npm - @kya-os/mcp-i - Versions diffs - 0.1.0 → 1.2.1 - Mend

@kya-os/mcp-i 0.1.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (229) hide show

package/README.md +406 -71
package/dist/149.js +1 -0
package/dist/189.js +1 -0
package/dist/261.js +1 -0
package/dist/28.js +1 -0
package/dist/295.js +1 -0
package/dist/460.js +1 -0
package/dist/570.js +1 -0
package/dist/634.js +1 -0
package/dist/647.js +1 -0
package/dist/67.js +1 -0
package/dist/739.js +1 -0
package/dist/742.js +1 -0
package/dist/904.js +1 -0
package/dist/938.js +1 -0
package/dist/auth/api-key.d.ts +16 -0
package/dist/auth/api-key.js +82 -0
package/dist/auth/jwt.d.ts +43 -0
package/dist/auth/jwt.js +51 -0
package/dist/auth/oauth/factory.d.ts +12 -0
package/dist/auth/oauth/factory.js +36 -0
package/dist/auth/oauth/index.d.ts +5 -0
package/dist/auth/oauth/index.js +27 -0
package/dist/auth/oauth/providers/proxy-provider.d.ts +13 -0
package/dist/auth/oauth/providers/proxy-provider.js +159 -0
package/dist/auth/oauth/router.d.ts +4 -0
package/dist/auth/oauth/router.js +294 -0
package/dist/auth/oauth/storage/memory-storage.d.ts +12 -0
package/dist/auth/oauth/storage/memory-storage.js +40 -0
package/dist/auth/oauth/types.d.ts +112 -0
package/dist/auth/oauth/types.js +2 -0
package/dist/cache/__tests__/cloudflare-kv-nonce-cache.test.d.ts +4 -0
package/dist/cache/__tests__/cloudflare-kv-nonce-cache.test.js +176 -0
package/dist/cache/__tests__/concurrency.test.d.ts +5 -0
package/dist/cache/__tests__/concurrency.test.js +300 -0
package/dist/cache/__tests__/dynamodb-nonce-cache.test.d.ts +4 -0
package/dist/cache/__tests__/dynamodb-nonce-cache.test.js +176 -0
package/dist/cache/__tests__/memory-nonce-cache.test.d.ts +4 -0
package/dist/cache/__tests__/memory-nonce-cache.test.js +132 -0
package/dist/cache/__tests__/nonce-cache-factory-simple.test.d.ts +4 -0
package/dist/cache/__tests__/nonce-cache-factory-simple.test.js +133 -0
package/dist/cache/__tests__/nonce-cache-factory.test.d.ts +4 -0
package/dist/cache/__tests__/nonce-cache-factory.test.js +252 -0
package/dist/cache/__tests__/redis-nonce-cache.test.d.ts +4 -0
package/dist/cache/__tests__/redis-nonce-cache.test.js +95 -0
package/dist/cache/cloudflare-kv-nonce-cache.d.ts +14 -0
package/dist/cache/cloudflare-kv-nonce-cache.js +93 -0
package/dist/cache/dynamodb-nonce-cache.d.ts +15 -0
package/dist/cache/dynamodb-nonce-cache.js +92 -0
package/dist/cache/index.d.ts +16 -0
package/dist/cache/index.js +32 -0
package/dist/cache/memory-nonce-cache.d.ts +44 -0
package/dist/cache/memory-nonce-cache.js +105 -0
package/dist/cache/nonce-cache-factory.d.ts +20 -0
package/dist/cache/nonce-cache-factory.js +208 -0
package/dist/cache/redis-nonce-cache.d.ts +14 -0
package/dist/cache/redis-nonce-cache.js +53 -0
package/dist/compiler/compiler-context.d.ts +23 -0
package/dist/compiler/compiler-context.js +24 -0
package/dist/compiler/config/constants.d.ts +41 -0
package/dist/compiler/config/constants.js +45 -0
package/dist/compiler/config/index.d.ts +252 -0
package/dist/compiler/config/index.js +15 -0
package/dist/compiler/config/injection.d.ts +26 -0
package/dist/compiler/config/injection.js +58 -0
package/dist/compiler/config/schemas/experimental/index.d.ts +91 -0
package/dist/compiler/config/schemas/experimental/index.js +16 -0
package/dist/compiler/config/schemas/experimental/oauth.d.ts +74 -0
package/dist/compiler/config/schemas/experimental/oauth.js +25 -0
package/dist/compiler/config/schemas/index.d.ts +6 -0
package/dist/compiler/config/schemas/index.js +17 -0
package/dist/compiler/config/schemas/paths.d.ts +9 -0
package/dist/compiler/config/schemas/paths.js +12 -0
package/dist/compiler/config/schemas/transport/http.d.ts +82 -0
package/dist/compiler/config/schemas/transport/http.js +33 -0
package/dist/compiler/config/schemas/transport/stdio.d.ts +9 -0
package/dist/compiler/config/schemas/transport/stdio.js +15 -0
package/dist/compiler/config/schemas/webpack.d.ts +3 -0
package/dist/compiler/config/schemas/webpack.js +15 -0
package/dist/compiler/config/types.d.ts +1 -0
package/dist/compiler/config/types.js +2 -0
package/dist/compiler/config/utils.d.ts +20 -0
package/dist/compiler/config/utils.js +36 -0
package/dist/compiler/generate-env-code.d.ts +1 -0
package/dist/compiler/generate-env-code.js +8 -0
package/dist/compiler/generate-import-code.d.ts +1 -0
package/dist/compiler/generate-import-code.js +24 -0
package/dist/compiler/get-webpack-config/get-entries.d.ts +3 -0
package/dist/compiler/get-webpack-config/get-entries.js +29 -0
package/dist/compiler/get-webpack-config/get-externals.d.ts +7 -0
package/dist/compiler/get-webpack-config/get-externals.js +88 -0
package/dist/compiler/get-webpack-config/get-injected-variables.d.ts +8 -0
package/dist/compiler/get-webpack-config/get-injected-variables.js +25 -0
package/dist/compiler/get-webpack-config/index.d.ts +4 -0
package/dist/compiler/get-webpack-config/index.js +101 -0
package/dist/compiler/get-webpack-config/plugins.d.ts +8 -0
package/dist/compiler/get-webpack-config/plugins.js +132 -0
package/dist/compiler/get-webpack-config/resolve-tsconfig-paths.d.ts +9 -0
package/dist/compiler/get-webpack-config/resolve-tsconfig-paths.js +40 -0
package/dist/compiler/index.d.ts +6 -0
package/dist/compiler/index.js +194 -0
package/dist/compiler/on-first-build.d.ts +3 -0
package/dist/compiler/on-first-build.js +58 -0
package/dist/compiler/parse-xmcp-config.d.ts +9 -0
package/dist/compiler/parse-xmcp-config.js +155 -0
package/dist/compiler/start-http-server.d.ts +1 -0
package/dist/compiler/start-http-server.js +34 -0
package/dist/index.d.ts +12 -54
package/dist/index.js +22 -190
package/dist/index.js.LICENSE.txt +49 -0
package/dist/runtime/__tests__/audit.test.d.ts +4 -0
package/dist/runtime/__tests__/audit.test.js +328 -0
package/dist/runtime/__tests__/identity.test.d.ts +4 -0
package/dist/runtime/__tests__/identity.test.js +164 -0
package/dist/runtime/__tests__/mcpi-runtime.test.d.ts +4 -0
package/dist/runtime/__tests__/mcpi-runtime.test.js +372 -0
package/dist/runtime/__tests__/proof.test.d.ts +4 -0
package/dist/runtime/__tests__/proof.test.js +302 -0
package/dist/runtime/__tests__/session.test.d.ts +4 -0
package/dist/runtime/__tests__/session.test.js +254 -0
package/dist/runtime/__tests__/well-known.test.d.ts +4 -0
package/dist/runtime/__tests__/well-known.test.js +312 -0
package/dist/runtime/adapter-express.js +2 -0
package/dist/runtime/adapter-express.js.LICENSE.txt +252 -0
package/dist/runtime/adapter-nextjs.js +2 -0
package/dist/runtime/adapter-nextjs.js.LICENSE.txt +53 -0
package/dist/runtime/adapters/express/index.d.ts +2 -0
package/dist/runtime/adapters/express/index.js +48 -0
package/dist/runtime/adapters/nextjs/index.d.ts +8 -0
package/dist/runtime/adapters/nextjs/index.js +18 -0
package/dist/runtime/audit.d.ts +93 -0
package/dist/runtime/audit.js +212 -0
package/dist/runtime/debug.d.ts +118 -0
package/dist/runtime/debug.js +612 -0
package/dist/runtime/delegation-hooks.d.ts +85 -0
package/dist/runtime/delegation-hooks.js +116 -0
package/dist/runtime/demo.d.ts +71 -0
package/dist/runtime/demo.js +135 -0
package/dist/runtime/headers.d.ts +1 -0
package/dist/runtime/headers.js +9 -0
package/dist/runtime/http.js +2 -0
package/dist/runtime/http.js.LICENSE.txt +252 -0
package/dist/runtime/identity.d.ts +105 -0
package/dist/runtime/identity.js +232 -0
package/dist/runtime/index.d.ts +16 -0
package/dist/runtime/index.js +56 -0
package/dist/runtime/mcpi-runtime.d.ts +164 -0
package/dist/runtime/mcpi-runtime.js +352 -0
package/dist/runtime/proof.d.ts +87 -0
package/dist/runtime/proof.js +223 -0
package/dist/runtime/session.d.ts +88 -0
package/dist/runtime/session.js +216 -0
package/dist/runtime/stdio.js +2 -0
package/dist/runtime/stdio.js.LICENSE.txt +1 -0
package/dist/runtime/templates/home.d.ts +2 -0
package/dist/runtime/templates/home.js +50 -0
package/dist/runtime/transports/http/base-streamable-http.d.ts +25 -0
package/dist/runtime/transports/http/base-streamable-http.js +16 -0
package/dist/runtime/transports/http/http-context.d.ts +9 -0
package/dist/runtime/transports/http/http-context.js +8 -0
package/dist/runtime/transports/http/index.d.ts +1 -0
package/dist/runtime/transports/http/index.js +55 -0
package/dist/runtime/transports/http/setup-cors.d.ts +4 -0
package/dist/runtime/transports/http/setup-cors.js +24 -0
package/dist/runtime/transports/http/stateless-streamable-http.d.ts +39 -0
package/dist/runtime/transports/http/stateless-streamable-http.js +331 -0
package/dist/runtime/transports/stdio/index.d.ts +1 -0
package/dist/runtime/transports/stdio/index.js +51 -0
package/dist/runtime/utils/server.d.ts +42 -0
package/dist/runtime/utils/server.js +39 -0
package/dist/runtime/utils/tools.d.ts +8 -0
package/dist/runtime/utils/tools.js +115 -0
package/dist/runtime/verifier-middleware.d.ts +76 -0
package/dist/runtime/verifier-middleware.js +322 -0
package/dist/runtime/well-known.d.ts +151 -0
package/dist/runtime/well-known.js +258 -0
package/dist/storage/config.d.ts +28 -0
package/dist/storage/config.js +79 -0
package/dist/storage/delegation.d.ts +59 -0
package/dist/storage/delegation.js +130 -0
package/dist/storage/merkle-verifier.d.ts +84 -0
package/dist/storage/merkle-verifier.js +261 -0
package/dist/test/__tests__/nonce-cache-integration.test.d.ts +1 -0
package/dist/test/__tests__/nonce-cache-integration.test.js +116 -0
package/dist/test/__tests__/nonce-cache.test.d.ts +1 -0
package/dist/test/__tests__/nonce-cache.test.js +122 -0
package/dist/test/__tests__/runtime-integration.test.d.ts +4 -0
package/dist/test/__tests__/runtime-integration.test.js +192 -0
package/dist/test/__tests__/test-infrastructure.test.d.ts +4 -0
package/dist/test/__tests__/test-infrastructure.test.js +178 -0
package/dist/test/deterministic-keys.d.ts +31 -0
package/dist/test/deterministic-keys.js +108 -0
package/dist/test/examples/test-usage-example.d.ts +140 -0
package/dist/test/examples/test-usage-example.js +175 -0
package/dist/test/index.d.ts +11 -0
package/dist/test/index.js +27 -0
package/dist/test/local-verification.d.ts +28 -0
package/dist/test/local-verification.js +342 -0
package/dist/test/mock-identity-provider.d.ts +96 -0
package/dist/test/mock-identity-provider.js +243 -0
package/dist/test/runtime-integration.d.ts +63 -0
package/dist/test/runtime-integration.js +140 -0
package/dist/test/test-environment.d.ts +26 -0
package/dist/test/test-environment.js +50 -0
package/dist/types/declarations.d.ts +1 -0
package/dist/types/declarations.js +6 -0
package/dist/types/middleware.d.ts +2 -0
package/dist/types/middleware.js +2 -0
package/dist/types/tool.d.ts +80 -0
package/dist/types/tool.js +2 -0
package/dist/utils/cli-icons.d.ts +3 -0
package/dist/utils/cli-icons.js +7 -0
package/dist/utils/constants.d.ts +6 -0
package/dist/utils/constants.js +13 -0
package/dist/utils/context.d.ts +33 -0
package/dist/utils/context.js +58 -0
package/dist/utils/file-watcher.d.ts +19 -0
package/dist/utils/file-watcher.js +49 -0
package/dist/utils/fs-utils.d.ts +2 -0
package/dist/utils/fs-utils.js +22 -0
package/dist/utils/path-validation.d.ts +3 -0
package/dist/utils/path-validation.js +56 -0
package/dist/utils/spawn-process.d.ts +9 -0
package/dist/utils/spawn-process.js +50 -0
package/dist/utils/subscribable.d.ts +12 -0
package/dist/utils/subscribable.js +44 -0
package/package.json +99 -21
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1

package/dist/test/__tests__/nonce-cache.test.js ADDED Viewed

@@ -0,0 +1,122 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const memory_nonce_cache_js_1 = require("../../cache/memory-nonce-cache.js");
+const nonce_cache_factory_js_1 = require("../../cache/nonce-cache-factory.js");
+(0, vitest_1.describe)("NonceCache", () => {
+    (0, vitest_1.describe)("MemoryNonceCache", () => {
+        let cache;
+        (0, vitest_1.beforeEach)(() => {
+            cache = new memory_nonce_cache_js_1.MemoryNonceCache();
+        });
+        (0, vitest_1.it)("should not find non-existent nonce", async () => {
+            const exists = await cache.has("non-existent-nonce");
+            (0, vitest_1.expect)(exists).toBe(false);
+        });
+        (0, vitest_1.it)("should add and find nonce", async () => {
+            const nonce = "test-nonce-123";
+            await cache.add(nonce, 60); // 60 seconds TTL
+            const exists = await cache.has(nonce);
+            (0, vitest_1.expect)(exists).toBe(true);
+        });
+        (0, vitest_1.it)("should prevent replay attacks by rejecting duplicate nonces", async () => {
+            const nonce = "duplicate-nonce";
+            await cache.add(nonce, 60);
+            await (0, vitest_1.expect)(cache.add(nonce, 60)).rejects.toThrow("Nonce duplicate-nonce already exists - potential replay attack");
+        });
+        (0, vitest_1.it)("should expire nonces after TTL", async () => {
+            const nonce = "expiring-nonce";
+            await cache.add(nonce, 0.1); // 0.1 seconds TTL
+            // Should exist immediately
+            (0, vitest_1.expect)(await cache.has(nonce)).toBe(true);
+            // Wait for expiry
+            await new Promise((resolve) => setTimeout(resolve, 150));
+            // Should be expired
+            (0, vitest_1.expect)(await cache.has(nonce)).toBe(false);
+        });
+        (0, vitest_1.it)("should clean up expired entries", async () => {
+            const nonce1 = "nonce-1";
+            const nonce2 = "nonce-2";
+            await cache.add(nonce1, 0.1); // Short TTL
+            await cache.add(nonce2, 60); // Long TTL
+            // Wait for first nonce to expire
+            await new Promise((resolve) => setTimeout(resolve, 150));
+            await cache.cleanup();
+            (0, vitest_1.expect)(await cache.has(nonce1)).toBe(false);
+            (0, vitest_1.expect)(await cache.has(nonce2)).toBe(true);
+        });
+        (0, vitest_1.it)("should handle atomic add-if-absent semantics", async () => {
+            const nonce = "atomic-test";
+            // First add should succeed
+            await (0, vitest_1.expect)(cache.add(nonce, 60)).resolves.not.toThrow();
+            // Second add should fail
+            await (0, vitest_1.expect)(cache.add(nonce, 60)).rejects.toThrow("potential replay attack");
+        });
+    });
+    (0, vitest_1.describe)("Cache Type Detection", () => {
+        (0, vitest_1.beforeEach)(() => {
+            // Clear environment variables
+            delete process.env.mcpi_NONCE_CACHE_TYPE;
+            delete process.env.REDIS_URL;
+            delete process.env.mcpi_REDIS_URL;
+            delete process.env.AWS_REGION;
+            delete process.env.mcpi_DYNAMODB_TABLE;
+        });
+        (0, vitest_1.it)("should detect memory cache by default", () => {
+            const type = (0, nonce_cache_factory_js_1.detectCacheType)();
+            (0, vitest_1.expect)(type).toBe("memory");
+        });
+        (0, vitest_1.it)("should detect redis when REDIS_URL is set", () => {
+            process.env.REDIS_URL = "redis://localhost:6379";
+            const type = (0, nonce_cache_factory_js_1.detectCacheType)();
+            (0, vitest_1.expect)(type).toBe("redis");
+        });
+        (0, vitest_1.it)("should detect dynamodb when AWS_REGION is set", () => {
+            process.env.AWS_REGION = "us-east-1";
+            const type = (0, nonce_cache_factory_js_1.detectCacheType)();
+            (0, vitest_1.expect)(type).toBe("dynamodb");
+        });
+        (0, vitest_1.it)("should respect explicit cache type configuration", () => {
+            process.env.REDIS_URL = "redis://localhost:6379"; // This would normally trigger redis
+            process.env.mcpi_NONCE_CACHE_TYPE = "memory";
+            const type = (0, nonce_cache_factory_js_1.detectCacheType)();
+            (0, vitest_1.expect)(type).toBe("memory");
+        });
+    });
+    (0, vitest_1.describe)("Cache Factory", () => {
+        (0, vitest_1.it)("should create memory cache by default", async () => {
+            const cache = await (0, nonce_cache_factory_js_1.createNonceCache)();
+            (0, vitest_1.expect)(cache).toBeInstanceOf(memory_nonce_cache_js_1.MemoryNonceCache);
+        });
+        (0, vitest_1.it)("should create memory cache when redis connection fails", async () => {
+            // Mock console.warn to avoid noise in tests
+            const warnSpy = vitest_1.vi.spyOn(console, "warn").mockImplementation(() => { });
+            const cache = await (0, nonce_cache_factory_js_1.createNonceCache)({
+                type: "redis",
+                redis: { url: "redis://invalid-host:6379", keyPrefix: "test:" },
+            });
+            (0, vitest_1.expect)(cache).toBeInstanceOf(memory_nonce_cache_js_1.MemoryNonceCache);
+            // Check that we got a warning about Redis failure (the exact message may vary)
+            (0, vitest_1.expect)(warnSpy).toHaveBeenCalledWith(vitest_1.expect.stringContaining("Failed to"), vitest_1.expect.anything());
+            warnSpy.mockRestore();
+        });
+        (0, vitest_1.it)("should handle missing configuration gracefully", async () => {
+            const warnSpy = vitest_1.vi.spyOn(console, "warn").mockImplementation(() => { });
+            const cache = await (0, nonce_cache_factory_js_1.createNonceCache)({
+                type: "dynamodb",
+                // Missing tableName
+            });
+            (0, vitest_1.expect)(cache).toBeInstanceOf(memory_nonce_cache_js_1.MemoryNonceCache);
+            (0, vitest_1.expect)(warnSpy).toHaveBeenCalledWith(vitest_1.expect.stringContaining("DynamoDB table name not found"));
+            warnSpy.mockRestore();
+        });
+    });
+    (0, vitest_1.describe)("Multi-instance Warning", () => {
+        (0, vitest_1.it)("should warn about multi-instance limitations for memory cache", () => {
+            const warnSpy = vitest_1.vi.spyOn(console, "warn").mockImplementation(() => { });
+            new memory_nonce_cache_js_1.MemoryNonceCache();
+            (0, vitest_1.expect)(warnSpy).toHaveBeenCalledWith(vitest_1.expect.stringContaining("not suitable for multi-instance deployments"));
+            warnSpy.mockRestore();
+        });
+    });
+});

package/dist/test/__tests__/runtime-integration.test.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+/**
+ * Runtime integration tests
+ */
+export {};

package/dist/test/__tests__/runtime-integration.test.js ADDED Viewed

@@ -0,0 +1,192 @@
+"use strict";
+/**
+ * Runtime integration tests
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const test_environment_js_1 = require("../test-environment.js");
+const mock_identity_provider_js_1 = require("../mock-identity-provider.js");
+const runtime_integration_js_1 = require("../runtime-integration.js");
+const test_1 = require("@kya-os/contracts/test");
+(0, vitest_1.describe)("Runtime Integration", () => {
+    (0, vitest_1.beforeEach)(() => {
+        (0, test_environment_js_1.configureTestEnvironment)({ seed: "runtime-test" });
+        (0, mock_identity_provider_js_1.resetMockIdentityProvider)();
+    });
+    (0, vitest_1.describe)("Test Runtime Configuration", () => {
+        (0, vitest_1.it)("should provide test runtime config in test mode", () => {
+            const config = (0, runtime_integration_js_1.getTestRuntimeConfig)();
+            (0, vitest_1.expect)(config).toBeDefined();
+            (0, vitest_1.expect)(config?.skipKTACalls).toBe(true);
+            (0, vitest_1.expect)(config?.useMockIdentities).toBe(true);
+            (0, vitest_1.expect)(config?.deterministicKeys).toBe(true);
+            (0, vitest_1.expect)(config?.mockKTAResponses).toBe(true);
+        });
+        (0, vitest_1.it)("should return null config outside test mode", () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            const config = (0, runtime_integration_js_1.getTestRuntimeConfig)();
+            (0, vitest_1.expect)(config).toBeNull();
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+    });
+    (0, vitest_1.describe)("KTA Call Interception", () => {
+        (0, vitest_1.it)("should intercept register calls", async () => {
+            const result = await (0, runtime_integration_js_1.interceptKTACall)("register", async () => {
+                throw new Error("Should not call original");
+            });
+            (0, vitest_1.expect)(result).toMatchObject({
+                success: true,
+                agentURL: vitest_1.expect.stringContaining("test-kta.example.com"),
+                conformanceCapabilities: ["handshake", "signing", "verification"],
+            });
+        });
+        (0, vitest_1.it)("should intercept delegation checks", async () => {
+            const result = await (0, runtime_integration_js_1.interceptKTACall)("checkDelegation", async () => {
+                throw new Error("Should not call original");
+            });
+            (0, vitest_1.expect)(result).toMatchObject({
+                status: "active",
+                valid: true,
+            });
+        });
+        (0, vitest_1.it)("should intercept claim calls", async () => {
+            const result = await (0, runtime_integration_js_1.interceptKTACall)("claim", async () => {
+                throw new Error("Should not call original");
+            });
+            (0, vitest_1.expect)(result).toMatchObject({
+                success: true,
+                claimed: true,
+                agentURL: vitest_1.expect.stringContaining("test-kta.example.com"),
+            });
+        });
+        (0, vitest_1.it)("should use custom mock response when provided", async () => {
+            const customResponse = { custom: "response" };
+            const result = await (0, runtime_integration_js_1.interceptKTACall)("register", async () => {
+                throw new Error("Should not call original");
+            }, async () => customResponse);
+            (0, vitest_1.expect)(result).toEqual(customResponse);
+        });
+        (0, vitest_1.it)("should call original function when not in test mode", async () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            let originalCalled = false;
+            await (0, runtime_integration_js_1.interceptKTACall)("register", async () => {
+                originalCalled = true;
+                return { called: true };
+            });
+            (0, vitest_1.expect)(originalCalled).toBe(true);
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+        (0, vitest_1.it)("should throw error for unknown operations", async () => {
+            await (0, vitest_1.expect)((0, runtime_integration_js_1.interceptKTACall)("unknownOperation", async () => ({ success: true }))).rejects.toThrow(test_1.TEST_ERROR_CODES.INVALID_TEST_CONFIGURATION);
+        });
+    });
+    (0, vitest_1.describe)("Test Identity for Runtime", () => {
+        (0, vitest_1.it)("should get test identity for runtime", () => {
+            const identity = (0, runtime_integration_js_1.getTestIdentityForRuntime)("agent1");
+            (0, vitest_1.expect)(identity).toBeDefined();
+            (0, vitest_1.expect)(identity.did).toBeDefined();
+            (0, vitest_1.expect)(identity.keyId).toBeDefined();
+            (0, vitest_1.expect)(identity.privateKey).toBeDefined();
+            (0, vitest_1.expect)(identity.publicKey).toBeDefined();
+        });
+        (0, vitest_1.it)("should throw error for non-existent identity", () => {
+            (0, vitest_1.expect)(() => {
+                (0, runtime_integration_js_1.getTestIdentityForRuntime)("nonexistent");
+            }).toThrow(test_1.TEST_ERROR_CODES.INVALID_TEST_CONFIGURATION);
+        });
+        (0, vitest_1.it)("should throw error outside test mode", () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            (0, vitest_1.expect)(() => {
+                (0, runtime_integration_js_1.getTestIdentityForRuntime)("agent1");
+            }).toThrow(test_1.TEST_ERROR_CODES.INVALID_TEST_CONFIGURATION);
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+    });
+    (0, vitest_1.describe)("Test Session Context", () => {
+        (0, vitest_1.it)("should create test session context with defaults", () => {
+            const context = (0, runtime_integration_js_1.createTestSessionContext)();
+            (0, vitest_1.expect)(context).toMatchObject({
+                sessionId: "sess_test_default",
+                audience: "test.example.com",
+                nonce: "test_nonce_123",
+                timestamp: vitest_1.expect.any(Number),
+                createdAt: vitest_1.expect.any(Number),
+                lastActivity: vitest_1.expect.any(Number),
+                ttlMinutes: 30,
+            });
+        });
+        (0, vitest_1.it)("should create test session context with custom options", () => {
+            const options = {
+                sessionId: "custom_session",
+                audience: "custom.example.com",
+                nonce: "custom_nonce",
+                timestamp: 1234567890,
+            };
+            const context = (0, runtime_integration_js_1.createTestSessionContext)(options);
+            (0, vitest_1.expect)(context).toMatchObject({
+                sessionId: "custom_session",
+                audience: "custom.example.com",
+                nonce: "custom_nonce",
+                timestamp: 1234567890,
+                ttlMinutes: 30,
+            });
+        });
+        (0, vitest_1.it)("should throw error outside test mode", () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            (0, vitest_1.expect)(() => {
+                (0, runtime_integration_js_1.createTestSessionContext)();
+            }).toThrow(test_1.TEST_ERROR_CODES.INVALID_TEST_CONFIGURATION);
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+    });
+    (0, vitest_1.describe)("Test Environment Validation", () => {
+        (0, vitest_1.it)("should validate test environment successfully", () => {
+            const validation = (0, runtime_integration_js_1.validateTestEnvironment)();
+            (0, vitest_1.expect)(validation.valid).toBe(true);
+            (0, vitest_1.expect)(validation.errors).toHaveLength(0);
+        });
+        (0, vitest_1.it)("should detect invalid test environment", () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            const validation = (0, runtime_integration_js_1.validateTestEnvironment)();
+            (0, vitest_1.expect)(validation.valid).toBe(false);
+            (0, vitest_1.expect)(validation.errors).toContain("XMCP_ENV is not set to 'test'");
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+    });
+    (0, vitest_1.describe)("Test Mode Guard", () => {
+        (0, vitest_1.it)("should allow function execution in test mode", () => {
+            const testFunction = (0, runtime_integration_js_1.testModeOnly)(() => "test result");
+            (0, vitest_1.expect)(testFunction()).toBe("test result");
+        });
+        (0, vitest_1.it)("should prevent function execution outside test mode", () => {
+            // Temporarily disable test mode
+            const originalEnv = process.env.XMCP_ENV;
+            process.env.XMCP_ENV = "production";
+            const testFunction = (0, runtime_integration_js_1.testModeOnly)(() => "test result");
+            (0, vitest_1.expect)(() => {
+                testFunction();
+            }).toThrow(test_1.TEST_ERROR_CODES.INVALID_TEST_CONFIGURATION);
+            // Restore test mode
+            process.env.XMCP_ENV = originalEnv;
+        });
+        (0, vitest_1.it)("should preserve function arguments and return types", () => {
+            const testFunction = (0, runtime_integration_js_1.testModeOnly)((a, b) => `${a}-${b}`);
+            (0, vitest_1.expect)(testFunction(42, "test")).toBe("42-test");
+        });
+    });
+});

package/dist/test/__tests__/test-infrastructure.test.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+/**
+ * Test infrastructure validation tests
+ */
+export {};

package/dist/test/__tests__/test-infrastructure.test.js ADDED Viewed

@@ -0,0 +1,178 @@
+"use strict";
+/**
+ * Test infrastructure validation tests
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const test_environment_js_1 = require("../test-environment.js");
+const deterministic_keys_js_1 = require("../deterministic-keys.js");
+const mock_identity_provider_js_1 = require("../mock-identity-provider.js");
+const local_verification_js_1 = require("../local-verification.js");
+const test_1 = require("@kya-os/contracts/test");
+(0, vitest_1.describe)("Test Infrastructure", () => {
+    (0, vitest_1.beforeEach)(() => {
+        // Configure test environment
+        (0, test_environment_js_1.configureTestEnvironment)({ seed: "test-seed" });
+        (0, mock_identity_provider_js_1.resetMockIdentityProvider)();
+    });
+    (0, vitest_1.describe)("Test Environment", () => {
+        (0, vitest_1.it)("should detect test mode", () => {
+            (0, vitest_1.expect)((0, test_environment_js_1.isTestMode)()).toBe(true);
+        });
+        (0, vitest_1.it)("should skip KTA calls in test mode", () => {
+            (0, vitest_1.expect)((0, test_environment_js_1.shouldSkipKTACalls)()).toBe(true);
+        });
+        (0, vitest_1.it)("should configure test environment", () => {
+            (0, test_environment_js_1.configureTestEnvironment)({
+                seed: "custom-seed",
+                skipKTACalls: true,
+            });
+            (0, vitest_1.expect)(process.env.XMCP_TEST_SEED).toBe("custom-seed");
+            (0, vitest_1.expect)(process.env.XMCP_SKIP_KTA_CALLS).toBe("true");
+            (0, vitest_1.expect)(process.env.XMCP_ENV).toBe("test");
+        });
+    });
+    (0, vitest_1.describe)("Deterministic Keys", () => {
+        (0, vitest_1.it)("should generate deterministic key pairs", () => {
+            const keys1 = (0, deterministic_keys_js_1.generateDeterministicKeyPair)("test-seed-1");
+            const keys2 = (0, deterministic_keys_js_1.generateDeterministicKeyPair)("test-seed-1");
+            const keys3 = (0, deterministic_keys_js_1.generateDeterministicKeyPair)("test-seed-2");
+            // Same seed should produce same keys
+            (0, vitest_1.expect)(keys1.privateKey).toBe(keys2.privateKey);
+            (0, vitest_1.expect)(keys1.publicKey).toBe(keys2.publicKey);
+            // Different seed should produce different keys
+            (0, vitest_1.expect)(keys1.privateKey).not.toBe(keys3.privateKey);
+            (0, vitest_1.expect)(keys1.publicKey).not.toBe(keys3.publicKey);
+        });
+        (0, vitest_1.it)("should generate test identities", () => {
+            const identity = (0, deterministic_keys_js_1.generateTestIdentity)("test-identity", {
+                did: test_1.TEST_DIDS.AGENT_1,
+                keyId: test_1.TEST_KEY_IDS.KEY_TEST_1,
+            });
+            (0, vitest_1.expect)(identity.did).toBe(test_1.TEST_DIDS.AGENT_1);
+            (0, vitest_1.expect)(identity.keyId).toBe(test_1.TEST_KEY_IDS.KEY_TEST_1);
+            (0, vitest_1.expect)(identity.privateKey).toBeDefined();
+            (0, vitest_1.expect)(identity.publicKey).toBeDefined();
+            (0, vitest_1.expect)(identity.createdAt).toBeDefined();
+            (0, vitest_1.expect)(identity.lastRotated).toBeDefined();
+        });
+        (0, vitest_1.it)("should provide predefined test identities", () => {
+            const identities = (0, deterministic_keys_js_1.getPredefinedTestIdentities)();
+            (0, vitest_1.expect)(identities.agent1).toBeDefined();
+            (0, vitest_1.expect)(identities.agent2).toBeDefined();
+            (0, vitest_1.expect)(identities.verifier1).toBeDefined();
+            (0, vitest_1.expect)(identities.agent1.did).toBe(test_1.TEST_DIDS.AGENT_1);
+            (0, vitest_1.expect)(identities.agent2.did).toBe(test_1.TEST_DIDS.AGENT_2);
+            (0, vitest_1.expect)(identities.verifier1.did).toBe(test_1.TEST_DIDS.VERIFIER_1);
+        });
+        (0, vitest_1.it)("should generate deterministic nonces", () => {
+            const nonce1 = (0, deterministic_keys_js_1.generateTestNonce)("seed1");
+            const nonce2 = (0, deterministic_keys_js_1.generateTestNonce)("seed1");
+            const nonce3 = (0, deterministic_keys_js_1.generateTestNonce)("seed2");
+            (0, vitest_1.expect)(nonce1).toBe(nonce2);
+            (0, vitest_1.expect)(nonce1).not.toBe(nonce3);
+        });
+        (0, vitest_1.it)("should generate deterministic session IDs", () => {
+            const sessionId1 = (0, deterministic_keys_js_1.generateTestSessionId)("seed1");
+            const sessionId2 = (0, deterministic_keys_js_1.generateTestSessionId)("seed1");
+            const sessionId3 = (0, deterministic_keys_js_1.generateTestSessionId)("seed2");
+            (0, vitest_1.expect)(sessionId1).toBe(sessionId2);
+            (0, vitest_1.expect)(sessionId1).not.toBe(sessionId3);
+            (0, vitest_1.expect)(sessionId1).toMatch(/^sess_test_/);
+        });
+    });
+    (0, vitest_1.describe)("Mock Identity Provider", () => {
+        (0, vitest_1.it)("should create mock identity provider", () => {
+            const provider = new mock_identity_provider_js_1.MockIdentityProvider();
+            const identities = provider.getAllIdentities();
+            (0, vitest_1.expect)(Object.keys(identities)).toContain("agent1");
+            (0, vitest_1.expect)(Object.keys(identities)).toContain("agent2");
+            (0, vitest_1.expect)(Object.keys(identities)).toContain("verifier1");
+        });
+        (0, vitest_1.it)("should manage identities", () => {
+            const provider = new mock_identity_provider_js_1.MockIdentityProvider();
+            const testIdentity = (0, deterministic_keys_js_1.generateTestIdentity)("custom-test");
+            provider.setIdentity("custom", testIdentity);
+            const retrieved = provider.getIdentity("custom");
+            (0, vitest_1.expect)(retrieved).toEqual(testIdentity);
+        });
+        (0, vitest_1.it)("should manage delegation status", () => {
+            const provider = new mock_identity_provider_js_1.MockIdentityProvider();
+            provider.setDelegation("did:test:agent-1:key-test-1", "active");
+            (0, vitest_1.expect)(provider.getDelegationStatus("did:test:agent-1", "key-test-1")).toBe("active");
+            provider.setDelegation("did:test:agent-1:key-test-1", "revoked");
+            (0, vitest_1.expect)(provider.getDelegationStatus("did:test:agent-1", "key-test-1")).toBe("revoked");
+        });
+        (0, vitest_1.it)("should simulate KTA failures", () => {
+            const provider = new mock_identity_provider_js_1.MockIdentityProvider();
+            provider.simulateKTAFailure("network");
+            (0, vitest_1.expect)(provider.shouldSimulateKTAFailure("network")).toBe(true);
+            (0, vitest_1.expect)(provider.shouldSimulateKTAFailure("auth")).toBe(false);
+            provider.clearKTAFailure("network");
+            (0, vitest_1.expect)(provider.shouldSimulateKTAFailure("network")).toBe(false);
+        });
+        (0, vitest_1.it)("should mock registration calls", async () => {
+            const provider = new mock_identity_provider_js_1.MockIdentityProvider();
+            // Success case
+            const result = await provider.mockRegister("did:test:agent-1", "key-test-1");
+            (0, vitest_1.expect)(result.success).toBe(true);
+            (0, vitest_1.expect)(result.agentURL).toContain("agent-1");
+            // Failure case
+            provider.simulateKTAFailure("auth");
+            const failResult = await provider.mockRegister("did:test:agent-1", "key-test-1");
+            (0, vitest_1.expect)(failResult.success).toBe(false);
+            (0, vitest_1.expect)(failResult.error).toBeDefined();
+        });
+        (0, vitest_1.it)("should use global provider", () => {
+            const provider1 = (0, mock_identity_provider_js_1.getMockIdentityProvider)();
+            const provider2 = (0, mock_identity_provider_js_1.getMockIdentityProvider)();
+            (0, vitest_1.expect)(provider1).toBe(provider2);
+            provider1.setIdentity("test", (0, deterministic_keys_js_1.generateTestIdentity)("test"));
+            (0, vitest_1.expect)(provider2.getIdentity("test")).toBeDefined();
+        });
+    });
+    (0, vitest_1.describe)("Local Verification", () => {
+        (0, vitest_1.it)("should verify mock proofs locally", async () => {
+            const mockProof = (0, local_verification_js_1.createMockProof)({
+                did: test_1.TEST_DIDS.AGENT_1,
+                keyId: test_1.TEST_KEY_IDS.KEY_TEST_1,
+            });
+            const result = await (0, local_verification_js_1.verifyProofLocally)(mockProof);
+            (0, vitest_1.expect)(result.valid).toBe(true);
+            (0, vitest_1.expect)(result.did).toBe(test_1.TEST_DIDS.AGENT_1);
+            (0, vitest_1.expect)(result.keyId).toBe(test_1.TEST_KEY_IDS.KEY_TEST_1);
+            (0, vitest_1.expect)(result.signature.valid).toBe(true);
+            (0, vitest_1.expect)(result.proof.valid).toBe(true);
+            (0, vitest_1.expect)(result.session.valid).toBe(true);
+        });
+        (0, vitest_1.it)("should detect invalid proofs", async () => {
+            const invalidProof = {
+                jws: "invalid-signature",
+                meta: {
+                    did: "invalid-did",
+                    kid: "invalid-key",
+                    ts: Date.now() / 1000,
+                    nonce: "test-nonce",
+                    audience: "test.example.com",
+                    sessionId: "sess_test",
+                    requestHash: "sha256:invalid",
+                    responseHash: "sha256:invalid",
+                },
+            };
+            const result = await (0, local_verification_js_1.verifyProofLocally)(invalidProof);
+            (0, vitest_1.expect)(result.valid).toBe(false);
+            (0, vitest_1.expect)(result.errors.length).toBeGreaterThan(0);
+        });
+        (0, vitest_1.it)("should verify DID documents locally", async () => {
+            const result = await (0, local_verification_js_1.verifyDIDDocumentLocally)(test_1.TEST_DIDS.AGENT_1);
+            (0, vitest_1.expect)(result.valid).toBe(true);
+            (0, vitest_1.expect)(result.document).toBeDefined();
+            (0, vitest_1.expect)(result.document.id).toBe(test_1.TEST_DIDS.AGENT_1);
+        });
+        (0, vitest_1.it)("should handle missing DID documents", async () => {
+            const result = await (0, local_verification_js_1.verifyDIDDocumentLocally)("did:test:nonexistent");
+            (0, vitest_1.expect)(result.valid).toBe(false);
+            (0, vitest_1.expect)(result.error).toContain("No identity found");
+        });
+    });
+});

package/dist/test/deterministic-keys.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/**
+ * Deterministic key generation for testing
+ */
+import { type MockIdentity } from "@kya-os/contracts/test";
+/**
+ * Generate deterministic Ed25519 key pair from seed
+ */
+export declare function generateDeterministicKeyPair(seed: string): {
+    privateKey: string;
+    publicKey: string;
+};
+/**
+ * Generate test identity with deterministic keys
+ */
+export declare function generateTestIdentity(testName: string, options?: {
+    did?: string;
+    keyId?: string;
+    seed?: string;
+}): MockIdentity;
+/**
+ * Get predefined test identities
+ */
+export declare function getPredefinedTestIdentities(): Record<string, MockIdentity>;
+/**
+ * Generate nonce for testing (deterministic if seed provided)
+ */
+export declare function generateTestNonce(seed?: string): string;
+/**
+ * Generate session ID for testing (deterministic if seed provided)
+ */
+export declare function generateTestSessionId(seed?: string): string;

package/dist/test/deterministic-keys.js ADDED Viewed

@@ -0,0 +1,108 @@
+"use strict";
+/**
+ * Deterministic key generation for testing
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateDeterministicKeyPair = generateDeterministicKeyPair;
+exports.generateTestIdentity = generateTestIdentity;
+exports.getPredefinedTestIdentities = getPredefinedTestIdentities;
+exports.generateTestNonce = generateTestNonce;
+exports.generateTestSessionId = generateTestSessionId;
+const crypto_1 = require("crypto");
+const test_1 = require("@kya-os/contracts/test");
+const test_environment_1 = require("./test-environment");
+/**
+ * Generate deterministic Ed25519 key pair from seed
+ */
+function generateDeterministicKeyPair(seed) {
+    (0, test_environment_1.ensureTestMode)();
+    try {
+        // Create deterministic seed by hashing the input
+        const hash = (0, crypto_1.createHash)("sha256").update(seed).digest();
+        // For testing, we'll use the hash as a mock private key
+        // In a real implementation, this would use proper Ed25519 key derivation
+        const privateKey = hash.toString("base64");
+        // Generate a mock public key by hashing the private key
+        const publicKey = (0, crypto_1.createHash)("sha256")
+            .update(privateKey)
+            .digest()
+            .toString("base64");
+        return {
+            privateKey,
+            publicKey,
+        };
+    }
+    catch (error) {
+        throw new Error(`${test_1.TEST_ERROR_CODES.DETERMINISTIC_KEY_GENERATION_FAILED}: ${error instanceof Error ? error.message : "Unknown error"}`);
+    }
+}
+/**
+ * Generate test identity with deterministic keys
+ */
+function generateTestIdentity(testName, options = {}) {
+    (0, test_environment_1.ensureTestMode)();
+    const seed = options.seed || (0, test_environment_1.getCurrentTestSeed)(testName);
+    const did = options.did || test_1.TEST_DIDS.AGENT_1;
+    const keyId = options.keyId || test_1.TEST_KEY_IDS.KEY_TEST_1;
+    const { privateKey, publicKey } = generateDeterministicKeyPair(`${seed}-${testName}-${did}-${keyId}`);
+    const now = new Date().toISOString();
+    return {
+        did,
+        keyId,
+        privateKey,
+        publicKey,
+        createdAt: now,
+        lastRotated: now,
+    };
+}
+/**
+ * Get predefined test identities
+ */
+function getPredefinedTestIdentities() {
+    (0, test_environment_1.ensureTestMode)();
+    return {
+        agent1: generateTestIdentity("agent1", {
+            did: test_1.TEST_DIDS.AGENT_1,
+            keyId: test_1.TEST_KEY_IDS.KEY_TEST_1,
+        }),
+        agent2: generateTestIdentity("agent2", {
+            did: test_1.TEST_DIDS.AGENT_2,
+            keyId: test_1.TEST_KEY_IDS.KEY_TEST_2,
+        }),
+        verifier1: generateTestIdentity("verifier1", {
+            did: test_1.TEST_DIDS.VERIFIER_1,
+            keyId: test_1.TEST_KEY_IDS.KEY_VERIFIER_1,
+        }),
+    };
+}
+/**
+ * Generate nonce for testing (deterministic if seed provided)
+ */
+function generateTestNonce(seed) {
+    (0, test_environment_1.ensureTestMode)();
+    if (seed) {
+        // Deterministic nonce for reproducible tests
+        return (0, crypto_1.createHash)("sha256")
+            .update(`nonce-${seed}-${(0, test_environment_1.getCurrentTestSeed)()}`)
+            .digest()
+            .subarray(0, 16)
+            .toString("base64url");
+    }
+    // Random nonce for general testing
+    return (0, crypto_1.randomBytes)(16).toString("base64url");
+}
+/**
+ * Generate session ID for testing (deterministic if seed provided)
+ */
+function generateTestSessionId(seed) {
+    (0, test_environment_1.ensureTestMode)();
+    if (seed) {
+        // Deterministic session ID for reproducible tests
+        return `sess_test_${(0, crypto_1.createHash)("sha256")
+            .update(`session-${seed}-${(0, test_environment_1.getCurrentTestSeed)()}`)
+            .digest("hex")
+            .substring(0, 16)}`;
+    }
+    // Random session ID for general testing
+    return `sess_test_${(0, crypto_1.randomBytes)(8).toString("hex")}`;
+}