@leanmcp/auth 0.4.2 → 0.4.4-alpha.6.6dae082
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -23
- package/dist/{auth0-UTD4QBG6.mjs → auth0-DWCHZ7IN.mjs} +1 -1
- package/dist/{chunk-RGCCBQWG.mjs → chunk-MXTUNMHA.mjs} +4 -4
- package/dist/{chunk-P4HFKA5R.mjs → chunk-ZJYMG6ZM.mjs} +4 -4
- package/dist/{clerk-3SDKGD6C.mjs → clerk-YVTZMRLF.mjs} +1 -1
- package/dist/client/index.d.mts +499 -0
- package/dist/client/index.d.ts +499 -0
- package/dist/client/index.js +56 -56
- package/dist/client/index.mjs +53 -53
- package/dist/{cognito-QQT7LK2Y.mjs → cognito-XKPEG6UH.mjs} +1 -1
- package/dist/index.d.mts +181 -0
- package/dist/index.d.ts +181 -0
- package/dist/index.js +8 -8
- package/dist/index.mjs +1 -1
- package/dist/{leanmcp-Y7TXNSTD.mjs → leanmcp-73RUGZ2B.mjs} +9 -9
- package/dist/proxy/index.d.mts +376 -0
- package/dist/proxy/index.d.ts +376 -0
- package/dist/proxy/index.js +36 -36
- package/dist/proxy/index.mjs +36 -36
- package/dist/server/index.d.mts +496 -0
- package/dist/server/index.d.ts +496 -0
- package/dist/server/index.js +69 -69
- package/dist/server/index.mjs +69 -69
- package/dist/storage/index.d.mts +181 -0
- package/dist/storage/index.d.ts +181 -0
- package/dist/storage/index.js +24 -24
- package/dist/storage/index.mjs +21 -21
- package/dist/types-DMpGN530.d.mts +122 -0
- package/dist/types-DMpGN530.d.ts +122 -0
- package/package.json +2 -1
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Token Storage Types
|
|
3
|
+
*
|
|
4
|
+
* Defines interfaces for storing OAuth tokens across different backends
|
|
5
|
+
* (memory, file, keychain, browser localStorage, etc.)
|
|
6
|
+
*/
|
|
7
|
+
/**
|
|
8
|
+
* OAuth 2.0/2.1 token response
|
|
9
|
+
*/
|
|
10
|
+
interface OAuthTokens {
|
|
11
|
+
/** The access token issued by the authorization server */
|
|
12
|
+
access_token: string;
|
|
13
|
+
/** Token type (usually "Bearer") */
|
|
14
|
+
token_type: string;
|
|
15
|
+
/** Lifetime in seconds of the access token */
|
|
16
|
+
expires_in?: number;
|
|
17
|
+
/** Refresh token for obtaining new access tokens */
|
|
18
|
+
refresh_token?: string;
|
|
19
|
+
/** ID token (OpenID Connect) */
|
|
20
|
+
id_token?: string;
|
|
21
|
+
/** Scope granted by the authorization server */
|
|
22
|
+
scope?: string;
|
|
23
|
+
/** Computed: Unix timestamp when token expires */
|
|
24
|
+
expires_at?: number;
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* OAuth client registration information
|
|
28
|
+
* Used for Dynamic Client Registration (RFC 7591)
|
|
29
|
+
*/
|
|
30
|
+
interface ClientRegistration {
|
|
31
|
+
/** OAuth client identifier */
|
|
32
|
+
client_id: string;
|
|
33
|
+
/** OAuth client secret (for confidential clients) */
|
|
34
|
+
client_secret?: string;
|
|
35
|
+
/** Unix timestamp when client secret expires */
|
|
36
|
+
client_secret_expires_at?: number;
|
|
37
|
+
/** Token for accessing registration endpoint */
|
|
38
|
+
registration_access_token?: string;
|
|
39
|
+
/** Client metadata from registration */
|
|
40
|
+
metadata?: Record<string, unknown>;
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Stored session combining tokens and client info
|
|
44
|
+
*/
|
|
45
|
+
interface StoredSession {
|
|
46
|
+
/** Server URL this session is for */
|
|
47
|
+
serverUrl: string;
|
|
48
|
+
/** OAuth tokens */
|
|
49
|
+
tokens: OAuthTokens;
|
|
50
|
+
/** Client registration info (if dynamic registration used) */
|
|
51
|
+
clientInfo?: ClientRegistration;
|
|
52
|
+
/** Unix timestamp when session was created */
|
|
53
|
+
createdAt: number;
|
|
54
|
+
/** Unix timestamp when session was last updated */
|
|
55
|
+
updatedAt: number;
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* Token storage interface
|
|
59
|
+
*
|
|
60
|
+
* Implement this interface to create custom storage backends.
|
|
61
|
+
* All operations should be async to support various backends.
|
|
62
|
+
*/
|
|
63
|
+
interface TokenStorage {
|
|
64
|
+
/**
|
|
65
|
+
* Get stored tokens for a server
|
|
66
|
+
* @param serverUrl - The MCP server URL
|
|
67
|
+
* @returns Tokens if found, null otherwise
|
|
68
|
+
*/
|
|
69
|
+
getTokens(serverUrl: string): Promise<OAuthTokens | null>;
|
|
70
|
+
/**
|
|
71
|
+
* Store tokens for a server
|
|
72
|
+
* @param serverUrl - The MCP server URL
|
|
73
|
+
* @param tokens - OAuth tokens to store
|
|
74
|
+
*/
|
|
75
|
+
setTokens(serverUrl: string, tokens: OAuthTokens): Promise<void>;
|
|
76
|
+
/**
|
|
77
|
+
* Clear tokens for a server
|
|
78
|
+
* @param serverUrl - The MCP server URL
|
|
79
|
+
*/
|
|
80
|
+
clearTokens(serverUrl: string): Promise<void>;
|
|
81
|
+
/**
|
|
82
|
+
* Get stored client registration for a server
|
|
83
|
+
* @param serverUrl - The MCP server URL
|
|
84
|
+
* @returns Client info if found, null otherwise
|
|
85
|
+
*/
|
|
86
|
+
getClientInfo(serverUrl: string): Promise<ClientRegistration | null>;
|
|
87
|
+
/**
|
|
88
|
+
* Store client registration for a server
|
|
89
|
+
* @param serverUrl - The MCP server URL
|
|
90
|
+
* @param info - Client registration info
|
|
91
|
+
*/
|
|
92
|
+
setClientInfo(serverUrl: string, info: ClientRegistration): Promise<void>;
|
|
93
|
+
/**
|
|
94
|
+
* Clear client registration for a server
|
|
95
|
+
* @param serverUrl - The MCP server URL
|
|
96
|
+
*/
|
|
97
|
+
clearClientInfo(serverUrl: string): Promise<void>;
|
|
98
|
+
/**
|
|
99
|
+
* Clear all stored data
|
|
100
|
+
*/
|
|
101
|
+
clearAll(): Promise<void>;
|
|
102
|
+
/**
|
|
103
|
+
* Get all stored sessions (optional)
|
|
104
|
+
* @returns Array of stored sessions
|
|
105
|
+
*/
|
|
106
|
+
getAllSessions?(): Promise<StoredSession[]>;
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* Check if tokens are expired or about to expire
|
|
110
|
+
* @param tokens - OAuth tokens to check
|
|
111
|
+
* @param bufferSeconds - Seconds before expiry to consider expired (default: 60)
|
|
112
|
+
* @returns True if tokens are expired or will expire within buffer
|
|
113
|
+
*/
|
|
114
|
+
declare function isTokenExpired(tokens: OAuthTokens, bufferSeconds?: number): boolean;
|
|
115
|
+
/**
|
|
116
|
+
* Compute expires_at from expires_in if not present
|
|
117
|
+
* @param tokens - OAuth tokens to enhance
|
|
118
|
+
* @returns Tokens with expires_at computed
|
|
119
|
+
*/
|
|
120
|
+
declare function withExpiresAt(tokens: OAuthTokens): OAuthTokens;
|
|
121
|
+
|
|
122
|
+
export { type ClientRegistration as C, type OAuthTokens as O, type StoredSession as S, type TokenStorage as T, isTokenExpired as i, withExpiresAt as w };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@leanmcp/auth",
|
|
3
|
-
"version": "0.4.
|
|
3
|
+
"version": "0.4.4-alpha.6.6dae082",
|
|
4
4
|
"description": "Authentication and identity module with OAuth 2.1 client, token storage, and multiple providers",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.mjs",
|
|
@@ -48,6 +48,7 @@
|
|
|
48
48
|
"reflect-metadata": "^0.2.1"
|
|
49
49
|
},
|
|
50
50
|
"devDependencies": {
|
|
51
|
+
"@leanmcp/env-injection": "^0.1.0",
|
|
51
52
|
"@types/jest": "^29.5.0",
|
|
52
53
|
"@types/jsonwebtoken": "^9.0.10",
|
|
53
54
|
"@types/jwk-to-pem": "^2.0.3",
|