@kya-os/mcp-i-core 1.3.2 → 1.3.4

package/src/services/tool-protection.service.ts

@@ -668,9 +668,12 @@ export class ToolProtectionService {
    * Uses projectId endpoint if available (preferred, project-scoped), otherwise falls back to agent_did query param
    *
    * @param agentDid DID of the agent to fetch config for
+   * @param options Optional fetch options
+   * @param options.bypassCDNCache When true, adds cache-busting to bypass CDN caches (used by clearAndRefresh)
    */
   private async fetchFromApi(
-    agentDid: string
+    agentDid: string,
+    options?: { bypassCDNCache?: boolean }
   ): Promise<BouncerConfigApiResponse> {
     // Prefer new project-scoped endpoint: /api/v1/bouncer/projects/{projectId}/tool-protections
     // Falls back to old endpoint: /api/v1/bouncer/config?agent_did={did} for backward compatibility
@@ -686,6 +689,14 @@ export class ToolProtectionService {
       url = `${this.config.apiUrl}/api/v1/bouncer/config?agent_did=${encodeURIComponent(agentDid)}`;
     }
 
+    // Add cache-busting query param when bypassing CDN cache
+    // This is used during cache invalidation (clearAndRefresh) to ensure we get fresh data
+    // from the origin server, not stale CDN-cached data
+    if (options?.bypassCDNCache) {
+      const separator = url.includes("?") ? "&" : "?";
+      url = `${url}${separator}_t=${Date.now()}`;
+    }
+
     // Debug: Log API key status (masked for security)
     // Format: sk_live... (prefix up to first underscore after type, then ...)
     const apiKeyMasked = this.config.apiKey
@@ -741,6 +752,13 @@ export class ToolProtectionService {
       headers["Authorization"] = `Bearer ${this.config.apiKey}`;
     }
 
+    // Add cache-control header when bypassing CDN cache
+    // This tells any intermediate caches (CDN, proxies) not to serve cached content
+    if (options?.bypassCDNCache) {
+      headers["Cache-Control"] = "no-cache, no-store, must-revalidate";
+      headers["Pragma"] = "no-cache"; // HTTP/1.0 backward compatibility
+    }
+
     const response = await fetch(url, {
       method: "GET",
       headers,
@@ -797,51 +815,168 @@ export class ToolProtectionService {
   }
 
   /**
-   * Clear cache WITHOUT warming
+   * Clear cache and immediately fetch fresh config from API
    * 
-   * IMPORTANT: This method intentionally does NOT fetch fresh data after clearing.
+   * This method is designed for Cloudflare Workers where KV has edge caching.
+   * After clearing the KV entry, it fetches fresh data from the API and writes
+   * it back to KV. This ensures:
+   * 1. The global KV entry is deleted
+   * 2. Fresh data is fetched from API (with CDN cache bypass!)
+   * 3. New data is written to KV (updating edge cache)
    * 
-   * Why no cache warming?
-   * - Upstream APIs (AgentShield) may have their own CDN/cache layers
-   * - Immediately fetching after clear would get stale CDN data
-   * - Storing stale data defeats the purpose of cache invalidation
-   * - The next actual tool call will fetch fresh data (with natural delay)
+   * The next request from the same edge location will get the fresh data.
    * 
-   * This was the behavior in mcp-i-cloudflare@1.6.3 that worked perfectly.
-   * Cache warming was added as an "optimization" that backfired when upstream
-   * APIs have their own caching.
+   * IMPORTANT: This method uses bypassCDNCache to ensure we get fresh data
+   * from AgentShield's origin server, not stale CDN-cached data. This is
+   * critical for instant cache invalidation when tool protection settings
+   * are changed in the AgentShield dashboard.
    * 
    * @param agentDid DID of the agent (used for cache key)
-   * @returns Cache key that was cleared
+   * @returns The fresh tool protection config from API
    */
   async clearAndRefresh(agentDid: string): Promise<{
     config: ToolProtectionConfig;
     cacheKey: string;
-    source: 'cleared';
+    source: 'api' | 'fallback';
   }> {
     const cacheKey = this.config.projectId
       ? `config:tool-protections:${this.config.projectId}`
       : `agent:${agentDid}`;
 
-    console.log("[ToolProtectionService] clearCache (no warming)", {
+    console.log("[ToolProtectionService] clearAndRefresh starting", {
       cacheKey,
       projectId: this.config.projectId || "none",
       agentDid: agentDid.slice(0, 20) + "...",
     });
 
-    // Delete the cache entry - that's it, no warming
+    // 1. Delete the cache entry
     await this.cache.delete(cacheKey);
 
-    console.log("[ToolProtectionService] Cache entry deleted (next call will fetch fresh)", { 
-      cacheKey,
-      note: "No cache warming - upstream APIs may have CDN caching",
-    });
+    console.log("[ToolProtectionService] Cache entry deleted", { cacheKey });
 
-    // Return empty config - next tool call will fetch fresh from API
-    return { 
-      config: { toolProtections: {} }, 
-      cacheKey, 
-      source: 'cleared' 
-    };
+    // 2. Fetch fresh config from API with CDN cache bypass
+    // This ensures we get fresh data from origin, not stale CDN data
+    try {
+      const response = await this.fetchFromApi(agentDid, { bypassCDNCache: true });
+
+      // Transform API response to internal format (same logic as getToolProtectionConfig)
+      const toolProtections: Record<string, ToolProtection> = {};
+
+      if (response.data.toolProtections) {
+        for (const [toolName, toolConfig] of Object.entries(
+          response.data.toolProtections
+        )) {
+          const requiresDelegation =
+            (toolConfig as any).requiresDelegation ??
+            (toolConfig as any).requires_delegation ??
+            false;
+          const requiredScopes =
+            (toolConfig as any).requiredScopes ??
+            (toolConfig as any).required_scopes ??
+            (toolConfig as any).scopes ??
+            [];
+          const oauthProvider =
+            (toolConfig as any).oauthProvider ??
+            (toolConfig as any).oauth_provider ??
+            undefined;
+          const riskLevel =
+            (toolConfig as any).riskLevel ??
+            (toolConfig as any).risk_level ??
+            undefined;
+
+          toolProtections[toolName] = {
+            requiresDelegation,
+            requiredScopes,
+            ...(oauthProvider && { oauthProvider }),
+            ...(riskLevel && { riskLevel }),
+          };
+        }
+      } else if (response.data.tools) {
+        if (Array.isArray(response.data.tools)) {
+          for (const tool of response.data.tools) {
+            const toolName = (tool as any).name;
+            if (!toolName) continue;
+            const requiresDelegation =
+              (tool as any).requiresDelegation ?? (tool as any).requires_delegation ?? false;
+            const requiredScopes =
+              (tool as any).requiredScopes ??
+              (tool as any).required_scopes ??
+              (tool as any).scopes ??
+              [];
+            const oauthProvider =
+              (tool as any).oauthProvider ?? (tool as any).oauth_provider ?? undefined;
+            const riskLevel = (tool as any).riskLevel ?? (tool as any).risk_level ?? undefined;
+
+            toolProtections[toolName] = {
+              requiresDelegation,
+              requiredScopes,
+              ...(oauthProvider && { oauthProvider }),
+              ...(riskLevel && { riskLevel }),
+            };
+          }
+        } else {
+          for (const [toolName, toolConfig] of Object.entries(
+            response.data.tools
+          )) {
+            const requiresDelegation =
+              (toolConfig as any).requiresDelegation ??
+              (toolConfig as any).requires_delegation ??
+              false;
+            const requiredScopes =
+              (toolConfig as any).requiredScopes ??
+              (toolConfig as any).required_scopes ??
+              (toolConfig as any).scopes ??
+              [];
+            const oauthProvider =
+              (toolConfig as any).oauthProvider ??
+              (toolConfig as any).oauth_provider ??
+              undefined;
+            const riskLevel =
+              (toolConfig as any).riskLevel ??
+              (toolConfig as any).risk_level ??
+              undefined;
+
+            toolProtections[toolName] = {
+              requiresDelegation,
+              requiredScopes,
+              ...(oauthProvider && { oauthProvider }),
+              ...(riskLevel && { riskLevel }),
+            };
+          }
+        }
+      }
+
+      // Construct fresh config (ToolProtectionConfig type)
+      const freshConfig: ToolProtectionConfig = {
+        toolProtections,
+      };
+
+      // 3. Write fresh config to cache
+      const ttl = this.config.cacheTtl ?? 300000;
+      await this.cache.set(cacheKey, freshConfig, ttl);
+
+      console.log("[ToolProtectionService] Fresh config fetched and cached", {
+        cacheKey,
+        toolCount: Object.keys(toolProtections).length,
+        protectedTools: Object.entries(toolProtections)
+          .filter(([_, cfg]) => cfg.requiresDelegation)
+          .map(([name]) => name),
+        source: "api",
+      });
+
+      return { config: freshConfig, cacheKey, source: 'api' };
+    } catch (error) {
+      console.warn("[ToolProtectionService] API fetch failed during refresh, using fallback", {
+        error: error instanceof Error ? error.message : String(error),
+        cacheKey,
+      });
+
+      // Use fallback config if API fails
+      const fallbackConfig: ToolProtectionConfig = this.config.fallbackConfig || {
+        toolProtections: {},
+      };
+
+      return { config: fallbackConfig, cacheKey, source: 'fallback' };
+    }
   }
 }

package/src/__tests__/services/cache-no-warming.test.ts

@@ -1,177 +0,0 @@
-/**
- * Cache Invalidation: No Warming Test
- *
- * CRITICAL TEST: Proves that clearAndRefresh does NOT fetch immediately after clearing.
- *
- * Background:
- * - In mcp-i-cloudflare@1.6.4+, cache warming was added as an "optimization"
- * - The idea was to fetch fresh data immediately after clearing
- * - BUT this backfired when upstream APIs (AgentShield) have CDN caching
- * - The immediate fetch would get stale CDN data and store it in our cache
- * - This defeated the purpose of cache invalidation
- *
- * Fix:
- * - clearAndRefresh now just DELETES the cache entry
- * - It does NOT fetch or warm the cache
- * - The next actual tool call will fetch fresh data (with natural delay)
- *
- * This was the behavior in mcp-i-cloudflare@1.6.3 that worked perfectly.
- */
-
-import { describe, it, expect, vi, beforeEach } from "vitest";
-import { ToolProtectionService } from "../../services/tool-protection.service.js";
-import { InMemoryToolProtectionCache } from "../../cache/tool-protection-cache.js";
-
-describe("Cache Invalidation - No Warming", () => {
-  let cache: InMemoryToolProtectionCache;
-  let service: ToolProtectionService;
-  let fetchSpy: ReturnType<typeof vi.fn>;
-
-  beforeEach(() => {
-    cache = new InMemoryToolProtectionCache();
-    fetchSpy = vi.fn();
-
-    service = new ToolProtectionService(
-      {
-        apiUrl: "https://test.agentshield.com",
-        apiKey: "test-key",
-        projectId: "test-project",
-        cacheTtl: 300000,
-        debug: true,
-      },
-      cache
-    );
-
-    // Spy on the internal fetch method
-    (service as any).fetchFromApi = fetchSpy;
-  });
-
-  it("clearAndRefresh should DELETE cache without fetching", async () => {
-    // Seed the cache with old data
-    const oldConfig = {
-      toolProtections: {
-        greet: { requiresDelegation: false, requiredScopes: ["greet:execute"] },
-      },
-    };
-    await cache.set("config:tool-protections:test-project", oldConfig, 300000);
-
-    // Clear the cache
-    const result = await service.clearAndRefresh("did:key:test-agent");
-
-    // CRITICAL: fetchFromApi should NOT have been called
-    expect(fetchSpy).not.toHaveBeenCalled();
-
-    // Result should indicate cache was cleared, not refreshed
-    expect(result.source).toBe("cleared");
-    expect(result.cacheKey).toBe("config:tool-protections:test-project");
-    expect(result.config.toolProtections).toEqual({});
-  });
-
-  it("cache should be empty after clearAndRefresh (no warming)", async () => {
-    // Seed the cache
-    const oldConfig = {
-      toolProtections: {
-        greet: { requiresDelegation: true, requiredScopes: ["greet:execute"] },
-      },
-    };
-    await cache.set("config:tool-protections:test-project", oldConfig, 300000);
-
-    // Verify it's cached
-    const beforeClear = await cache.get("config:tool-protections:test-project");
-    expect(beforeClear).not.toBeNull();
-    expect(beforeClear?.toolProtections.greet.requiresDelegation).toBe(true);
-
-    // Clear the cache
-    await service.clearAndRefresh("did:key:test-agent");
-
-    // Cache should be EMPTY (not warmed with new data)
-    const afterClear = await cache.get("config:tool-protections:test-project");
-    expect(afterClear).toBeNull();
-  });
-
-  it("next getToolProtectionConfig call should fetch fresh from API", async () => {
-    // Setup: Mock API to return DIFFERENT data than what was cached
-    const staleConfig = {
-      toolProtections: {
-        greet: { requiresDelegation: false, requiredScopes: [] },
-      },
-    };
-
-    // Seed cache with stale data
-    await cache.set(
-      "config:tool-protections:test-project",
-      staleConfig,
-      300000
-    );
-
-    // Mock API to return fresh data (requiresDelegation: TRUE)
-    fetchSpy.mockResolvedValueOnce({
-      data: {
-        toolProtections: {
-          greet: {
-            requiresDelegation: true,
-            requiredScopes: ["greet:execute"],
-          },
-        },
-      },
-    });
-
-    // Clear cache (should NOT fetch)
-    await service.clearAndRefresh("did:key:test-agent");
-    expect(fetchSpy).not.toHaveBeenCalled();
-
-    // Now get config - this SHOULD fetch from API
-    const result = await service.getToolProtectionConfig("did:key:test-agent");
-
-    // API should have been called now (cache was cleared, so it fetched)
-    expect(fetchSpy).toHaveBeenCalledTimes(1);
-
-    // Result should have fresh data from API (not stale cached data)
-    expect(result.toolProtections.greet.requiresDelegation).toBe(true);
-  });
-
-  it("proves stale CDN data issue is avoided", async () => {
-    /**
-     * This test proves why NO warming is better than warming.
-     *
-     * Scenario:
-     * 1. User toggles delegation ON in dashboard
-     * 2. AgentShield DB updates, but CDN still has old data (5 min TTL)
-     * 3. User triggers cache clear
-     *
-     * WITH warming (broken):
-     * - clearAndRefresh immediately fetches from API
-     * - API returns stale CDN data (requiresDelegation: false)
-     * - We store stale data in our cache
-     * - Tool call uses stale data = BUG
-     *
-     * WITHOUT warming (fixed):
-     * - clearAndRefresh just deletes cache
-     * - Next tool call fetches from API (some time later)
-     * - Better chance CDN has refreshed
-     * - Even if CDN still stale, user can retry after CDN TTL
-     */
-
-    // Simulate stale CDN response (old config before user toggled delegation)
-    const staleCdnResponse = {
-      data: {
-        toolProtections: {
-          greet: { requiresDelegation: false, requiredScopes: [] },
-        },
-      },
-    };
-
-    fetchSpy.mockResolvedValue(staleCdnResponse);
-
-    // Clear cache
-    await service.clearAndRefresh("did:key:test-agent");
-
-    // CRITICAL: We did NOT store the stale CDN data
-    // fetchSpy was NOT called during clearAndRefresh
-    expect(fetchSpy).not.toHaveBeenCalled();
-
-    // Cache is empty, not poisoned with stale data
-    const cached = await cache.get("config:tool-protections:test-project");
-    expect(cached).toBeNull();
-  });
-});