@leanmcp/auth 0.4.3 → 0.4.4-alpha.8.f4673cd

package/dist/{auth0-UTD4QBG6.mjs → auth0-DWCHZ7IN.mjs}

@@ -1,6 +1,6 @@
 import {
   AuthProviderBase
-} from "./chunk-P4HFKA5R.mjs";
+} from "./chunk-ZJYMG6ZM.mjs";
 import {
   __name
 } from "./chunk-LPEX4YW6.mjs";

package/dist/{chunk-RGCCBQWG.mjs → chunk-MXTUNMHA.mjs}

@@ -31,14 +31,14 @@ var MemoryStorage = class {
   tokens = /* @__PURE__ */ new Map();
   clients = /* @__PURE__ */ new Map();
   /**
-   * Normalize server URL for consistent key lookup
-   */
+  * Normalize server URL for consistent key lookup
+  */
   normalizeUrl(serverUrl) {
     return serverUrl.replace(/\/+$/, "").toLowerCase();
   }
   /**
-   * Check if an entry is expired
-   */
+  * Check if an entry is expired
+  */
   isExpired(entry) {
     if (!entry) return true;
     if (!entry.expiresAt) return false;

package/dist/{chunk-P4HFKA5R.mjs → chunk-ZJYMG6ZM.mjs}

@@ -176,25 +176,25 @@ var AuthProvider = class extends AuthProviderBase {
     const finalConfig = config || this.config;
     switch (this.providerType) {
       case "cognito": {
-        const { AuthCognito } = await import("./cognito-QQT7LK2Y.mjs");
+        const { AuthCognito } = await import("./cognito-XKPEG6UH.mjs");
         this.providerInstance = new AuthCognito();
         await this.providerInstance.init(finalConfig);
         break;
       }
       case "auth0": {
-        const { AuthAuth0 } = await import("./auth0-UTD4QBG6.mjs");
+        const { AuthAuth0 } = await import("./auth0-DWCHZ7IN.mjs");
         this.providerInstance = new AuthAuth0();
         await this.providerInstance.init(finalConfig);
         break;
       }
       case "clerk": {
-        const { AuthClerk } = await import("./clerk-3SDKGD6C.mjs");
+        const { AuthClerk } = await import("./clerk-YVTZMRLF.mjs");
         this.providerInstance = new AuthClerk();
         await this.providerInstance.init(finalConfig);
         break;
       }
       case "leanmcp": {
-        const { AuthLeanmcp } = await import("./leanmcp-Y7TXNSTD.mjs");
+        const { AuthLeanmcp } = await import("./leanmcp-73RUGZ2B.mjs");
         this.providerInstance = new AuthLeanmcp();
         await this.providerInstance.init(finalConfig);
         break;

package/dist/{clerk-3SDKGD6C.mjs → clerk-YVTZMRLF.mjs}

@@ -1,6 +1,6 @@
 import {
   AuthProviderBase
-} from "./chunk-P4HFKA5R.mjs";
+} from "./chunk-ZJYMG6ZM.mjs";
 import {
   __name
 } from "./chunk-LPEX4YW6.mjs";

package/dist/client/index.js

@@ -292,14 +292,14 @@ var MemoryStorage = class {
   tokens = /* @__PURE__ */ new Map();
   clients = /* @__PURE__ */ new Map();
   /**
-   * Normalize server URL for consistent key lookup
-   */
+  * Normalize server URL for consistent key lookup
+  */
   normalizeUrl(serverUrl) {
     return serverUrl.replace(/\/+$/, "").toLowerCase();
   }
   /**
-   * Check if an entry is expired
-   */
+  * Check if an entry is expired
+  */
   isExpired(entry) {
     if (!entry) return true;
     if (!entry.expiresAt) return false;
@@ -408,8 +408,8 @@ var OAuthClient = class {
     this.preConfiguredClientSecret = options.clientSecret;
   }
   /**
-   * Discover OAuth metadata from .well-known endpoint
-   */
+  * Discover OAuth metadata from .well-known endpoint
+  */
   async discoverMetadata() {
     if (this.metadata) return this.metadata;
     const wellKnownUrl = `${this.serverUrl}/.well-known/oauth-authorization-server`;
@@ -439,8 +439,8 @@ var OAuthClient = class {
     return this.metadata;
   }
   /**
-   * Get or register OAuth client credentials
-   */
+  * Get or register OAuth client credentials
+  */
   async getClientCredentials(redirectUri) {
     if (this.preConfiguredClientId) {
       return {
@@ -486,12 +486,12 @@ var OAuthClient = class {
     return registration;
   }
   /**
-   * Start the browser-based OAuth flow
-   * 
-   * Opens the user's browser to the authorization URL and waits for the callback.
-   * 
-   * @returns OAuth tokens
-   */
+  * Start the browser-based OAuth flow
+  *
+  * Opens the user's browser to the authorization URL and waits for the callback.
+  *
+  * @returns OAuth tokens
+  */
   async authenticate() {
     const existing = await this.storage.getTokens(this.serverUrl);
     if (existing && !isTokenExpired(existing, this.refreshBuffer)) {
@@ -548,8 +548,8 @@ ${authUrl.toString()}
     }
   }
   /**
-   * Open URL in browser
-   */
+  * Open URL in browser
+  */
   async openBrowser(url) {
     try {
       const open = require("open");
@@ -573,8 +573,8 @@ ${authUrl.toString()}
     }
   }
   /**
-   * Exchange authorization code for tokens
-   */
+  * Exchange authorization code for tokens
+  */
   async exchangeCodeForTokens(code, redirectUri, credentials, codeVerifier) {
     const metadata = await this.discoverMetadata();
     const tokenPayload = {
@@ -603,8 +603,8 @@ ${authUrl.toString()}
     return response.json();
   }
   /**
-   * Refresh the access token using the refresh token
-   */
+  * Refresh the access token using the refresh token
+  */
   async refreshTokens() {
     if (this.pendingRefresh) {
       return this.pendingRefresh;
@@ -651,8 +651,8 @@ ${authUrl.toString()}
     return enrichedTokens;
   }
   /**
-   * Get a valid access token, refreshing if necessary
-   */
+  * Get a valid access token, refreshing if necessary
+  */
   async getValidToken() {
     let tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens) {
@@ -668,35 +668,35 @@ ${authUrl.toString()}
     return tokens.access_token;
   }
   /**
-   * Get current tokens (may be expired)
-   */
+  * Get current tokens (may be expired)
+  */
   async getTokens() {
     return this.storage.getTokens(this.serverUrl);
   }
   /**
-   * Check if we have valid (non-expired) tokens
-   */
+  * Check if we have valid (non-expired) tokens
+  */
   async isAuthenticated() {
     const tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens) return false;
     return !isTokenExpired(tokens, this.refreshBuffer) || !!tokens.refresh_token;
   }
   /**
-   * Clear stored tokens and log out
-   */
+  * Clear stored tokens and log out
+  */
   async logout() {
     await this.storage.clearTokens(this.serverUrl);
     await this.storage.clearClientInfo(this.serverUrl);
   }
   /**
-   * Create an auth handler for HTTP requests
-   * 
-   * @example
-   * ```typescript
-   * const authHandler = client.asAuthHandler();
-   * const authedRequest = await authHandler(request);
-   * ```
-   */
+  * Create an auth handler for HTTP requests
+  *
+  * @example
+  * ```typescript
+  * const authHandler = client.asAuthHandler();
+  * const authedRequest = await authHandler(request);
+  * ```
+  */
   asAuthHandler() {
     return async (request) => {
       const token = await this.getValidToken();
@@ -731,7 +731,7 @@ async function discoverOAuthMetadata(serverUrl, options = {}) {
       const response = await customFetch(oauthUrl, {
         signal: controller.signal,
         headers: {
-          "Accept": "application/json"
+          Accept: "application/json"
         }
       });
       if (response.ok) {
@@ -746,7 +746,7 @@ async function discoverOAuthMetadata(serverUrl, options = {}) {
       const response = await customFetch(oidcUrl, {
         signal: controller.signal,
         headers: {
-          "Accept": "application/json"
+          Accept: "application/json"
         }
       });
       if (response.ok) {
@@ -852,8 +852,8 @@ var RefreshManager = class {
     this.retryDelay = options.retryDelay ?? 5e3;
   }
   /**
-   * Start background refresh monitoring
-   */
+  * Start background refresh monitoring
+  */
   start() {
     if (this.isRunning) return;
     this.isRunning = true;
@@ -863,8 +863,8 @@ var RefreshManager = class {
     }, this.checkInterval);
   }
   /**
-   * Stop background refresh monitoring
-   */
+  * Stop background refresh monitoring
+  */
   stop() {
     this.isRunning = false;
     if (this.intervalId) {
@@ -873,8 +873,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Register event listener
-   */
+  * Register event listener
+  */
   on(listener) {
     this.listeners.push(listener);
     return () => {
@@ -882,8 +882,8 @@ var RefreshManager = class {
     };
   }
   /**
-   * Emit event to all listeners
-   */
+  * Emit event to all listeners
+  */
   emit(event) {
     for (const listener of this.listeners) {
       try {
@@ -893,8 +893,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Check token and refresh if needed
-   */
+  * Check token and refresh if needed
+  */
   async checkAndRefresh() {
     if (this.pendingRefresh) return;
     try {
@@ -917,8 +917,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Perform token refresh with retry logic
-   */
+  * Perform token refresh with retry logic
+  */
   async performRefresh(refreshToken) {
     this.emit({
       type: "refresh_started",
@@ -950,8 +950,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Actually perform the refresh
-   */
+  * Actually perform the refresh
+  */
   async doRefresh(refreshToken) {
     const newTokens = await this.refreshFn(refreshToken);
     const enrichedTokens = withExpiresAt(newTokens);
@@ -962,8 +962,8 @@ var RefreshManager = class {
     return enrichedTokens;
   }
   /**
-   * Force an immediate refresh
-   */
+  * Force an immediate refresh
+  */
   async forceRefresh() {
     const tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens?.refresh_token) {
@@ -986,8 +986,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Get current running state
-   */
+  * Get current running state
+  */
   get running() {
     return this.isRunning;
   }

package/dist/client/index.mjs

@@ -9,7 +9,7 @@ import {
   MemoryStorage,
   isTokenExpired,
   withExpiresAt
-} from "../chunk-RGCCBQWG.mjs";
+} from "../chunk-MXTUNMHA.mjs";
 import {
   __name,
   __require
@@ -239,8 +239,8 @@ var OAuthClient = class {
     this.preConfiguredClientSecret = options.clientSecret;
   }
   /**
-   * Discover OAuth metadata from .well-known endpoint
-   */
+  * Discover OAuth metadata from .well-known endpoint
+  */
   async discoverMetadata() {
     if (this.metadata) return this.metadata;
     const wellKnownUrl = `${this.serverUrl}/.well-known/oauth-authorization-server`;
@@ -270,8 +270,8 @@ var OAuthClient = class {
     return this.metadata;
   }
   /**
-   * Get or register OAuth client credentials
-   */
+  * Get or register OAuth client credentials
+  */
   async getClientCredentials(redirectUri) {
     if (this.preConfiguredClientId) {
       return {
@@ -317,12 +317,12 @@ var OAuthClient = class {
     return registration;
   }
   /**
-   * Start the browser-based OAuth flow
-   * 
-   * Opens the user's browser to the authorization URL and waits for the callback.
-   * 
-   * @returns OAuth tokens
-   */
+  * Start the browser-based OAuth flow
+  *
+  * Opens the user's browser to the authorization URL and waits for the callback.
+  *
+  * @returns OAuth tokens
+  */
   async authenticate() {
     const existing = await this.storage.getTokens(this.serverUrl);
     if (existing && !isTokenExpired(existing, this.refreshBuffer)) {
@@ -379,8 +379,8 @@ ${authUrl.toString()}
     }
   }
   /**
-   * Open URL in browser
-   */
+  * Open URL in browser
+  */
   async openBrowser(url) {
     try {
       const open = __require("open");
@@ -404,8 +404,8 @@ ${authUrl.toString()}
     }
   }
   /**
-   * Exchange authorization code for tokens
-   */
+  * Exchange authorization code for tokens
+  */
   async exchangeCodeForTokens(code, redirectUri, credentials, codeVerifier) {
     const metadata = await this.discoverMetadata();
     const tokenPayload = {
@@ -434,8 +434,8 @@ ${authUrl.toString()}
     return response.json();
   }
   /**
-   * Refresh the access token using the refresh token
-   */
+  * Refresh the access token using the refresh token
+  */
   async refreshTokens() {
     if (this.pendingRefresh) {
       return this.pendingRefresh;
@@ -482,8 +482,8 @@ ${authUrl.toString()}
     return enrichedTokens;
   }
   /**
-   * Get a valid access token, refreshing if necessary
-   */
+  * Get a valid access token, refreshing if necessary
+  */
   async getValidToken() {
     let tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens) {
@@ -499,35 +499,35 @@ ${authUrl.toString()}
     return tokens.access_token;
   }
   /**
-   * Get current tokens (may be expired)
-   */
+  * Get current tokens (may be expired)
+  */
   async getTokens() {
     return this.storage.getTokens(this.serverUrl);
   }
   /**
-   * Check if we have valid (non-expired) tokens
-   */
+  * Check if we have valid (non-expired) tokens
+  */
   async isAuthenticated() {
     const tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens) return false;
     return !isTokenExpired(tokens, this.refreshBuffer) || !!tokens.refresh_token;
   }
   /**
-   * Clear stored tokens and log out
-   */
+  * Clear stored tokens and log out
+  */
   async logout() {
     await this.storage.clearTokens(this.serverUrl);
     await this.storage.clearClientInfo(this.serverUrl);
   }
   /**
-   * Create an auth handler for HTTP requests
-   * 
-   * @example
-   * ```typescript
-   * const authHandler = client.asAuthHandler();
-   * const authedRequest = await authHandler(request);
-   * ```
-   */
+  * Create an auth handler for HTTP requests
+  *
+  * @example
+  * ```typescript
+  * const authHandler = client.asAuthHandler();
+  * const authedRequest = await authHandler(request);
+  * ```
+  */
   asAuthHandler() {
     return async (request) => {
       const token = await this.getValidToken();
@@ -562,7 +562,7 @@ async function discoverOAuthMetadata(serverUrl, options = {}) {
       const response = await customFetch(oauthUrl, {
         signal: controller.signal,
         headers: {
-          "Accept": "application/json"
+          Accept: "application/json"
         }
       });
       if (response.ok) {
@@ -577,7 +577,7 @@ async function discoverOAuthMetadata(serverUrl, options = {}) {
       const response = await customFetch(oidcUrl, {
         signal: controller.signal,
         headers: {
-          "Accept": "application/json"
+          Accept: "application/json"
         }
       });
       if (response.ok) {
@@ -683,8 +683,8 @@ var RefreshManager = class {
     this.retryDelay = options.retryDelay ?? 5e3;
   }
   /**
-   * Start background refresh monitoring
-   */
+  * Start background refresh monitoring
+  */
   start() {
     if (this.isRunning) return;
     this.isRunning = true;
@@ -694,8 +694,8 @@ var RefreshManager = class {
     }, this.checkInterval);
   }
   /**
-   * Stop background refresh monitoring
-   */
+  * Stop background refresh monitoring
+  */
   stop() {
     this.isRunning = false;
     if (this.intervalId) {
@@ -704,8 +704,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Register event listener
-   */
+  * Register event listener
+  */
   on(listener) {
     this.listeners.push(listener);
     return () => {
@@ -713,8 +713,8 @@ var RefreshManager = class {
     };
   }
   /**
-   * Emit event to all listeners
-   */
+  * Emit event to all listeners
+  */
   emit(event) {
     for (const listener of this.listeners) {
       try {
@@ -724,8 +724,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Check token and refresh if needed
-   */
+  * Check token and refresh if needed
+  */
   async checkAndRefresh() {
     if (this.pendingRefresh) return;
     try {
@@ -748,8 +748,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Perform token refresh with retry logic
-   */
+  * Perform token refresh with retry logic
+  */
   async performRefresh(refreshToken) {
     this.emit({
       type: "refresh_started",
@@ -781,8 +781,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Actually perform the refresh
-   */
+  * Actually perform the refresh
+  */
   async doRefresh(refreshToken) {
     const newTokens = await this.refreshFn(refreshToken);
     const enrichedTokens = withExpiresAt(newTokens);
@@ -793,8 +793,8 @@ var RefreshManager = class {
     return enrichedTokens;
   }
   /**
-   * Force an immediate refresh
-   */
+  * Force an immediate refresh
+  */
   async forceRefresh() {
     const tokens = await this.storage.getTokens(this.serverUrl);
     if (!tokens?.refresh_token) {
@@ -817,8 +817,8 @@ var RefreshManager = class {
     }
   }
   /**
-   * Get current running state
-   */
+  * Get current running state
+  */
   get running() {
     return this.isRunning;
   }

package/dist/{cognito-QQT7LK2Y.mjs → cognito-XKPEG6UH.mjs}

@@ -1,6 +1,6 @@
 import {
   AuthProviderBase
-} from "./chunk-P4HFKA5R.mjs";
+} from "./chunk-ZJYMG6ZM.mjs";
 import {
   __name
 } from "./chunk-LPEX4YW6.mjs";

package/dist/index.js

@@ -669,13 +669,13 @@ var init_leanmcp = __esm({
         };
       }
       /**
-       * Fetch user-specific environment variables for a project
-       * Uses the user's UID and project ID to retrieve their stored secrets
-       * 
-       * @param token - User's auth token
-       * @param projectId - Project ID to scope the secrets
-       * @returns Record of environment variables
-       */
+      * Fetch user-specific environment variables for a project
+      * Uses the user's UID and project ID to retrieve their stored secrets
+      *
+      * @param token - User's auth token
+      * @param projectId - Project ID to scope the secrets
+      * @returns Record of environment variables
+      */
       async getUserSecrets(token, projectId) {
         if (!this.apiKey) {
           console.warn("[LeanMCP] API key not configured - cannot fetch user secrets. Set LEANMCP_API_KEY environment variable or pass apiKey in config.");
@@ -685,7 +685,7 @@ var init_leanmcp = __esm({
         try {
           const { data } = await import_axios4.default.get(url, {
             headers: {
-              "Authorization": `Bearer ${token}`,
+              Authorization: `Bearer ${token}`,
               "x-api-key": this.apiKey
             }
           });

package/dist/index.mjs

@@ -6,7 +6,7 @@ import {
   getAuthProvider,
   getAuthUser,
   isAuthenticationRequired
-} from "./chunk-P4HFKA5R.mjs";
+} from "./chunk-ZJYMG6ZM.mjs";
 import "./chunk-LPEX4YW6.mjs";
 export {
   AuthProvider,

package/dist/{leanmcp-Y7TXNSTD.mjs → leanmcp-73RUGZ2B.mjs}

@@ -1,6 +1,6 @@
 import {
   AuthProviderBase
-} from "./chunk-P4HFKA5R.mjs";
+} from "./chunk-ZJYMG6ZM.mjs";
 import {
   __name
 } from "./chunk-LPEX4YW6.mjs";
@@ -108,13 +108,13 @@ var AuthLeanmcp = class extends AuthProviderBase {
     };
   }
   /**
-   * Fetch user-specific environment variables for a project
-   * Uses the user's UID and project ID to retrieve their stored secrets
-   * 
-   * @param token - User's auth token
-   * @param projectId - Project ID to scope the secrets
-   * @returns Record of environment variables
-   */
+  * Fetch user-specific environment variables for a project
+  * Uses the user's UID and project ID to retrieve their stored secrets
+  *
+  * @param token - User's auth token
+  * @param projectId - Project ID to scope the secrets
+  * @returns Record of environment variables
+  */
   async getUserSecrets(token, projectId) {
     if (!this.apiKey) {
       console.warn("[LeanMCP] API key not configured - cannot fetch user secrets. Set LEANMCP_API_KEY environment variable or pass apiKey in config.");
@@ -124,7 +124,7 @@ var AuthLeanmcp = class extends AuthProviderBase {
     try {
       const { data } = await axios.get(url, {
         headers: {
-          "Authorization": `Bearer ${token}`,
+          Authorization: `Bearer ${token}`,
           "x-api-key": this.apiKey
         }
       });