@kya-os/mcp-i-core 1.3.19 → 1.3.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.d.ts
CHANGED
|
@@ -15,7 +15,7 @@ export { CryptoService } from "./services/crypto.service";
|
|
|
15
15
|
export type { Ed25519JWK, ParsedJWS } from "./services/crypto.service";
|
|
16
16
|
export { ProofVerifier } from "./services/proof-verifier";
|
|
17
17
|
export type { ProofVerificationResult, ProofVerifierConfig, } from "./services/proof-verifier";
|
|
18
|
-
export { AccessControlApiService } from "./services/access-control.service";
|
|
18
|
+
export { AccessControlApiService, authorizationMatches, } from "./services/access-control.service";
|
|
19
19
|
export type { AccessControlApiServiceConfig, AccessControlApiServiceMetrics, } from "./services/access-control.service";
|
|
20
20
|
export { SessionRegistrationService, createSessionRegistrationService, } from "./services/session-registration.service";
|
|
21
21
|
export type { SessionRegistrationServiceConfig, SessionRegistrationResult, } from "./services/session-registration.service";
|
package/dist/index.js
CHANGED
|
@@ -20,8 +20,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
20
20
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
21
21
|
};
|
|
22
22
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23
|
-
exports.
|
|
24
|
-
exports.IdpTokenResolver = exports.UserDidManager = exports.fetchRemoteConfig = exports.bytesToBase64 = exports.base64urlDecodeToString = exports.base64urlDecodeToBytes = exports.base64urlEncodeFromString = exports.base64urlEncodeFromBytes = exports.parseVCJWT = exports.completeVCJWT = exports.createUnsignedVCJWT = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.isValidBase58 = exports.base58Decode = exports.base58Encode = exports.resolveDidKeySync = exports.publicKeyToJwk = exports.extractPublicKeyFromDidKey = exports.isEd25519DidKey = exports.createDidKeyResolver = exports.MemoryDelegationGraphStorage = void 0;
|
|
23
|
+
exports.createCascadingRevocationManager = exports.CascadingRevocationManager = exports.createDelegationGraph = exports.DelegationGraphManager = exports.isIndexSet = exports.BitstringManager = exports.createStatusListManager = exports.StatusList2021Manager = exports.createDelegationVerifier = exports.DelegationCredentialVerifier = exports.createDelegationIssuer = exports.DelegationCredentialIssuer = exports.OAuthRequiredError = exports.DelegationRequiredError = exports.NoOpToolProtectionCache = exports.InMemoryToolProtectionCache = exports.createProofVerificationError = exports.PROOF_VERIFICATION_ERROR_CODES = exports.ProofVerificationError = exports.migrateLegacyKeys = exports.StorageKeyHelpers = exports.createStorageProviders = exports.NoOpOAuthConfigCache = exports.InMemoryOAuthConfigCache = exports.BatchDelegationService = exports.OAuthTokenRetrievalService = exports.ProviderValidationError = exports.ProviderValidator = exports.ProviderResolver = exports.OAuthProviderRegistry = exports.ToolContextBuilder = exports.OAuthService = exports.OAuthConfigService = exports.createSessionRegistrationService = exports.SessionRegistrationService = exports.authorizationMatches = exports.AccessControlApiService = exports.ProofVerifier = exports.CryptoService = exports.ToolProtectionService = exports.MCPIRuntimeBase = exports.MemoryIdentityProvider = exports.MemoryNonceCacheProvider = exports.MemoryStorageProvider = exports.IdentityProvider = exports.NonceCacheProvider = exports.StorageProvider = exports.FetchProvider = exports.ClockProvider = exports.CryptoProvider = void 0;
|
|
24
|
+
exports.IdpTokenResolver = exports.UserDidManager = exports.fetchRemoteConfig = exports.bytesToBase64 = exports.base64urlDecodeToString = exports.base64urlDecodeToBytes = exports.base64urlEncodeFromString = exports.base64urlEncodeFromBytes = exports.parseVCJWT = exports.completeVCJWT = exports.createUnsignedVCJWT = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.isValidBase58 = exports.base58Decode = exports.base58Encode = exports.resolveDidKeySync = exports.publicKeyToJwk = exports.extractPublicKeyFromDidKey = exports.isEd25519DidKey = exports.createDidKeyResolver = exports.MemoryDelegationGraphStorage = exports.MemoryStatusListStorage = void 0;
|
|
25
25
|
// Base providers
|
|
26
26
|
var base_1 = require("./providers/base");
|
|
27
27
|
Object.defineProperty(exports, "CryptoProvider", { enumerable: true, get: function () { return base_1.CryptoProvider; } });
|
|
@@ -52,6 +52,7 @@ Object.defineProperty(exports, "ProofVerifier", { enumerable: true, get: functio
|
|
|
52
52
|
// Access Control API Service (stub for Phase 3)
|
|
53
53
|
var access_control_service_1 = require("./services/access-control.service");
|
|
54
54
|
Object.defineProperty(exports, "AccessControlApiService", { enumerable: true, get: function () { return access_control_service_1.AccessControlApiService; } });
|
|
55
|
+
Object.defineProperty(exports, "authorizationMatches", { enumerable: true, get: function () { return access_control_service_1.authorizationMatches; } });
|
|
55
56
|
// Session Registration Service
|
|
56
57
|
var session_registration_service_1 = require("./services/session-registration.service");
|
|
57
58
|
Object.defineProperty(exports, "SessionRegistrationService", { enumerable: true, get: function () { return session_registration_service_1.SessionRegistrationService; } });
|
|
@@ -118,4 +118,21 @@ export declare class AccessControlApiService {
|
|
|
118
118
|
*/
|
|
119
119
|
private handleErrorResponse;
|
|
120
120
|
}
|
|
121
|
+
/**
|
|
122
|
+
* Compare delegation authorization with current tool protection authorization
|
|
123
|
+
* Returns true if they match, false otherwise
|
|
124
|
+
*
|
|
125
|
+
* @param delegationAuth - Authorization from the delegation credential
|
|
126
|
+
* @param toolAuth - Authorization required by the tool protection config
|
|
127
|
+
* @returns true if authorization methods match
|
|
128
|
+
*/
|
|
129
|
+
export declare function authorizationMatches(delegationAuth: {
|
|
130
|
+
type: string;
|
|
131
|
+
provider?: string;
|
|
132
|
+
credentialType?: string;
|
|
133
|
+
}, toolAuth: {
|
|
134
|
+
type: string;
|
|
135
|
+
provider?: string;
|
|
136
|
+
credentialType?: string;
|
|
137
|
+
} | undefined): boolean;
|
|
121
138
|
//# sourceMappingURL=access-control.service.d.ts.map
|
|
@@ -14,6 +14,7 @@
|
|
|
14
14
|
*/
|
|
15
15
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
16
|
exports.AccessControlApiService = void 0;
|
|
17
|
+
exports.authorizationMatches = authorizationMatches;
|
|
17
18
|
const agentshield_api_1 = require("@kya-os/contracts/agentshield-api");
|
|
18
19
|
const agentshield_api_2 = require("@kya-os/contracts/agentshield-api");
|
|
19
20
|
/**
|
|
@@ -672,4 +673,30 @@ class AccessControlApiService {
|
|
|
672
673
|
}
|
|
673
674
|
}
|
|
674
675
|
exports.AccessControlApiService = AccessControlApiService;
|
|
676
|
+
/**
|
|
677
|
+
* Compare delegation authorization with current tool protection authorization
|
|
678
|
+
* Returns true if they match, false otherwise
|
|
679
|
+
*
|
|
680
|
+
* @param delegationAuth - Authorization from the delegation credential
|
|
681
|
+
* @param toolAuth - Authorization required by the tool protection config
|
|
682
|
+
* @returns true if authorization methods match
|
|
683
|
+
*/
|
|
684
|
+
function authorizationMatches(delegationAuth, toolAuth) {
|
|
685
|
+
// No tool auth requirement - allow any delegation
|
|
686
|
+
if (!toolAuth)
|
|
687
|
+
return true;
|
|
688
|
+
// Compare type
|
|
689
|
+
if (delegationAuth.type !== toolAuth.type)
|
|
690
|
+
return false;
|
|
691
|
+
// For OAuth, compare provider
|
|
692
|
+
if (delegationAuth.type === 'oauth') {
|
|
693
|
+
return delegationAuth.provider === toolAuth.provider;
|
|
694
|
+
}
|
|
695
|
+
// For credential, compare credentialType
|
|
696
|
+
if (delegationAuth.type === 'credential') {
|
|
697
|
+
return delegationAuth.credentialType === toolAuth.credentialType;
|
|
698
|
+
}
|
|
699
|
+
// For 'none' type, they match if both are 'none'
|
|
700
|
+
return true;
|
|
701
|
+
}
|
|
675
702
|
//# sourceMappingURL=access-control.service.js.map
|
package/dist/services/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export { CryptoService } from './crypto.service.js';
|
|
2
2
|
export type { Ed25519JWK, ParsedJWS } from './crypto.service.js';
|
|
3
|
-
export { AccessControlApiService } from './access-control.service.js';
|
|
3
|
+
export { AccessControlApiService, authorizationMatches, } from './access-control.service.js';
|
|
4
4
|
export type { AccessControlApiServiceConfig, AccessControlApiServiceMetrics, } from './access-control.service.js';
|
|
5
5
|
export { SessionRegistrationService, createSessionRegistrationService, } from './session-registration.service.js';
|
|
6
6
|
export type { SessionRegistrationServiceConfig, SessionRegistrationResult, } from './session-registration.service.js';
|
package/dist/services/index.js
CHANGED
|
@@ -1,10 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.createSessionRegistrationService = exports.SessionRegistrationService = exports.AccessControlApiService = exports.CryptoService = void 0;
|
|
3
|
+
exports.createSessionRegistrationService = exports.SessionRegistrationService = exports.authorizationMatches = exports.AccessControlApiService = exports.CryptoService = void 0;
|
|
4
4
|
var crypto_service_js_1 = require("./crypto.service.js");
|
|
5
5
|
Object.defineProperty(exports, "CryptoService", { enumerable: true, get: function () { return crypto_service_js_1.CryptoService; } });
|
|
6
6
|
var access_control_service_js_1 = require("./access-control.service.js");
|
|
7
7
|
Object.defineProperty(exports, "AccessControlApiService", { enumerable: true, get: function () { return access_control_service_js_1.AccessControlApiService; } });
|
|
8
|
+
Object.defineProperty(exports, "authorizationMatches", { enumerable: true, get: function () { return access_control_service_js_1.authorizationMatches; } });
|
|
8
9
|
var session_registration_service_js_1 = require("./session-registration.service.js");
|
|
9
10
|
Object.defineProperty(exports, "SessionRegistrationService", { enumerable: true, get: function () { return session_registration_service_js_1.SessionRegistrationService; } });
|
|
10
11
|
Object.defineProperty(exports, "createSessionRegistrationService", { enumerable: true, get: function () { return session_registration_service_js_1.createSessionRegistrationService; } });
|