npm - @kya-os/mcp-i-core - Versions diffs - 1.3.12 → 1.3.14 - Mend

@kya-os/mcp-i-core 1.3.12 → 1.3.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (254) hide show

package/dist/config/remote-config.js +9 -12
package/dist/runtime/base.js +11 -0
package/dist/services/access-control.service.js +5 -0
package/dist/services/tool-protection.service.js +17 -8
package/package.json +2 -2
package/.turbo/turbo-build.log +0 -4
package/.turbo/turbo-test$colon$coverage.log +0 -4586
package/.turbo/turbo-test.log +0 -3169
package/COMPLIANCE_IMPROVEMENT_REPORT.md +0 -483
package/Composer 3.md +0 -615
package/GPT-5.md +0 -1169
package/OPUS-plan.md +0 -352
package/PHASE_3_AND_4.1_SUMMARY.md +0 -585
package/PHASE_3_SUMMARY.md +0 -317
package/PHASE_4.1.3_SUMMARY.md +0 -428
package/PHASE_4.1_COMPLETE.md +0 -525
package/PHASE_4_USER_DID_IDENTITY_LINKING_PLAN.md +0 -1240
package/SCHEMA_COMPLIANCE_REPORT.md +0 -275
package/TEST_PLAN.md +0 -571
package/coverage/coverage-final.json +0 -60
package/dist/cache/oauth-config-cache.d.ts.map +0 -1
package/dist/cache/oauth-config-cache.js.map +0 -1
package/dist/cache/tool-protection-cache.d.ts.map +0 -1
package/dist/cache/tool-protection-cache.js.map +0 -1
package/dist/compliance/index.d.ts.map +0 -1
package/dist/compliance/index.js.map +0 -1
package/dist/compliance/schema-registry.d.ts.map +0 -1
package/dist/compliance/schema-registry.js.map +0 -1
package/dist/compliance/schema-verifier.d.ts.map +0 -1
package/dist/compliance/schema-verifier.js.map +0 -1
package/dist/config/remote-config.d.ts.map +0 -1
package/dist/config/remote-config.js.map +0 -1
package/dist/config.d.ts.map +0 -1
package/dist/config.js.map +0 -1
package/dist/delegation/audience-validator.d.ts.map +0 -1
package/dist/delegation/audience-validator.js.map +0 -1
package/dist/delegation/bitstring.d.ts.map +0 -1
package/dist/delegation/bitstring.js.map +0 -1
package/dist/delegation/cascading-revocation.d.ts.map +0 -1
package/dist/delegation/cascading-revocation.js.map +0 -1
package/dist/delegation/delegation-graph.d.ts.map +0 -1
package/dist/delegation/delegation-graph.js.map +0 -1
package/dist/delegation/did-key-resolver.d.ts.map +0 -1
package/dist/delegation/did-key-resolver.js.map +0 -1
package/dist/delegation/index.d.ts.map +0 -1
package/dist/delegation/index.js.map +0 -1
package/dist/delegation/statuslist-manager.d.ts.map +0 -1
package/dist/delegation/statuslist-manager.js.map +0 -1
package/dist/delegation/storage/index.d.ts.map +0 -1
package/dist/delegation/storage/index.js.map +0 -1
package/dist/delegation/storage/memory-graph-storage.d.ts.map +0 -1
package/dist/delegation/storage/memory-graph-storage.js.map +0 -1
package/dist/delegation/storage/memory-statuslist-storage.d.ts.map +0 -1
package/dist/delegation/storage/memory-statuslist-storage.js.map +0 -1
package/dist/delegation/utils.d.ts.map +0 -1
package/dist/delegation/utils.js.map +0 -1
package/dist/delegation/vc-issuer.d.ts.map +0 -1
package/dist/delegation/vc-issuer.js.map +0 -1
package/dist/delegation/vc-verifier.d.ts.map +0 -1
package/dist/delegation/vc-verifier.js.map +0 -1
package/dist/identity/idp-token-resolver.d.ts.map +0 -1
package/dist/identity/idp-token-resolver.js.map +0 -1
package/dist/identity/idp-token-storage.interface.d.ts.map +0 -1
package/dist/identity/idp-token-storage.interface.js.map +0 -1
package/dist/identity/user-did-manager.d.ts.map +0 -1
package/dist/identity/user-did-manager.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/providers/base.d.ts.map +0 -1
package/dist/providers/base.js.map +0 -1
package/dist/providers/memory.d.ts.map +0 -1
package/dist/providers/memory.js.map +0 -1
package/dist/runtime/audit-logger.d.ts.map +0 -1
package/dist/runtime/audit-logger.js.map +0 -1
package/dist/runtime/base.d.ts.map +0 -1
package/dist/runtime/base.js.map +0 -1
package/dist/services/access-control.service.d.ts.map +0 -1
package/dist/services/access-control.service.js.map +0 -1
package/dist/services/authorization/authorization-registry.d.ts.map +0 -1
package/dist/services/authorization/authorization-registry.js.map +0 -1
package/dist/services/authorization/types.d.ts.map +0 -1
package/dist/services/authorization/types.js.map +0 -1
package/dist/services/batch-delegation.service.d.ts.map +0 -1
package/dist/services/batch-delegation.service.js.map +0 -1
package/dist/services/crypto.service.d.ts.map +0 -1
package/dist/services/crypto.service.js.map +0 -1
package/dist/services/errors.d.ts.map +0 -1
package/dist/services/errors.js.map +0 -1
package/dist/services/index.d.ts.map +0 -1
package/dist/services/index.js.map +0 -1
package/dist/services/oauth-config.service.d.ts.map +0 -1
package/dist/services/oauth-config.service.js.map +0 -1
package/dist/services/oauth-provider-registry.d.ts.map +0 -1
package/dist/services/oauth-provider-registry.js.map +0 -1
package/dist/services/oauth-service.d.ts.map +0 -1
package/dist/services/oauth-service.js.map +0 -1
package/dist/services/oauth-token-retrieval.service.d.ts.map +0 -1
package/dist/services/oauth-token-retrieval.service.js.map +0 -1
package/dist/services/proof-verifier.d.ts.map +0 -1
package/dist/services/proof-verifier.js.map +0 -1
package/dist/services/provider-resolver.d.ts.map +0 -1
package/dist/services/provider-resolver.js.map +0 -1
package/dist/services/provider-validator.d.ts.map +0 -1
package/dist/services/provider-validator.js.map +0 -1
package/dist/services/session-registration.service.d.ts.map +0 -1
package/dist/services/session-registration.service.js.map +0 -1
package/dist/services/storage.service.d.ts.map +0 -1
package/dist/services/storage.service.js.map +0 -1
package/dist/services/tool-context-builder.d.ts.map +0 -1
package/dist/services/tool-context-builder.js.map +0 -1
package/dist/services/tool-protection.service.d.ts.map +0 -1
package/dist/services/tool-protection.service.js.map +0 -1
package/dist/types/oauth-required-error.d.ts.map +0 -1
package/dist/types/oauth-required-error.js.map +0 -1
package/dist/types/tool-protection.d.ts.map +0 -1
package/dist/types/tool-protection.js.map +0 -1
package/dist/utils/base58.d.ts.map +0 -1
package/dist/utils/base58.js.map +0 -1
package/dist/utils/base64.d.ts.map +0 -1
package/dist/utils/base64.js.map +0 -1
package/dist/utils/cors.d.ts.map +0 -1
package/dist/utils/cors.js.map +0 -1
package/dist/utils/did-helpers.d.ts.map +0 -1
package/dist/utils/did-helpers.js.map +0 -1
package/dist/utils/index.d.ts.map +0 -1
package/dist/utils/index.js.map +0 -1
package/dist/utils/storage-keys.d.ts.map +0 -1
package/dist/utils/storage-keys.js.map +0 -1
package/docs/API_REFERENCE.md +0 -1362
package/docs/COMPLIANCE_MATRIX.md +0 -691
package/docs/STATUSLIST2021_GUIDE.md +0 -696
package/docs/W3C_VC_DELEGATION_GUIDE.md +0 -710
package/src/__tests__/cache/tool-protection-cache.test.ts +0 -640
package/src/__tests__/config/provider-runtime-config.test.ts +0 -309
package/src/__tests__/delegation-e2e.test.ts +0 -690
package/src/__tests__/identity/user-did-manager.test.ts +0 -232
package/src/__tests__/index.test.ts +0 -56
package/src/__tests__/integration/full-flow.test.ts +0 -789
package/src/__tests__/integration.test.ts +0 -281
package/src/__tests__/providers/base.test.ts +0 -173
package/src/__tests__/providers/memory.test.ts +0 -319
package/src/__tests__/regression/phase2-regression.test.ts +0 -429
package/src/__tests__/runtime/audit-logger.test.ts +0 -154
package/src/__tests__/runtime/base-extensions.test.ts +0 -595
package/src/__tests__/runtime/base.test.ts +0 -869
package/src/__tests__/runtime/delegation-flow.test.ts +0 -164
package/src/__tests__/runtime/proof-client-did.test.ts +0 -376
package/src/__tests__/runtime/route-interception.test.ts +0 -686
package/src/__tests__/runtime/tool-protection-enforcement.test.ts +0 -908
package/src/__tests__/services/agentshield-integration.test.ts +0 -791
package/src/__tests__/services/cache-busting.test.ts +0 -125
package/src/__tests__/services/oauth-service-pkce.test.ts +0 -556
package/src/__tests__/services/provider-resolver-edge-cases.test.ts +0 -591
package/src/__tests__/services/tool-protection-merged-config.test.ts +0 -485
package/src/__tests__/services/tool-protection-oauth-provider.test.ts +0 -480
package/src/__tests__/services/tool-protection.service.test.ts +0 -1373
package/src/__tests__/utils/mock-providers.ts +0 -340
package/src/cache/oauth-config-cache.d.ts +0 -69
package/src/cache/oauth-config-cache.d.ts.map +0 -1
package/src/cache/oauth-config-cache.js.map +0 -1
package/src/cache/oauth-config-cache.ts +0 -123
package/src/cache/tool-protection-cache.ts +0 -171
package/src/compliance/EXAMPLE.md +0 -412
package/src/compliance/__tests__/schema-verifier.test.ts +0 -797
package/src/compliance/index.ts +0 -8
package/src/compliance/schema-registry.ts +0 -460
package/src/compliance/schema-verifier.ts +0 -708
package/src/config/__tests__/merged-config.spec.ts +0 -445
package/src/config/__tests__/remote-config.spec.ts +0 -268
package/src/config/remote-config.ts +0 -264
package/src/config.ts +0 -312
package/src/delegation/__tests__/audience-validator.test.ts +0 -112
package/src/delegation/__tests__/bitstring.test.ts +0 -346
package/src/delegation/__tests__/cascading-revocation.test.ts +0 -628
package/src/delegation/__tests__/delegation-graph.test.ts +0 -584
package/src/delegation/__tests__/did-key-resolver.test.ts +0 -265
package/src/delegation/__tests__/utils.test.ts +0 -152
package/src/delegation/__tests__/vc-issuer.test.ts +0 -442
package/src/delegation/__tests__/vc-verifier.test.ts +0 -922
package/src/delegation/audience-validator.ts +0 -52
package/src/delegation/bitstring.ts +0 -278
package/src/delegation/cascading-revocation.ts +0 -370
package/src/delegation/delegation-graph.ts +0 -299
package/src/delegation/did-key-resolver.ts +0 -179
package/src/delegation/index.ts +0 -14
package/src/delegation/statuslist-manager.ts +0 -353
package/src/delegation/storage/__tests__/memory-graph-storage.test.ts +0 -366
package/src/delegation/storage/__tests__/memory-statuslist-storage.test.ts +0 -228
package/src/delegation/storage/index.ts +0 -9
package/src/delegation/storage/memory-graph-storage.ts +0 -178
package/src/delegation/storage/memory-statuslist-storage.ts +0 -77
package/src/delegation/utils.ts +0 -221
package/src/delegation/vc-issuer.ts +0 -232
package/src/delegation/vc-verifier.ts +0 -568
package/src/identity/idp-token-resolver.ts +0 -181
package/src/identity/idp-token-storage.interface.ts +0 -94
package/src/identity/user-did-manager.ts +0 -526
package/src/index.ts +0 -310
package/src/providers/base.d.ts +0 -91
package/src/providers/base.d.ts.map +0 -1
package/src/providers/base.js.map +0 -1
package/src/providers/base.ts +0 -96
package/src/providers/memory.ts +0 -142
package/src/runtime/audit-logger.ts +0 -39
package/src/runtime/base.ts +0 -1392
package/src/services/__tests__/access-control.integration.test.ts +0 -443
package/src/services/__tests__/access-control.proof-response-validation.test.ts +0 -578
package/src/services/__tests__/access-control.service.test.ts +0 -970
package/src/services/__tests__/batch-delegation.service.test.ts +0 -351
package/src/services/__tests__/crypto.service.test.ts +0 -531
package/src/services/__tests__/oauth-provider-registry.test.ts +0 -142
package/src/services/__tests__/proof-verifier.integration.test.ts +0 -485
package/src/services/__tests__/proof-verifier.test.ts +0 -489
package/src/services/__tests__/provider-resolution.integration.test.ts +0 -202
package/src/services/__tests__/provider-resolver.test.ts +0 -213
package/src/services/__tests__/storage.service.test.ts +0 -358
package/src/services/access-control.service.ts +0 -990
package/src/services/authorization/authorization-registry.ts +0 -66
package/src/services/authorization/types.ts +0 -71
package/src/services/batch-delegation.service.ts +0 -137
package/src/services/crypto.service.ts +0 -302
package/src/services/errors.ts +0 -76
package/src/services/index.ts +0 -18
package/src/services/oauth-config.service.d.ts +0 -53
package/src/services/oauth-config.service.d.ts.map +0 -1
package/src/services/oauth-config.service.js.map +0 -1
package/src/services/oauth-config.service.ts +0 -192
package/src/services/oauth-provider-registry.d.ts +0 -57
package/src/services/oauth-provider-registry.d.ts.map +0 -1
package/src/services/oauth-provider-registry.js.map +0 -1
package/src/services/oauth-provider-registry.ts +0 -141
package/src/services/oauth-service.ts +0 -544
package/src/services/oauth-token-retrieval.service.ts +0 -245
package/src/services/proof-verifier.ts +0 -478
package/src/services/provider-resolver.d.ts +0 -48
package/src/services/provider-resolver.d.ts.map +0 -1
package/src/services/provider-resolver.js.map +0 -1
package/src/services/provider-resolver.ts +0 -146
package/src/services/provider-validator.ts +0 -170
package/src/services/session-registration.service.ts +0 -251
package/src/services/storage.service.ts +0 -566
package/src/services/tool-context-builder.ts +0 -237
package/src/services/tool-protection.service.ts +0 -1070
package/src/types/oauth-required-error.ts +0 -63
package/src/types/tool-protection.ts +0 -155
package/src/utils/__tests__/did-helpers.test.ts +0 -156
package/src/utils/base58.ts +0 -109
package/src/utils/base64.ts +0 -148
package/src/utils/cors.ts +0 -83
package/src/utils/did-helpers.ts +0 -210
package/src/utils/index.ts +0 -8
package/src/utils/storage-keys.ts +0 -278
package/tsconfig.json +0 -21
package/vitest.config.ts +0 -56

package/src/__tests__/runtime/route-interception.test.ts DELETED Viewed

@@ -1,686 +0,0 @@
-/**
- * Route Interception Tests
- *
- * Tests for route interception, resume tokens, and tool call resumption.
- */
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { MCPIRuntimeBase } from '../../runtime/base';
-import { ProviderRuntimeConfig } from '../../config';
-import { createMockProviders, MockClockProvider } from '../utils/mock-providers';
-import { DelegationRequiredError } from '../../types/tool-protection';
-describe('MCPIRuntimeBase - Route Interception', () => {
-  let runtime: MCPIRuntimeBase;
-  let config: ProviderRuntimeConfig;
-  let mockProviders: ReturnType<typeof createMockProviders>;
-  let mockToolProtectionService: {
-    checkToolProtection: ReturnType<typeof vi.fn>;
-  };
-  beforeEach(async () => {
-    vi.clearAllMocks();
-    mockProviders = createMockProviders();
-    mockToolProtectionService = {
-      checkToolProtection: vi.fn()
-    };
-    config = {
-      ...mockProviders,
-      environment: 'development',
-      session: {
-        timestampSkewSeconds: 120,
-        ttlMinutes: 30
-      },
-      audit: {
-        enabled: false
-      },
-      toolProtectionService: mockToolProtectionService as any
-    };
-    runtime = new MCPIRuntimeBase(config);
-    await runtime.initialize();
-  });
-  describe('generateResumeToken', () => {
-    it('should generate unique resume tokens for different calls', async () => {
-      const call1 = {
-        toolName: 'tool1',
-        args: { arg: 'value1' },
-        sessionId: 'session1',
-        timestamp: Date.now(),
-        expiresAt: Date.now() + 1800000
-      };
-      const call2 = {
-        toolName: 'tool2',
-        args: { arg: 'value2' },
-        sessionId: 'session2',
-        timestamp: Date.now(),
-        expiresAt: Date.now() + 1800000
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      const token1 = generateToken(call1);
-      const token2 = generateToken(call2);
-      expect(token1).toBeDefined();
-      expect(token2).toBeDefined();
-      expect(token1).not.toBe(token2);
-      expect(token1).toMatch(/^resume_/);
-      expect(token2).toMatch(/^resume_/);
-    });
-    it('should generate different tokens due to timestamp component', async () => {
-      const call = {
-        toolName: 'tool1',
-        args: { arg: 'value' },
-        sessionId: 'session1',
-        timestamp: 1000,
-        expiresAt: 1801000
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      // Generate multiple tokens to verify they differ when generated at different times
-      // Note: generateResumeToken uses Date.now() internally, so tokens will differ
-      // unless generated in the exact same millisecond (very rare)
-      const tokens = new Set<string>();
-      for (let i = 0; i < 10; i++) {
-        const token = generateToken(call);
-        tokens.add(token);
-        // Small delay to ensure different timestamps
-        await new Promise(resolve => setTimeout(resolve, 1));
-      }
-      // Verify token format: resume_{hash}_{timestamp}
-      const firstToken = Array.from(tokens)[0];
-      expect(firstToken).toMatch(/^resume_[a-z0-9]+_[a-z0-9]+$/);
-      const parts = firstToken.split('_');
-      expect(parts.length).toBe(3);
-      expect(parts[0]).toBe('resume');
-      // Verify hash part is consistent for same call context
-      const hashPart = parts[1];
-      for (const token of tokens) {
-        const tokenParts = token.split('_');
-        expect(tokenParts[1]).toBe(hashPart); // Same hash for same call
-      }
-      // Most tokens should be unique (allowing for edge case of same millisecond)
-      // If all 10 tokens are unique, we're confident the timestamp component works
-      expect(tokens.size).toBeGreaterThan(1); // At least some should differ
-    });
-    it('should include call context in token generation', async () => {
-      const call1 = {
-        toolName: 'tool1',
-        args: { arg: 'value1' },
-        sessionId: 'session1',
-        timestamp: 1000,
-        expiresAt: 1801000
-      };
-      const call2 = {
-        toolName: 'tool1',
-        args: { arg: 'value2' }, // Different args
-        sessionId: 'session1',
-        timestamp: 1000,
-        expiresAt: 1801000
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      const token1 = generateToken(call1);
-      const token2 = generateToken(call2);
-      // Different args should produce different tokens
-      expect(token1).not.toBe(token2);
-    });
-  });
-  describe('buildConsentUrl', () => {
-    it('should build consent URL with tool and scopes', () => {
-      const session = {
-        id: 'session123',
-        agentDid: 'did:key:zagent123',
-        audience: 'https://client.example.com'
-      };
-      const buildUrl = (runtime as any).buildConsentUrl.bind(runtime);
-      const url = buildUrl(
-        'protectedTool',
-        ['files:write', 'files:read'],
-        session,
-        'resume_token_123'
-      );
-      expect(url).toContain('https://kya.vouched.id/bouncer/consent');
-      expect(url).toContain('tool=protectedTool');
-      expect(url).toContain('scopes=files%3Awrite%2Cfiles%3Aread');
-      expect(url).toContain('session_id=session123');
-      expect(url).toContain('agent_did=did%3Akey%3Azagent123');
-      expect(url).toContain('resume_token=resume_token_123');
-    });
-    it('should build consent URL without resume token if not provided', () => {
-      const session = {
-        id: 'session123',
-        agentDid: 'did:key:zagent123',
-        audience: 'https://client.example.com'
-      };
-      const buildUrl = (runtime as any).buildConsentUrl.bind(runtime);
-      const url = buildUrl(
-        'protectedTool',
-        ['files:write'],
-        session
-      );
-      expect(url).toContain('https://kya.vouched.id/bouncer/consent');
-      expect(url).not.toContain('resume_token=');
-    });
-    it('should handle missing session fields gracefully', () => {
-      const buildUrl = (runtime as any).buildConsentUrl.bind(runtime);
-      const url = buildUrl(
-        'protectedTool',
-        ['files:write'],
-        {},
-        'resume_token_123'
-      );
-      expect(url).toContain('https://kya.vouched.id/bouncer/consent');
-      expect(url).toContain('tool=protectedTool');
-      expect(url).toContain('session_id=');
-      expect(url).toContain('agent_did=');
-    });
-    it('should URL encode special characters in scopes', () => {
-      const session = {
-        id: 'session123',
-        agentDid: 'did:key:zagent123'
-      };
-      const buildUrl = (runtime as any).buildConsentUrl.bind(runtime);
-      const url = buildUrl(
-        'protectedTool',
-        ['files:write', 'scope with spaces', 'scope:with:colons'],
-        session
-      );
-      expect(url).toContain('scopes=files%3Awrite%2Cscope+with+spaces%2Cscope%3Awith%3Acolons');
-    });
-  });
-  describe('intercepted calls storage', () => {
-    const mockHandler = vi.fn().mockResolvedValue({ result: 'success' });
-    const session = {
-      id: 'session123',
-      audience: 'https://client.example.com',
-      nonce: 'test-nonce'
-    };
-    it('should store intercepted call when delegation required', async () => {
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          { arg: 'value' },
-          mockHandler,
-          session
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        expect(error.resumeToken).toBeDefined();
-        // Check that intercepted call is stored
-        const interceptedCalls = (runtime as any).interceptedCalls;
-        const storedCall = interceptedCalls.get(error.resumeToken);
-        expect(storedCall).toBeDefined();
-        expect(storedCall.toolName).toBe('protectedTool');
-        expect(storedCall.args).toEqual({ arg: 'value' });
-        expect(storedCall.sessionId).toBe('session123');
-      }
-    });
-    it('should set expiry time for intercepted calls', async () => {
-      const clock = mockProviders.clockProvider as MockClockProvider;
-      const currentTime = Date.now();
-      clock.setTime(currentTime);
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          { arg: 'value' },
-          mockHandler,
-          session
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        const interceptedCalls = (runtime as any).interceptedCalls;
-        const storedCall = interceptedCalls.get(error.resumeToken);
-        expect(storedCall.expiresAt).toBe(currentTime + 1800000); // 30 minutes
-      }
-    });
-  });
-  describe('resumeToolCall', () => {
-    const mockHandler = vi.fn().mockResolvedValue({ result: 'success' });
-    let session: any;
-    let resumeToken: string;
-    beforeEach(async () => {
-      // Create a handshake session first
-      const handshakeResponse = await runtime.handleHandshake({
-        clientDid: 'did:key:zclient123',
-        audience: 'https://client.example.com'
-      });
-      session = {
-        id: handshakeResponse.sessionId, // Use actual session ID from handshake
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      // Intercept a tool call
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          { arg: 'value' },
-          mockHandler,
-          session
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        resumeToken = error.resumeToken;
-      }
-    });
-    it('should resume tool call with valid resume token', async () => {
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      const result = await runtime.resumeToolCall(
-        resumeToken,
-        mockHandler,
-        'delegation-token-123'
-      );
-      expect(mockHandler).toHaveBeenCalledWith({ arg: 'value' });
-      expect(result).toEqual({ result: 'success' });
-    });
-    it('should throw error for invalid resume token', async () => {
-      await expect(
-        runtime.resumeToolCall(
-          'invalid-resume-token',
-          mockHandler,
-          'delegation-token-123'
-        )
-      ).rejects.toThrow('Invalid or expired resume token');
-    });
-    it('should throw error for expired resume token', async () => {
-      const clock = mockProviders.clockProvider as MockClockProvider;
-      // Advance time past expiry (30 minutes + 1 second)
-      clock.setTime(Date.now() + (30 * 60 * 1000) + 1000);
-      await expect(
-        runtime.resumeToolCall(
-          resumeToken,
-          mockHandler,
-          'delegation-token-123'
-        )
-      ).rejects.toThrow('Resume token expired');
-    });
-    it('should throw error if session not found', async () => {
-      // Create intercepted call with non-existent session ID
-      const call = {
-        toolName: 'protectedTool',
-        args: { arg: 'value' },
-        sessionId: 'non-existent-session',
-        timestamp: Date.now(),
-        expiresAt: Date.now() + 1800000
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      const invalidToken = generateToken(call);
-      // Manually store the intercepted call
-      (runtime as any).interceptedCalls.set(invalidToken, call);
-      await expect(
-        runtime.resumeToolCall(
-          invalidToken,
-          mockHandler,
-          'delegation-token-123'
-        )
-      ).rejects.toThrow('Session not found');
-    });
-    it('should add delegation token to session when resuming', async () => {
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      await runtime.resumeToolCall(
-        resumeToken,
-        mockHandler,
-        'delegation-token-123'
-      );
-      // Verify that processToolCall was called with session containing delegationToken
-      expect(mockHandler).toHaveBeenCalled();
-    });
-    it('should clean up intercepted call after successful resumption', async () => {
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      await runtime.resumeToolCall(
-        resumeToken,
-        mockHandler,
-        'delegation-token-123'
-      );
-      // Call should be removed from storage
-      const interceptedCalls = (runtime as any).interceptedCalls;
-      expect(interceptedCalls.has(resumeToken)).toBe(false);
-    });
-    it('should not clean up intercepted call if resumption fails', async () => {
-      const errorHandler = vi.fn().mockRejectedValue(new Error('Handler failed'));
-      try {
-        await runtime.resumeToolCall(
-          resumeToken,
-          errorHandler,
-          'delegation-token-123'
-        );
-        expect.fail('Should have thrown error');
-      } catch (error) {
-        // Expected
-      }
-      // Call should still be in storage (can retry)
-      const interceptedCalls = (runtime as any).interceptedCalls;
-      expect(interceptedCalls.has(resumeToken)).toBe(true);
-    });
-  });
-  describe('cleanupExpiredInterceptedCalls', () => {
-    it('should remove expired intercepted calls', async () => {
-      const clock = mockProviders.clockProvider as MockClockProvider;
-      const currentTime = Date.now();
-      clock.setTime(currentTime);
-      const expiredCall = {
-        toolName: 'expiredTool',
-        args: { arg: 'value' },
-        sessionId: 'session123',
-        timestamp: currentTime - 1000,
-        expiresAt: currentTime - 500 // Already expired
-      };
-      const validCall = {
-        toolName: 'validTool',
-        args: { arg: 'value' },
-        sessionId: 'session123',
-        timestamp: currentTime,
-        expiresAt: currentTime + 1800000 // Not expired
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      const expiredToken = generateToken(expiredCall);
-      const validToken = generateToken(validCall);
-      const interceptedCalls = (runtime as any).interceptedCalls;
-      interceptedCalls.set(expiredToken, expiredCall);
-      interceptedCalls.set(validToken, validCall);
-      // Trigger cleanup
-      const cleanup = (runtime as any).cleanupExpiredInterceptedCalls.bind(runtime);
-      cleanup();
-      expect(interceptedCalls.has(expiredToken)).toBe(false);
-      expect(interceptedCalls.has(validToken)).toBe(true);
-    });
-    it('should be called automatically when intercepting calls', async () => {
-      const clock = mockProviders.clockProvider as MockClockProvider;
-      const currentTime = Date.now();
-      clock.setTime(currentTime);
-      // Add an expired call
-      const expiredCall = {
-        toolName: 'expiredTool',
-        args: { arg: 'value' },
-        sessionId: 'session123',
-        timestamp: currentTime - 1000,
-        expiresAt: currentTime - 500
-      };
-      const generateToken = (runtime as any).generateResumeToken.bind(runtime);
-      const expiredToken = generateToken(expiredCall);
-      const interceptedCalls = (runtime as any).interceptedCalls;
-      interceptedCalls.set(expiredToken, expiredCall);
-      // Intercept a new call (should trigger cleanup)
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      try {
-        await runtime.processToolCall(
-          'newTool',
-          { arg: 'value' },
-          vi.fn(),
-          { id: 'session123' }
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error) {
-        // Expected
-      }
-      // Expired call should be cleaned up
-      expect(interceptedCalls.has(expiredToken)).toBe(false);
-    });
-  });
-  describe('integration: full interception flow', () => {
-    it('should complete full flow: intercept -> authorize -> resume', async () => {
-      const mockHandler = vi.fn().mockResolvedValue({ result: 'success' });
-      const session = {
-        id: 'session123',
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      // Step 1: Create session
-      const handshakeResponse = await runtime.handleHandshake({
-        clientDid: 'did:key:zclient123',
-        audience: 'https://client.example.com'
-      });
-      const sessionWithId = {
-        id: handshakeResponse.sessionId,
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      // Step 2: Intercept tool call
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      let resumeToken: string;
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          { arg: 'value' },
-          mockHandler,
-          sessionWithId
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        resumeToken = error.resumeToken;
-        expect(error).toBeInstanceOf(DelegationRequiredError);
-        expect(error.consentUrl).toBeDefined();
-      }
-      // Step 3: User authorizes (simulated by having delegation token)
-      // Step 4: Resume tool call
-      const result = await runtime.resumeToolCall(
-        resumeToken!,
-        mockHandler,
-        'delegation-token-123'
-      );
-      // Step 5: Verify successful execution
-      expect(mockHandler).toHaveBeenCalledWith({ arg: 'value' });
-      expect(result).toEqual({ result: 'success' });
-      // Step 6: Verify cleanup
-      const interceptedCalls = (runtime as any).interceptedCalls;
-      expect(interceptedCalls.has(resumeToken!)).toBe(false);
-    });
-  });
-  describe('edge cases', () => {
-    it('should handle resume token reuse attempt', async () => {
-      const mockHandler = vi.fn().mockResolvedValue({ result: 'success' });
-      // Create session first
-      const handshakeResponse = await runtime.handleHandshake({
-        clientDid: 'did:key:zclient123',
-        audience: 'https://client.example.com'
-      });
-      const sessionWithId = {
-        id: handshakeResponse.sessionId,
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      let resumeToken: string;
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          { arg: 'value' },
-          mockHandler,
-          sessionWithId
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        resumeToken = error.resumeToken;
-      }
-      // First resume should succeed
-      await runtime.resumeToolCall(
-        resumeToken!,
-        mockHandler,
-        'delegation-token-123'
-      );
-      // Second resume should fail (token already consumed)
-      await expect(
-        runtime.resumeToolCall(
-          resumeToken!,
-          mockHandler,
-          'delegation-token-123'
-        )
-      ).rejects.toThrow('Invalid or expired resume token');
-    });
-    it('should handle complex nested args in intercepted calls', async () => {
-      const mockHandler = vi.fn().mockResolvedValue({ result: 'success' });
-      const session = {
-        id: 'session123',
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      const handshakeResponse = await runtime.handleHandshake({
-        clientDid: 'did:key:zclient123',
-        audience: 'https://client.example.com'
-      });
-      const sessionWithId = {
-        id: handshakeResponse.sessionId,
-        audience: 'https://client.example.com',
-        nonce: 'test-nonce'
-      };
-      mockToolProtectionService.checkToolProtection.mockResolvedValue({
-        requiresDelegation: true,
-        requiredScopes: ['files:write']
-      });
-      const complexArgs = {
-        nested: {
-          deeply: {
-            nested: {
-              value: 'test',
-              array: [1, 2, 3],
-              object: { key: 'value' }
-            }
-          }
-        },
-        array: [{ id: 1 }, { id: 2 }]
-      };
-      let resumeToken: string;
-      try {
-        await runtime.processToolCall(
-          'protectedTool',
-          complexArgs,
-          mockHandler,
-          sessionWithId
-        );
-        expect.fail('Should have thrown DelegationRequiredError');
-      } catch (error: any) {
-        resumeToken = error.resumeToken;
-      }
-      const result = await runtime.resumeToolCall(
-        resumeToken!,
-        mockHandler,
-        'delegation-token-123'
-      );
-      expect(mockHandler).toHaveBeenCalledWith(complexArgs);
-      expect(result).toEqual({ result: 'success' });
-    });
-  });
-});