package/src/config/__tests__/remote-config.spec.ts +268 -0
- package/src/config/remote-config.ts +174 -0
- package/src/config.ts +309 -0
- package/src/delegation/__tests__/audience-validator.test.ts +112 -0
- package/src/delegation/__tests__/bitstring.test.ts +346 -0
- package/src/delegation/__tests__/cascading-revocation.test.ts +628 -0
- package/src/delegation/__tests__/delegation-graph.test.ts +584 -0
- package/src/delegation/__tests__/utils.test.ts +152 -0
- package/src/delegation/__tests__/vc-issuer.test.ts +442 -0
- package/src/delegation/__tests__/vc-verifier.test.ts +922 -0
- package/src/delegation/audience-validator.ts +52 -0
- package/src/delegation/bitstring.ts +278 -0
- package/src/delegation/cascading-revocation.ts +370 -0
- package/src/delegation/delegation-graph.ts +299 -0
- package/src/delegation/index.ts +14 -0
- package/src/delegation/statuslist-manager.ts +353 -0
- package/src/delegation/storage/__tests__/memory-graph-storage.test.ts +366 -0
- package/src/delegation/storage/__tests__/memory-statuslist-storage.test.ts +228 -0
- package/src/delegation/storage/index.ts +9 -0
- package/src/delegation/storage/memory-graph-storage.ts +178 -0
- package/src/delegation/storage/memory-statuslist-storage.ts +77 -0
- package/src/delegation/utils.ts +42 -0
- package/src/delegation/vc-issuer.ts +232 -0
- package/src/delegation/vc-verifier.ts +568 -0
- package/src/identity/idp-token-resolver.ts +147 -0
- package/src/identity/idp-token-storage.interface.ts +59 -0
- package/src/identity/user-did-manager.ts +370 -0
- package/src/index.ts +260 -0
- package/src/providers/base.d.ts +91 -0
- package/src/providers/base.d.ts.map +1 -0
- package/src/providers/base.js.map +1 -0
- package/src/providers/base.ts +96 -0
- package/src/providers/memory.ts +142 -0
- package/src/runtime/audit-logger.ts +39 -0
- package/src/runtime/base.ts +1329 -0
- package/src/services/__tests__/access-control.integration.test.ts +443 -0
- package/src/services/__tests__/access-control.proof-response-validation.test.ts +578 -0
- package/src/services/__tests__/access-control.service.test.ts +970 -0
- package/src/services/__tests__/batch-delegation.service.test.ts +351 -0
- package/src/services/__tests__/crypto.service.test.ts +531 -0
- package/src/services/__tests__/oauth-provider-registry.test.ts +142 -0
- package/src/services/__tests__/proof-verifier.integration.test.ts +485 -0
- package/src/services/__tests__/proof-verifier.test.ts +489 -0
- package/src/services/__tests__/provider-resolution.integration.test.ts +202 -0
- package/src/services/__tests__/provider-resolver.test.ts +213 -0
- package/src/services/__tests__/storage.service.test.ts +358 -0
- package/src/services/access-control.service.ts +990 -0
- package/src/services/authorization/authorization-registry.ts +66 -0
- package/src/services/authorization/types.ts +71 -0
- package/src/services/batch-delegation.service.ts +137 -0
- package/src/services/crypto.service.ts +302 -0
- package/src/services/errors.ts +76 -0
- package/src/services/index.ts +9 -0
- package/src/services/oauth-config.service.d.ts +53 -0
- package/src/services/oauth-config.service.d.ts.map +1 -0
- package/src/services/oauth-config.service.js.map +1 -0
- package/src/services/oauth-config.service.ts +169 -0
- package/src/services/oauth-provider-registry.d.ts +57 -0
- package/src/services/oauth-provider-registry.d.ts.map +1 -0
- package/src/services/oauth-provider-registry.js.map +1 -0
- package/src/services/oauth-provider-registry.ts +141 -0
- package/src/services/oauth-service.ts +510 -0
- package/src/services/oauth-token-retrieval.service.ts +245 -0
- package/src/services/proof-verifier.ts +478 -0
- package/src/services/provider-resolver.d.ts +48 -0
- package/src/services/provider-resolver.d.ts.map +1 -0
- package/src/services/provider-resolver.js.map +1 -0
- package/src/services/provider-resolver.ts +146 -0
- package/src/services/provider-validator.ts +170 -0
- package/src/services/storage.service.ts +566 -0
- package/src/services/tool-context-builder.ts +172 -0
- package/src/services/tool-protection.service.ts +958 -0
- package/src/types/oauth-required-error.ts +63 -0
- package/src/types/tool-protection.ts +155 -0
- package/src/utils/__tests__/did-helpers.test.ts +101 -0
- package/src/utils/base64.ts +148 -0
- package/src/utils/cors.ts +83 -0
- package/src/utils/did-helpers.ts +150 -0
- package/src/utils/index.ts +8 -0
- package/src/utils/storage-keys.ts +278 -0
- package/tsconfig.json +21 -0
- package/vitest.config.ts +56 -0
|
@@ -4,7 +4,6 @@
|
|
|
4
4
|
* These mock implementations allow controlled testing of the runtime
|
|
5
5
|
* and other components that depend on providers.
|
|
6
6
|
*/
|
|
7
|
-
import { vi } from 'vitest';
|
|
8
7
|
import { CryptoProvider, ClockProvider, FetchProvider, StorageProvider, NonceCacheProvider, IdentityProvider, AgentIdentity } from '../../providers/base';
|
|
9
8
|
/**
|
|
10
9
|
* Mock Crypto Provider
|
|
@@ -38,7 +37,7 @@ export declare class MockFetchProvider extends FetchProvider {
|
|
|
38
37
|
private didDocuments;
|
|
39
38
|
private statusLists;
|
|
40
39
|
private delegationChains;
|
|
41
|
-
fetch:
|
|
40
|
+
fetch: (url: string, options?: any) => Promise<Response>;
|
|
42
41
|
constructor();
|
|
43
42
|
setDIDDocument(did: string, doc: any): void;
|
|
44
43
|
setStatusList(url: string, list: any): void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mock-providers.d.ts","sourceRoot":"","sources":["../../../src/__tests__/utils/mock-providers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;
|
|
1
|
+
{"version":3,"file":"mock-providers.d.ts","sourceRoot":"","sources":["../../../src/__tests__/utils/mock-providers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,aAAa,EACd,MAAM,sBAAsB,CAAC;AAE9B;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,cAAc;IAC9C,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAK/D,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMpF,eAAe,IAAI,OAAO,CAAC;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;IAwBrE,IAAI,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAK3C,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;CAOvD;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,aAAa;IAClD,OAAO,CAAC,WAAW,CAAsB;IAEzC,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAIhC,GAAG,IAAI,MAAM;IAIb,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO;IAK7D,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAItC,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;IAI3C,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;CAGlC;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,aAAa;IAClD,OAAO,CAAC,YAAY,CAA+B;IACnD,OAAO,CAAC,WAAW,CAA+B;IAClD,OAAO,CAAC,gBAAgB,CAAiC;IAClD,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;;IAehE,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI;IAI3C,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,IAAI;IAI3C,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,IAAI;IAI5C,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAQrC,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAQ1C,oBAAoB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;CAOvD;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,eAAe;IACtD,OAAO,CAAC,KAAK,CAAkC;IAEzC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIxC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIrC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAS9C,KAAK,IAAI,IAAI;CAGd;AAED;;GAEG;AACH,qBAAa,sBAAuB,SAAQ,kBAAkB;IAC5D,OAAO,CAAC,MAAM,CAAkC;IACzC,aAAa,UAAS;IACtB,aAAa,UAAS;IAC7B,OAAO,CAAC,KAAK,CAAC,CAAgB;IAE9B,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI;IAI9B,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAcvD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQxE,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAUxB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAM9B,KAAK,IAAI,IAAI;IAIb,IAAI,IAAI,MAAM;CAGf;AAED;;GAEG;AACH,qBAAa,oBAAqB,SAAQ,gBAAgB;IACxD,OAAO,CAAC,QAAQ,CAAC,CAAgB;IAC1B,gBAAgB,UAAS;IACzB,oBAAoB,UAAS;IACpC,OAAO,CAAC,WAAW,CAAK;gBAEZ,QAAQ,CAAC,EAAE,aAAa;IAK9B,WAAW,IAAI,OAAO,CAAC,aAAa,CAAC;IAerC,YAAY,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpD,UAAU,IAAI,OAAO,CAAC,aAAa,CAAC;IAepC,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IAMrC,WAAW,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI;CAG3C;AAED;;GAEG;AACH,wBAAgB,mBAAmB;;;;;;;EAmBlC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mock-providers.js","sourceRoot":"","sources":["../../../src/__tests__/utils/mock-providers.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA2TH,kDAmBC;AA5UD,mCAA4B;AAC5B,+CAQ8B;AAE9B;;GAEG;AACH,MAAa,kBAAmB,SAAQ,qBAAc;IACpD,KAAK,CAAC,IAAI,CAAC,IAAgB,EAAE,UAAkB;QAC7C,wBAAwB;QACxB,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAgB,EAAE,SAAqB,EAAE,SAAiB;QACrE,iEAAiE;QACjE,oEAAoE;QACpE,OAAO,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAC5E,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,iDAAiD;QACjD,4EAA4E;QAC5E,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QACnD,CAAC;QAED,6EAA6E;QAC7E,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAErE,wEAAwE;QACxE,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEpE,OAAO;YACL,UAAU,EAAE,gBAAgB;YAC5B,SAAS,EAAE,eAAe;SAC3B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAgB;QACzB,mBAAmB;QACnB,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc;QAC9B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;QACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAhDD,gDAgDC;AAED;;GAEG;AACH,MAAa,iBAAkB,SAAQ,oBAAa;IAC1C,WAAW,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzC,OAAO,CAAC,SAAiB;QACvB,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;IAC/B,CAAC;IAED,GAAG;QACD,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,YAAY,CAAC,SAAiB,EAAE,WAAmB;QACjD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC,CAAC;QACpD,OAAO,IAAI,IAAI,WAAW,GAAG,IAAI,CAAC;IACpC,CAAC;IAED,UAAU,CAAC,SAAiB;QAC1B,OAAO,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;IACtC,CAAC;IAED,eAAe,CAAC,UAAkB;QAChC,OAAO,IAAI,CAAC,WAAW,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,CAAC,SAAiB;QACtB,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3C,CAAC;CACF;AA3BD,8CA2BC;AAED;;GAEG;AACH,MAAa,iBAAkB,SAAQ,oBAAa;IAC1C,YAAY,GAAqB,IAAI,GAAG,EAAE,CAAC;IAC3C,WAAW,GAAqB,IAAI,GAAG,EAAE,CAAC;IAC1C,gBAAgB,GAAuB,IAAI,GAAG,EAAE,CAAC;IAClD,KAAK,
|
|
1
|
+
{"version":3,"file":"mock-providers.js","sourceRoot":"","sources":["../../../src/__tests__/utils/mock-providers.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA2TH,kDAmBC;AA5UD,mCAA4B;AAC5B,+CAQ8B;AAE9B;;GAEG;AACH,MAAa,kBAAmB,SAAQ,qBAAc;IACpD,KAAK,CAAC,IAAI,CAAC,IAAgB,EAAE,UAAkB;QAC7C,wBAAwB;QACxB,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAgB,EAAE,SAAqB,EAAE,SAAiB;QACrE,iEAAiE;QACjE,oEAAoE;QACpE,OAAO,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAC5E,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,iDAAiD;QACjD,4EAA4E;QAC5E,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QACnD,CAAC;QAED,6EAA6E;QAC7E,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAErE,wEAAwE;QACxE,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEpE,OAAO;YACL,UAAU,EAAE,gBAAgB;YAC5B,SAAS,EAAE,eAAe;SAC3B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAgB;QACzB,mBAAmB;QACnB,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc;QAC9B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;QACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAhDD,gDAgDC;AAED;;GAEG;AACH,MAAa,iBAAkB,SAAQ,oBAAa;IAC1C,WAAW,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzC,OAAO,CAAC,SAAiB;QACvB,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;IAC/B,CAAC;IAED,GAAG;QACD,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,YAAY,CAAC,SAAiB,EAAE,WAAmB;QACjD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC,CAAC;QACpD,OAAO,IAAI,IAAI,WAAW,GAAG,IAAI,CAAC;IACpC,CAAC;IAED,UAAU,CAAC,SAAiB;QAC1B,OAAO,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;IACtC,CAAC;IAED,eAAe,CAAC,UAAkB;QAChC,OAAO,IAAI,CAAC,WAAW,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,CAAC,SAAiB;QACtB,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3C,CAAC;CACF;AA3BD,8CA2BC;AAED;;GAEG;AACH,MAAa,iBAAkB,SAAQ,oBAAa;IAC1C,YAAY,GAAqB,IAAI,GAAG,EAAE,CAAC;IAC3C,WAAW,GAAqB,IAAI,GAAG,EAAE,CAAC;IAC1C,gBAAgB,GAAuB,IAAI,GAAG,EAAE,CAAC;IAClD,KAAK,CAAoD;IAEhE;QACE,KAAK,EAAE,CAAC;QACR,8EAA8E;QAC9E,IAAI,CAAC,KAAK,GAAG,WAAE,CAAC,EAAE,CAAC,KAAK,EAAE,GAAW,EAAE,OAAa,EAAqB,EAAE;YACzE,uBAAuB;YACvB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE;gBACpD,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CAAC,CAAC;QACL,CAAC,CAAQ,CAAC;IACZ,CAAC;IAED,eAAe;IACf,cAAc,CAAC,GAAW,EAAE,GAAQ;QAClC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAClC,CAAC;IAED,aAAa,CAAC,GAAW,EAAE,IAAS;QAClC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,kBAAkB,CAAC,EAAU,EAAE,KAAY;QACzC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,GAAW;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,KAAK,CAAC,OAAO,GAAG,YAAY,CAAC,CAAC;QAC1C,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,GAAW;QAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,eAAe,GAAG,YAAY,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,EAAU;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,oBAAoB,EAAE,YAAY,CAAC,CAAC;QACtD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAtDD,8CAsDC;AAED;;GAEG;AACH,MAAa,mBAAoB,SAAQ,sBAAe;IAC9C,KAAK,GAAwB,IAAI,GAAG,EAAE,CAAC;IAE/C,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAa;QAClC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,MAAe;QACxB,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,cAAc;IACd,KAAK;QACH,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACF;AA/BD,kDA+BC;AAED;;GAEG;AACH,MAAa,sBAAuB,SAAQ,yBAAkB;IACpD,MAAM,GAAwB,IAAI,GAAG,EAAE,CAAC;IACzC,aAAa,GAAG,KAAK,CAAC;IACtB,aAAa,GAAG,KAAK,CAAC;IACrB,KAAK,CAAiB;IAE9B,QAAQ,CAAC,KAAoB;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAa,EAAE,QAAiB;QACxC,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,SAAS,QAAQ,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,EAAE,CAAC;QACvE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAE1B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACvD,IAAI,GAAG,GAAG,MAAM,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAa,EAAE,UAAkB,EAAE,QAAiB;QAC5D,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,SAAS,QAAQ,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,EAAE,CAAC;QACvE,mEAAmE;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACvD,MAAM,SAAS,GAAG,GAAG,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACvD,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAC1C,IAAI,GAAG,GAAG,MAAM,EAAE,CAAC;gBACjB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,cAAc;IACd,KAAK;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;IAED,IAAI;QACF,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;IAC1B,CAAC;CACF;AAvDD,wDAuDC;AAED;;GAEG;AACH,MAAa,oBAAqB,SAAQ,uBAAgB;IAChD,QAAQ,CAAiB;IAC1B,gBAAgB,GAAG,KAAK,CAAC;IACzB,oBAAoB,GAAG,KAAK,CAAC;IAC5B,WAAW,GAAG,CAAC,CAAC;IAExB,YAAY,QAAwB;QAClC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC,QAAQ,GAAG;gBACd,GAAG,EAAE,kBAAkB;gBACvB,GAAG,EAAE,wBAAwB;gBAC7B,UAAU,EAAE,kBAAkB;gBAC9B,SAAS,EAAE,iBAAiB;gBAC5B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACzB,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,QAAuB;QACxC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC7B,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,IAAI,CAAC,QAAQ,GAAG;YACd,GAAG,EAAE,oBAAoB,IAAI,CAAC,WAAW,EAAE;YAC3C,GAAG,EAAE,oBAAoB,IAAI,CAAC,WAAW,QAAQ;YACjD,UAAU,EAAE,4BAA4B,IAAI,CAAC,WAAW,EAAE;YAC1D,SAAS,EAAE,2BAA2B,IAAI,CAAC,WAAW,EAAE;YACxD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE;SACvE,CAAC;QACF,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;IAC5B,CAAC;IAED,cAAc;IACd,WAAW,CAAC,QAAuB;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF;AAtDD,oDAsDC;AAED;;GAEG;AACH,SAAgB,mBAAmB;IACjC,MAAM,cAAc,GAAG,IAAI,kBAAkB,EAAE,CAAC;IAChD,MAAM,aAAa,GAAG,IAAI,iBAAiB,EAAE,CAAC;IAC9C,MAAM,aAAa,GAAG,IAAI,iBAAiB,EAAE,CAAC;IAC9C,MAAM,eAAe,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAClD,MAAM,kBAAkB,GAAG,IAAI,sBAAsB,EAAE,CAAC;IACxD,MAAM,gBAAgB,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAEpD,mDAAmD;IACnD,kBAAkB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;IAE3C,OAAO;QACL,cAAc;QACd,aAAa;QACb,aAAa;QACb,eAAe;QACf,kBAAkB;QAClB,gBAAgB;KACjB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Platform-agnostic cache interface for OAuth provider configurations
|
|
3
|
+
*
|
|
4
|
+
* This interface allows different runtime adapters to provide their own
|
|
5
|
+
* caching implementations (e.g., in-memory for Node.js, KV for Cloudflare)
|
|
6
|
+
*
|
|
7
|
+
* @package @kya-os/mcp-i-core
|
|
8
|
+
*/
|
|
9
|
+
import type { OAuthConfig } from "@kya-os/contracts/config";
|
|
10
|
+
/**
|
|
11
|
+
* Cache interface for storing and retrieving OAuth provider configurations
|
|
12
|
+
*/
|
|
13
|
+
export interface OAuthConfigCache {
|
|
14
|
+
/**
|
|
15
|
+
* Retrieve a cached OAuth configuration
|
|
16
|
+
* @param key Cache key (typically projectId)
|
|
17
|
+
* @returns Cached config or null if not found/expired
|
|
18
|
+
*/
|
|
19
|
+
get(key: string): Promise<OAuthConfig | null>;
|
|
20
|
+
/**
|
|
21
|
+
* Store an OAuth configuration in cache
|
|
22
|
+
* @param key Cache key (typically projectId)
|
|
23
|
+
* @param value OAuth configuration to cache
|
|
24
|
+
* @param ttl Time-to-live in milliseconds
|
|
25
|
+
*/
|
|
26
|
+
set(key: string, value: OAuthConfig, ttl: number): Promise<void>;
|
|
27
|
+
/**
|
|
28
|
+
* Clear all cached entries
|
|
29
|
+
*/
|
|
30
|
+
clear(): Promise<void>;
|
|
31
|
+
/**
|
|
32
|
+
* Remove a specific cache entry
|
|
33
|
+
* @param key Cache key to remove
|
|
34
|
+
*/
|
|
35
|
+
delete(key: string): Promise<void>;
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* In-memory cache implementation
|
|
39
|
+
*
|
|
40
|
+
* Suitable for:
|
|
41
|
+
* - Node.js runtimes
|
|
42
|
+
* - Development/testing
|
|
43
|
+
* - Single-instance deployments
|
|
44
|
+
*
|
|
45
|
+
* NOT suitable for:
|
|
46
|
+
* - Multi-instance deployments (cache not shared)
|
|
47
|
+
* - Serverless environments (state not persisted)
|
|
48
|
+
*/
|
|
49
|
+
export declare class InMemoryOAuthConfigCache implements OAuthConfigCache {
|
|
50
|
+
private cache;
|
|
51
|
+
get(key: string): Promise<OAuthConfig | null>;
|
|
52
|
+
set(key: string, value: OAuthConfig, ttl: number): Promise<void>;
|
|
53
|
+
clear(): Promise<void>;
|
|
54
|
+
delete(key: string): Promise<void>;
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* No-op cache implementation (disables caching)
|
|
58
|
+
*
|
|
59
|
+
* Use when:
|
|
60
|
+
* - You want to disable caching entirely
|
|
61
|
+
* - Testing scenarios that require fresh data
|
|
62
|
+
*/
|
|
63
|
+
export declare class NoOpOAuthConfigCache implements OAuthConfigCache {
|
|
64
|
+
get(_key: string): Promise<OAuthConfig | null>;
|
|
65
|
+
set(_key: string, _value: OAuthConfig, _ttl: number): Promise<void>;
|
|
66
|
+
clear(): Promise<void>;
|
|
67
|
+
delete(_key: string): Promise<void>;
|
|
68
|
+
}
|
|
69
|
+
//# sourceMappingURL=oauth-config-cache.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-config-cache.d.ts","sourceRoot":"","sources":["../../src/cache/oauth-config-cache.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IAE9C;;;;;OAKG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvB;;;OAGG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpC;AAED;;;;;;;;;;;GAWG;AACH,qBAAa,wBAAyB,YAAW,gBAAgB;IAC/D,OAAO,CAAC,KAAK,CAGT;IAEE,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAgB7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAShE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAItB,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGzC;AAED;;;;;;GAMG;AACH,qBAAa,oBAAqB,YAAW,gBAAgB;IACrD,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAI9C,GAAG,CACP,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,WAAW,EACnB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC;IAIV,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAItB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAG1C"}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Platform-agnostic cache interface for OAuth provider configurations
|
|
4
|
+
*
|
|
5
|
+
* This interface allows different runtime adapters to provide their own
|
|
6
|
+
* caching implementations (e.g., in-memory for Node.js, KV for Cloudflare)
|
|
7
|
+
*
|
|
8
|
+
* @package @kya-os/mcp-i-core
|
|
9
|
+
*/
|
|
10
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
+
exports.NoOpOAuthConfigCache = exports.InMemoryOAuthConfigCache = void 0;
|
|
12
|
+
/**
|
|
13
|
+
* In-memory cache implementation
|
|
14
|
+
*
|
|
15
|
+
* Suitable for:
|
|
16
|
+
* - Node.js runtimes
|
|
17
|
+
* - Development/testing
|
|
18
|
+
* - Single-instance deployments
|
|
19
|
+
*
|
|
20
|
+
* NOT suitable for:
|
|
21
|
+
* - Multi-instance deployments (cache not shared)
|
|
22
|
+
* - Serverless environments (state not persisted)
|
|
23
|
+
*/
|
|
24
|
+
class InMemoryOAuthConfigCache {
|
|
25
|
+
cache = new Map();
|
|
26
|
+
async get(key) {
|
|
27
|
+
const entry = this.cache.get(key);
|
|
28
|
+
if (!entry) {
|
|
29
|
+
return null;
|
|
30
|
+
}
|
|
31
|
+
// Check if expired
|
|
32
|
+
if (Date.now() > entry.expiresAt) {
|
|
33
|
+
this.cache.delete(key);
|
|
34
|
+
return null;
|
|
35
|
+
}
|
|
36
|
+
return entry.value;
|
|
37
|
+
}
|
|
38
|
+
async set(key, value, ttl) {
|
|
39
|
+
// If TTL is <= 0, don't store (entry would be immediately expired)
|
|
40
|
+
if (ttl <= 0) {
|
|
41
|
+
return;
|
|
42
|
+
}
|
|
43
|
+
const expiresAt = Date.now() + ttl;
|
|
44
|
+
this.cache.set(key, { value, expiresAt });
|
|
45
|
+
}
|
|
46
|
+
async clear() {
|
|
47
|
+
this.cache.clear();
|
|
48
|
+
}
|
|
49
|
+
async delete(key) {
|
|
50
|
+
this.cache.delete(key);
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
exports.InMemoryOAuthConfigCache = InMemoryOAuthConfigCache;
|
|
54
|
+
/**
|
|
55
|
+
* No-op cache implementation (disables caching)
|
|
56
|
+
*
|
|
57
|
+
* Use when:
|
|
58
|
+
* - You want to disable caching entirely
|
|
59
|
+
* - Testing scenarios that require fresh data
|
|
60
|
+
*/
|
|
61
|
+
class NoOpOAuthConfigCache {
|
|
62
|
+
async get(_key) {
|
|
63
|
+
return null;
|
|
64
|
+
}
|
|
65
|
+
async set(_key, _value, _ttl) {
|
|
66
|
+
// No-op
|
|
67
|
+
}
|
|
68
|
+
async clear() {
|
|
69
|
+
// No-op
|
|
70
|
+
}
|
|
71
|
+
async delete(_key) {
|
|
72
|
+
// No-op
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
exports.NoOpOAuthConfigCache = NoOpOAuthConfigCache;
|
|
76
|
+
//# sourceMappingURL=oauth-config-cache.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-config-cache.js","sourceRoot":"","sources":["../../src/cache/oauth-config-cache.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAmCH;;;;;;;;;;;GAWG;AACH,MAAa,wBAAwB;IAC3B,KAAK,GAAG,IAAI,GAAG,EAGpB,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAElC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC,KAAK,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAkB,EAAE,GAAW;QACpD,mEAAmE;QACnE,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC;QACnC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;CACF;AAtCD,4DAsCC;AAED;;;;;;GAMG;AACH,MAAa,oBAAoB;IAC/B,KAAK,CAAC,GAAG,CAAC,IAAY;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,GAAG,CACP,IAAY,EACZ,MAAmB,EACnB,IAAY;QAEZ,QAAQ;IACV,CAAC;IAED,KAAK,CAAC,KAAK;QACT,QAAQ;IACV,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAY;QACvB,QAAQ;IACV,CAAC;CACF;AApBD,oDAoBC"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* IDP Token Resolver
|
|
3
|
+
*
|
|
4
|
+
* Resolves User DID to IDP access token (MH-7 requirement).
|
|
5
|
+
* Handles token lookup, expiration checking, and automatic refresh.
|
|
6
|
+
*
|
|
7
|
+
* @package @kya-os/mcp-i-core
|
|
8
|
+
*/
|
|
9
|
+
import type { IdpTokens } from "@kya-os/contracts/config";
|
|
10
|
+
import type { IIdpTokenStorage } from "./idp-token-storage.interface.js";
|
|
11
|
+
export interface IdpTokenResolverConfig {
|
|
12
|
+
/** Token storage implementation */
|
|
13
|
+
tokenStorage: IIdpTokenStorage;
|
|
14
|
+
/** OAuth service for token refresh */
|
|
15
|
+
oauthService: {
|
|
16
|
+
refreshToken(provider: string, refreshToken: string): Promise<IdpTokens | null>;
|
|
17
|
+
};
|
|
18
|
+
/** Optional logger callback for diagnostics */
|
|
19
|
+
logger?: (message: string, data?: unknown) => void;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Service for resolving User DID to IDP access token
|
|
23
|
+
*
|
|
24
|
+
* MH-7 Requirement: resolveTokenFromDid(userDid: string): Promise<string>
|
|
25
|
+
*
|
|
26
|
+
* This service implements the core MH-7 functionality:
|
|
27
|
+
* - Resolves User DID to IDP access token
|
|
28
|
+
* - Handles token expiration and automatic refresh
|
|
29
|
+
* - Supports multiple IDP providers
|
|
30
|
+
*/
|
|
31
|
+
export declare class IdpTokenResolver {
|
|
32
|
+
private config;
|
|
33
|
+
constructor(config: IdpTokenResolverConfig);
|
|
34
|
+
/**
|
|
35
|
+
* Resolve User DID to IDP access token
|
|
36
|
+
*
|
|
37
|
+
* MH-7 Requirement: resolveTokenFromDid(userDid: string): Promise<string>
|
|
38
|
+
*
|
|
39
|
+
* Flow:
|
|
40
|
+
* 1. Look up token from storage
|
|
41
|
+
* 2. Check expiration
|
|
42
|
+
* 3. Auto-refresh if expired and refresh_token available
|
|
43
|
+
* 4. Update storage after refresh
|
|
44
|
+
* 5. Return access_token or null
|
|
45
|
+
*
|
|
46
|
+
* @param userDid - User DID to resolve
|
|
47
|
+
* @param provider - OAuth provider name (e.g., "github", "google")
|
|
48
|
+
* @param scopes - Required scopes for token
|
|
49
|
+
* @returns Access token or null if not found/expired
|
|
50
|
+
*/
|
|
51
|
+
resolveTokenFromDid(userDid: string, provider: string, scopes: string[]): Promise<string | null>;
|
|
52
|
+
}
|
|
53
|
+
//# sourceMappingURL=idp-token-resolver.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"idp-token-resolver.d.ts","sourceRoot":"","sources":["../../src/identity/idp-token-resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAEzE,MAAM,WAAW,sBAAsB;IACrC,mCAAmC;IACnC,YAAY,EAAE,gBAAgB,CAAC;IAE/B,sCAAsC;IACtC,YAAY,EAAE;QACZ,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;KACjF,CAAC;IAEF,+CAA+C;IAC/C,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;CACpD;AAED;;;;;;;;;GASG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAEZ;gBAEU,MAAM,EAAE,sBAAsB;IAQ1C;;;;;;;;;;;;;;;;OAgBG;IACG,mBAAmB,CACvB,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAAE,GACf,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;CA4E1B"}
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* IDP Token Resolver
|
|
4
|
+
*
|
|
5
|
+
* Resolves User DID to IDP access token (MH-7 requirement).
|
|
6
|
+
* Handles token lookup, expiration checking, and automatic refresh.
|
|
7
|
+
*
|
|
8
|
+
* @package @kya-os/mcp-i-core
|
|
9
|
+
*/
|
|
10
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
+
exports.IdpTokenResolver = void 0;
|
|
12
|
+
/**
|
|
13
|
+
* Service for resolving User DID to IDP access token
|
|
14
|
+
*
|
|
15
|
+
* MH-7 Requirement: resolveTokenFromDid(userDid: string): Promise<string>
|
|
16
|
+
*
|
|
17
|
+
* This service implements the core MH-7 functionality:
|
|
18
|
+
* - Resolves User DID to IDP access token
|
|
19
|
+
* - Handles token expiration and automatic refresh
|
|
20
|
+
* - Supports multiple IDP providers
|
|
21
|
+
*/
|
|
22
|
+
class IdpTokenResolver {
|
|
23
|
+
config;
|
|
24
|
+
constructor(config) {
|
|
25
|
+
this.config = {
|
|
26
|
+
tokenStorage: config.tokenStorage,
|
|
27
|
+
oauthService: config.oauthService,
|
|
28
|
+
logger: config.logger || (() => { }),
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Resolve User DID to IDP access token
|
|
33
|
+
*
|
|
34
|
+
* MH-7 Requirement: resolveTokenFromDid(userDid: string): Promise<string>
|
|
35
|
+
*
|
|
36
|
+
* Flow:
|
|
37
|
+
* 1. Look up token from storage
|
|
38
|
+
* 2. Check expiration
|
|
39
|
+
* 3. Auto-refresh if expired and refresh_token available
|
|
40
|
+
* 4. Update storage after refresh
|
|
41
|
+
* 5. Return access_token or null
|
|
42
|
+
*
|
|
43
|
+
* @param userDid - User DID to resolve
|
|
44
|
+
* @param provider - OAuth provider name (e.g., "github", "google")
|
|
45
|
+
* @param scopes - Required scopes for token
|
|
46
|
+
* @returns Access token or null if not found/expired
|
|
47
|
+
*/
|
|
48
|
+
async resolveTokenFromDid(userDid, provider, scopes) {
|
|
49
|
+
// 1. Look up token from storage
|
|
50
|
+
const storedToken = await this.config.tokenStorage.getToken(userDid, provider, scopes);
|
|
51
|
+
if (!storedToken) {
|
|
52
|
+
this.config.logger("[IdpTokenResolver] Token not found", {
|
|
53
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
54
|
+
provider,
|
|
55
|
+
scopes,
|
|
56
|
+
});
|
|
57
|
+
return null;
|
|
58
|
+
}
|
|
59
|
+
// 2. Check expiration
|
|
60
|
+
const now = Date.now();
|
|
61
|
+
if (storedToken.expires_at < now) {
|
|
62
|
+
this.config.logger("[IdpTokenResolver] Token expired, attempting refresh", {
|
|
63
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
64
|
+
provider,
|
|
65
|
+
expiresAt: new Date(storedToken.expires_at).toISOString(),
|
|
66
|
+
hasRefreshToken: !!storedToken.refresh_token,
|
|
67
|
+
});
|
|
68
|
+
// 3. Refresh if refresh_token available
|
|
69
|
+
if (storedToken.refresh_token) {
|
|
70
|
+
const refreshed = await this.config.oauthService.refreshToken(provider, storedToken.refresh_token);
|
|
71
|
+
if (refreshed) {
|
|
72
|
+
// 4. Update storage with new tokens
|
|
73
|
+
await this.config.tokenStorage.storeToken(userDid, provider, scopes, refreshed);
|
|
74
|
+
this.config.logger("[IdpTokenResolver] Token refreshed successfully", {
|
|
75
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
76
|
+
provider,
|
|
77
|
+
expiresAt: new Date(refreshed.expires_at).toISOString(),
|
|
78
|
+
});
|
|
79
|
+
// 5. Return new access_token
|
|
80
|
+
return refreshed.access_token;
|
|
81
|
+
}
|
|
82
|
+
else {
|
|
83
|
+
this.config.logger("[IdpTokenResolver] Token refresh failed", {
|
|
84
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
85
|
+
provider,
|
|
86
|
+
});
|
|
87
|
+
return null;
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
else {
|
|
91
|
+
this.config.logger("[IdpTokenResolver] Token expired and no refresh token", {
|
|
92
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
93
|
+
provider,
|
|
94
|
+
});
|
|
95
|
+
return null;
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
// 4. Return valid access_token
|
|
99
|
+
this.config.logger("[IdpTokenResolver] Token resolved successfully", {
|
|
100
|
+
userDid: userDid.substring(0, 20) + "...",
|
|
101
|
+
provider,
|
|
102
|
+
expiresAt: new Date(storedToken.expires_at).toISOString(),
|
|
103
|
+
});
|
|
104
|
+
return storedToken.access_token;
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
exports.IdpTokenResolver = IdpTokenResolver;
|
|
108
|
+
//# sourceMappingURL=idp-token-resolver.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"idp-token-resolver.js","sourceRoot":"","sources":["../../src/identity/idp-token-resolver.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAkBH;;;;;;;;;GASG;AACH,MAAa,gBAAgB;IACnB,MAAM,CAEZ;IAEF,YAAY,MAA8B;QACxC,IAAI,CAAC,MAAM,GAAG;YACZ,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;SACpC,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,mBAAmB,CACvB,OAAe,EACf,QAAgB,EAChB,MAAgB;QAEhB,gCAAgC;QAChC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CACzD,OAAO,EACP,QAAQ,EACR,MAAM,CACP,CAAC;QAEF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,oCAAoC,EAAE;gBACvD,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACzC,QAAQ;gBACR,MAAM;aACP,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sBAAsB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,WAAW,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC;YACjC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,sDAAsD,EAAE;gBACzE,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACzC,QAAQ;gBACR,SAAS,EAAE,IAAI,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;gBACzD,eAAe,EAAE,CAAC,CAAC,WAAW,CAAC,aAAa;aAC7C,CAAC,CAAC;YAEH,wCAAwC;YACxC,IAAI,WAAW,CAAC,aAAa,EAAE,CAAC;gBAC9B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAC3D,QAAQ,EACR,WAAW,CAAC,aAAa,CAC1B,CAAC;gBAEF,IAAI,SAAS,EAAE,CAAC;oBACd,oCAAoC;oBACpC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CACvC,OAAO,EACP,QAAQ,EACR,MAAM,EACN,SAAS,CACV,CAAC;oBAEF,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,iDAAiD,EAAE;wBACpE,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACzC,QAAQ;wBACR,SAAS,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;qBACxD,CAAC,CAAC;oBAEH,6BAA6B;oBAC7B,OAAO,SAAS,CAAC,YAAY,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,yCAAyC,EAAE;wBAC5D,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACzC,QAAQ;qBACT,CAAC,CAAC;oBACH,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,uDAAuD,EAAE;oBAC1E,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;oBACzC,QAAQ;iBACT,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gDAAgD,EAAE;YACnE,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;YACzC,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;SAC1D,CAAC,CAAC;QAEH,OAAO,WAAW,CAAC,YAAY,CAAC;IAClC,CAAC;CACF;AA9GD,4CA8GC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* IDP Token Storage Interface
|
|
3
|
+
*
|
|
4
|
+
* Platform-agnostic interface for storing and retrieving IDP tokens.
|
|
5
|
+
* Platform-specific implementations (Cloudflare KV, Node.js database, etc.)
|
|
6
|
+
* implement this interface.
|
|
7
|
+
*
|
|
8
|
+
* @package @kya-os/mcp-i-core
|
|
9
|
+
*/
|
|
10
|
+
import type { IdpTokens } from "@kya-os/contracts/config";
|
|
11
|
+
/**
|
|
12
|
+
* Interface for IDP token storage
|
|
13
|
+
*/
|
|
14
|
+
export interface IIdpTokenStorage {
|
|
15
|
+
/**
|
|
16
|
+
* Store IDP tokens
|
|
17
|
+
*
|
|
18
|
+
* @param userDid - User DID to associate tokens with
|
|
19
|
+
* @param provider - OAuth provider name
|
|
20
|
+
* @param scopes - Scopes granted for these tokens
|
|
21
|
+
* @param tokens - IDP tokens to store
|
|
22
|
+
*/
|
|
23
|
+
storeToken(userDid: string, provider: string, scopes: string[], tokens: IdpTokens): Promise<void>;
|
|
24
|
+
/**
|
|
25
|
+
* Retrieve IDP tokens
|
|
26
|
+
*
|
|
27
|
+
* @param userDid - User DID to retrieve tokens for
|
|
28
|
+
* @param provider - OAuth provider name
|
|
29
|
+
* @param scopes - Scopes to retrieve tokens for
|
|
30
|
+
* @returns IDP tokens or null if not found
|
|
31
|
+
*/
|
|
32
|
+
getToken(userDid: string, provider: string, scopes: string[]): Promise<IdpTokens | null>;
|
|
33
|
+
/**
|
|
34
|
+
* Delete IDP tokens
|
|
35
|
+
*
|
|
36
|
+
* @param userDid - User DID
|
|
37
|
+
* @param provider - OAuth provider name
|
|
38
|
+
* @param scopes - Scopes
|
|
39
|
+
*/
|
|
40
|
+
deleteToken(userDid: string, provider: string, scopes: string[]): Promise<void>;
|
|
41
|
+
}
|
|
42
|
+
//# sourceMappingURL=idp-token-storage.interface.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"idp-token-storage.interface.d.ts","sourceRoot":"","sources":["../../src/identity/idp-token-storage.interface.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;;;;OAOG;IACH,UAAU,CACR,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAAE,EAChB,MAAM,EAAE,SAAS,GAChB,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjB;;;;;;;OAOG;IACH,QAAQ,CACN,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAAE,GACf,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAE7B;;;;;;OAMG;IACH,WAAW,CACT,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAAE,GACf,OAAO,CAAC,IAAI,CAAC,CAAC;CAClB"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* IDP Token Storage Interface
|
|
4
|
+
*
|
|
5
|
+
* Platform-agnostic interface for storing and retrieving IDP tokens.
|
|
6
|
+
* Platform-specific implementations (Cloudflare KV, Node.js database, etc.)
|
|
7
|
+
* implement this interface.
|
|
8
|
+
*
|
|
9
|
+
* @package @kya-os/mcp-i-core
|
|
10
|
+
*/
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
//# sourceMappingURL=idp-token-storage.interface.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"idp-token-storage.interface.js","sourceRoot":"","sources":["../../src/identity/idp-token-storage.interface.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG"}
|
|
@@ -8,6 +8,27 @@
|
|
|
8
8
|
* requiring user registration or persistent identity.
|
|
9
9
|
*/
|
|
10
10
|
import { CryptoProvider } from '../providers/base';
|
|
11
|
+
/**
|
|
12
|
+
* OAuth identity for persistent user DID lookup
|
|
13
|
+
*/
|
|
14
|
+
export interface OAuthIdentity {
|
|
15
|
+
/**
|
|
16
|
+
* OAuth provider name (e.g., "google", "github", "microsoft")
|
|
17
|
+
*/
|
|
18
|
+
provider: string;
|
|
19
|
+
/**
|
|
20
|
+
* OAuth subject identifier (unique user ID from provider)
|
|
21
|
+
*/
|
|
22
|
+
subject: string;
|
|
23
|
+
/**
|
|
24
|
+
* User's email address from OAuth provider (optional)
|
|
25
|
+
*/
|
|
26
|
+
email?: string;
|
|
27
|
+
/**
|
|
28
|
+
* User's display name from OAuth provider (optional)
|
|
29
|
+
*/
|
|
30
|
+
name?: string;
|
|
31
|
+
}
|
|
11
32
|
/**
|
|
12
33
|
* User DID storage interface
|
|
13
34
|
*/
|
|
@@ -24,6 +45,16 @@ export interface UserDidStorage {
|
|
|
24
45
|
* Delete user DID for a session
|
|
25
46
|
*/
|
|
26
47
|
delete(sessionId: string): Promise<void>;
|
|
48
|
+
/**
|
|
49
|
+
* Get user DID by OAuth identity (optional - for persistent user DID lookup)
|
|
50
|
+
* If not implemented, OAuth-based lookup will be skipped
|
|
51
|
+
*/
|
|
52
|
+
getByOAuth?(provider: string, subject: string): Promise<string | null>;
|
|
53
|
+
/**
|
|
54
|
+
* Store user DID mapping for OAuth identity (optional - for persistent user DID storage)
|
|
55
|
+
* If not implemented, OAuth-based storage will be skipped
|
|
56
|
+
*/
|
|
57
|
+
setByOAuth?(provider: string, subject: string, did: string, ttl?: number): Promise<void>;
|
|
27
58
|
}
|
|
28
59
|
/**
|
|
29
60
|
* User DID Manager configuration
|
|
@@ -61,12 +92,19 @@ export declare class UserDidManager {
|
|
|
61
92
|
* Generate or retrieve user DID for a session
|
|
62
93
|
*
|
|
63
94
|
* If a user DID already exists for the session, it is returned.
|
|
95
|
+
* If OAuth identity is provided, checks for persistent user DID mapping first.
|
|
64
96
|
* Otherwise, a new ephemeral did:key is generated.
|
|
65
97
|
*
|
|
66
98
|
* @param sessionId - MCP session ID
|
|
99
|
+
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
67
100
|
* @returns User DID (did:key format)
|
|
101
|
+
*
|
|
102
|
+
* @remarks
|
|
103
|
+
* - If OAuth identity provided, checks for existing mapping first
|
|
104
|
+
* - Falls back to ephemeral DID generation if OAuth unavailable
|
|
105
|
+
* - Caches result in session storage for performance
|
|
68
106
|
*/
|
|
69
|
-
getOrCreateUserDid(sessionId: string): Promise<string>;
|
|
107
|
+
getOrCreateUserDid(sessionId: string, oauthIdentity?: OAuthIdentity | null): Promise<string>;
|
|
70
108
|
/**
|
|
71
109
|
* Generate a new ephemeral user DID
|
|
72
110
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAE/C;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAE/C;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzC;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAEvE;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC1F;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,OAAO,CAAC,EAAE,cAAc,CAAC;IAEzB;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;;GAKG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,eAAe,CAA6B;gBAExC,MAAM,EAAE,oBAAoB;IAIxC;;;;;;;;;;;;;;;OAeG;IACG,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;IA2GlG;;;;;OAKG;YACW,eAAe;IAkB7B;;;;;OAKG;IACH,OAAO,CAAC,2BAA2B;IAiBnC;;;OAGG;IACH,OAAO,CAAC,YAAY;IAwBpB;;OAEG;IACH,OAAO,CAAC,aAAa;IAerB;;OAEG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkB3D;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAapD;;OAEG;IACH,UAAU,IAAI,IAAI;CAGnB"}
|
|
@@ -26,22 +26,73 @@ class UserDidManager {
|
|
|
26
26
|
* Generate or retrieve user DID for a session
|
|
27
27
|
*
|
|
28
28
|
* If a user DID already exists for the session, it is returned.
|
|
29
|
+
* If OAuth identity is provided, checks for persistent user DID mapping first.
|
|
29
30
|
* Otherwise, a new ephemeral did:key is generated.
|
|
30
31
|
*
|
|
31
32
|
* @param sessionId - MCP session ID
|
|
33
|
+
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
32
34
|
* @returns User DID (did:key format)
|
|
35
|
+
*
|
|
36
|
+
* @remarks
|
|
37
|
+
* - If OAuth identity provided, checks for existing mapping first
|
|
38
|
+
* - Falls back to ephemeral DID generation if OAuth unavailable
|
|
39
|
+
* - Caches result in session storage for performance
|
|
33
40
|
*/
|
|
34
|
-
async getOrCreateUserDid(sessionId) {
|
|
41
|
+
async getOrCreateUserDid(sessionId, oauthIdentity) {
|
|
35
42
|
// Check cache first
|
|
36
43
|
if (this.sessionDidCache.has(sessionId)) {
|
|
37
44
|
return this.sessionDidCache.get(sessionId);
|
|
38
45
|
}
|
|
39
|
-
//
|
|
46
|
+
// PRIORITY 1: If OAuth identity provided, check for persistent user DID mapping
|
|
47
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage?.getByOAuth) {
|
|
48
|
+
try {
|
|
49
|
+
const persistentUserDid = await this.config.storage.getByOAuth(oauthIdentity.provider, oauthIdentity.subject);
|
|
50
|
+
if (persistentUserDid) {
|
|
51
|
+
console.log('[UserDidManager] Found persistent user DID from OAuth mapping:', {
|
|
52
|
+
provider: oauthIdentity.provider,
|
|
53
|
+
userDid: persistentUserDid.substring(0, 20) + '...',
|
|
54
|
+
});
|
|
55
|
+
// Cache it for this session
|
|
56
|
+
this.sessionDidCache.set(sessionId, persistentUserDid);
|
|
57
|
+
// Also store in session storage for faster future lookups
|
|
58
|
+
if (this.config.storage) {
|
|
59
|
+
try {
|
|
60
|
+
await this.config.storage.set(sessionId, persistentUserDid, 1800); // 30 minutes TTL
|
|
61
|
+
}
|
|
62
|
+
catch (error) {
|
|
63
|
+
// Log but continue - DID is cached and will be returned
|
|
64
|
+
console.warn('[UserDidManager] Failed to cache persistent DID in session storage:', error);
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
return persistentUserDid;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
catch (error) {
|
|
71
|
+
// Log but continue - will check session storage or generate new DID
|
|
72
|
+
console.warn('[UserDidManager] OAuth lookup failed, falling back to session storage:', error);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
// PRIORITY 2: Check session storage if available
|
|
40
76
|
if (this.config.storage) {
|
|
41
77
|
try {
|
|
42
78
|
const storedDid = await this.config.storage.get(sessionId);
|
|
43
79
|
if (storedDid) {
|
|
44
80
|
this.sessionDidCache.set(sessionId, storedDid);
|
|
81
|
+
// If OAuth identity provided but no persistent mapping found, create one now
|
|
82
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage.setByOAuth) {
|
|
83
|
+
try {
|
|
84
|
+
await this.config.storage.setByOAuth(oauthIdentity.provider, oauthIdentity.subject, storedDid, 90 * 24 * 60 * 60 // 90 days TTL for persistent mapping
|
|
85
|
+
);
|
|
86
|
+
console.log('[UserDidManager] Created persistent OAuth mapping for existing user DID:', {
|
|
87
|
+
provider: oauthIdentity.provider,
|
|
88
|
+
userDid: storedDid.substring(0, 20) + '...',
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
catch (error) {
|
|
92
|
+
// Log but continue - mapping creation failed, but DID is still valid
|
|
93
|
+
console.warn('[UserDidManager] Failed to create OAuth mapping:', error);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
45
96
|
return storedDid;
|
|
46
97
|
}
|
|
47
98
|
}
|
|
@@ -50,7 +101,7 @@ class UserDidManager {
|
|
|
50
101
|
console.warn('[UserDidManager] Storage.get failed, generating new DID:', error);
|
|
51
102
|
}
|
|
52
103
|
}
|
|
53
|
-
// Generate new user DID
|
|
104
|
+
// PRIORITY 3: Generate new user DID
|
|
54
105
|
const userDid = await this.generateUserDid();
|
|
55
106
|
// Cache it
|
|
56
107
|
this.sessionDidCache.set(sessionId, userDid);
|
|
@@ -64,6 +115,21 @@ class UserDidManager {
|
|
|
64
115
|
console.warn('[UserDidManager] Storage.set failed, continuing with cached DID:', error);
|
|
65
116
|
}
|
|
66
117
|
}
|
|
118
|
+
// If OAuth identity provided, create persistent mapping
|
|
119
|
+
if (oauthIdentity && oauthIdentity.provider && oauthIdentity.subject && this.config.storage?.setByOAuth) {
|
|
120
|
+
try {
|
|
121
|
+
await this.config.storage.setByOAuth(oauthIdentity.provider, oauthIdentity.subject, userDid, 90 * 24 * 60 * 60 // 90 days TTL for persistent mapping
|
|
122
|
+
);
|
|
123
|
+
console.log('[UserDidManager] Created persistent OAuth mapping for new user DID:', {
|
|
124
|
+
provider: oauthIdentity.provider,
|
|
125
|
+
userDid: userDid.substring(0, 20) + '...',
|
|
126
|
+
});
|
|
127
|
+
}
|
|
128
|
+
catch (error) {
|
|
129
|
+
// Log but continue - mapping creation failed, but DID is still valid
|
|
130
|
+
console.warn('[UserDidManager] Failed to create OAuth mapping:', error);
|
|
131
|
+
}
|
|
132
|
+
}
|
|
67
133
|
return userDid;
|
|
68
134
|
}
|
|
69
135
|
/**
|