@mastra/auth 0.1.0

package/dist/index.js

@@ -0,0 +1,369 @@
+import { trace, context, propagation, SpanStatusCode, SpanKind } from './chunk-JLXWUSDO.js';
+import jwt from 'jsonwebtoken';
+import jwksClient from 'jwks-rsa';
+
+async function decodeToken(accessToken) {
+  const decoded = jwt.decode(accessToken, { complete: true });
+  return decoded;
+}
+function getTokenIssuer(decoded) {
+  if (!decoded) throw new Error("Invalid token");
+  if (!decoded.payload || typeof decoded.payload !== "object") throw new Error("Invalid token payload");
+  if (!decoded.payload.iss) throw new Error("Invalid token header");
+  return decoded.payload.iss;
+}
+async function verifyHmac(accessToken, secret) {
+  const decoded = jwt.decode(accessToken, { complete: true });
+  if (!decoded) throw new Error("Invalid token");
+  return jwt.verify(accessToken, secret);
+}
+async function verifyJwks(accessToken, jwksUri) {
+  const decoded = jwt.decode(accessToken, { complete: true });
+  if (!decoded) throw new Error("Invalid token");
+  const client = jwksClient({ jwksUri });
+  const key = await client.getSigningKey(decoded.header.kid);
+  const signingKey = key.getPublicKey();
+  return jwt.verify(accessToken, signingKey);
+}
+
+// ../core/dist/chunk-EWDGXKOQ.js
+function hasActiveTelemetry(tracerName = "default-tracer") {
+  try {
+    return !!trace.getTracer(tracerName);
+  } catch {
+    return false;
+  }
+}
+function getBaggageValues(ctx) {
+  const currentBaggage = propagation.getBaggage(ctx);
+  const requestId = currentBaggage?.getEntry("http.request_id")?.value;
+  const componentName = currentBaggage?.getEntry("componentName")?.value;
+  const runId = currentBaggage?.getEntry("runId")?.value;
+  return {
+    requestId,
+    componentName,
+    runId
+  };
+}
+function withSpan(options) {
+  return function(_target, propertyKey, descriptor) {
+    if (!descriptor || typeof descriptor === "number") return;
+    const originalMethod = descriptor.value;
+    const methodName = String(propertyKey);
+    descriptor.value = function(...args) {
+      if (options?.skipIfNoTelemetry && !hasActiveTelemetry(options?.tracerName)) {
+        return originalMethod.apply(this, args);
+      }
+      const tracer = trace.getTracer(options?.tracerName ?? "default-tracer");
+      let spanName;
+      let spanKind;
+      if (typeof options === "string") {
+        spanName = options;
+      } else if (options) {
+        spanName = options.spanName || methodName;
+        spanKind = options.spanKind;
+      } else {
+        spanName = methodName;
+      }
+      const span = tracer.startSpan(spanName, { kind: spanKind });
+      let ctx = trace.setSpan(context.active(), span);
+      args.forEach((arg, index) => {
+        try {
+          span.setAttribute(`${spanName}.argument.${index}`, JSON.stringify(arg));
+        } catch {
+          span.setAttribute(`${spanName}.argument.${index}`, "[Not Serializable]");
+        }
+      });
+      const { requestId, componentName, runId } = getBaggageValues(ctx);
+      if (requestId) {
+        span.setAttribute("http.request_id", requestId);
+      }
+      if (componentName) {
+        span.setAttribute("componentName", componentName);
+        span.setAttribute("runId", runId);
+      } else if (this && this.name) {
+        span.setAttribute("componentName", this.name);
+        span.setAttribute("runId", this.runId);
+        ctx = propagation.setBaggage(
+          ctx,
+          propagation.createBaggage({
+            // @ts-ignore
+            componentName: { value: this.name },
+            // @ts-ignore
+            runId: { value: this.runId },
+            // @ts-ignore
+            "http.request_id": { value: requestId }
+          })
+        );
+      }
+      let result;
+      try {
+        result = context.with(ctx, () => originalMethod.apply(this, args));
+        if (result instanceof Promise) {
+          return result.then((resolvedValue) => {
+            try {
+              span.setAttribute(`${spanName}.result`, JSON.stringify(resolvedValue));
+            } catch {
+              span.setAttribute(`${spanName}.result`, "[Not Serializable]");
+            }
+            return resolvedValue;
+          }).finally(() => span.end());
+        }
+        try {
+          span.setAttribute(`${spanName}.result`, JSON.stringify(result));
+        } catch {
+          span.setAttribute(`${spanName}.result`, "[Not Serializable]");
+        }
+        return result;
+      } catch (error) {
+        span.setStatus({
+          code: SpanStatusCode.ERROR,
+          message: error instanceof Error ? error.message : "Unknown error"
+        });
+        if (error instanceof Error) {
+          span.recordException(error);
+        }
+        throw error;
+      } finally {
+        if (!(result instanceof Promise)) {
+          span.end();
+        }
+      }
+    };
+    return descriptor;
+  };
+}
+function InstrumentClass(options) {
+  return function(target) {
+    const methods = Object.getOwnPropertyNames(target.prototype);
+    methods.forEach((method) => {
+      if (options?.excludeMethods?.includes(method) || method === "constructor") return;
+      if (options?.methodFilter && !options.methodFilter(method)) return;
+      const descriptor = Object.getOwnPropertyDescriptor(target.prototype, method);
+      if (descriptor && typeof descriptor.value === "function") {
+        Object.defineProperty(
+          target.prototype,
+          method,
+          withSpan({
+            spanName: options?.prefix ? `${options.prefix}.${method}` : method,
+            skipIfNoTelemetry: true,
+            spanKind: options?.spanKind || SpanKind.INTERNAL,
+            tracerName: options?.tracerName
+          })(target, method, descriptor)
+        );
+      }
+    });
+    return target;
+  };
+}
+
+// ../core/dist/chunk-XXVGT7SJ.js
+var RegisteredLogger = {
+  LLM: "LLM"};
+var LogLevel = {
+  DEBUG: "debug",
+  INFO: "info",
+  WARN: "warn",
+  ERROR: "error"};
+var MastraLogger = class {
+  name;
+  level;
+  transports;
+  constructor(options = {}) {
+    this.name = options.name || "Mastra";
+    this.level = options.level || LogLevel.ERROR;
+    this.transports = new Map(Object.entries(options.transports || {}));
+  }
+  getTransports() {
+    return this.transports;
+  }
+  async getLogs(transportId) {
+    if (!transportId || !this.transports.has(transportId)) {
+      return [];
+    }
+    return this.transports.get(transportId).getLogs() ?? [];
+  }
+  async getLogsByRunId({ transportId, runId }) {
+    if (!transportId || !this.transports.has(transportId) || !runId) {
+      return [];
+    }
+    return this.transports.get(transportId).getLogsByRunId({ runId }) ?? [];
+  }
+};
+var ConsoleLogger = class extends MastraLogger {
+  constructor(options = {}) {
+    super(options);
+  }
+  debug(message, ...args) {
+    if (this.level === LogLevel.DEBUG) {
+      console.debug(message, ...args);
+    }
+  }
+  info(message, ...args) {
+    if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.info(message, ...args);
+    }
+  }
+  warn(message, ...args) {
+    if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.warn(message, ...args);
+    }
+  }
+  error(message, ...args) {
+    if (this.level === LogLevel.ERROR || this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.error(message, ...args);
+    }
+  }
+  async getLogs(_transportId) {
+    return [];
+  }
+  async getLogsByRunId(_args) {
+    return [];
+  }
+};
+
+// ../core/dist/chunk-JOCKZ2US.js
+var MastraBase = class {
+  component = RegisteredLogger.LLM;
+  logger;
+  name;
+  telemetry;
+  constructor({ component, name }) {
+    this.component = component || RegisteredLogger.LLM;
+    this.name = name;
+    this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });
+  }
+  /**
+   * Set the logger for the agent
+   * @param logger
+   */
+  __setLogger(logger) {
+    this.logger = logger;
+    if (this.component !== RegisteredLogger.LLM) {
+      this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);
+    }
+  }
+  /**
+   * Set the telemetry for the
+   * @param telemetry
+   */
+  __setTelemetry(telemetry) {
+    this.telemetry = telemetry;
+    if (this.component !== RegisteredLogger.LLM) {
+      this.logger.debug(`Telemetry updated [component=${this.component}] [name=${this.telemetry.name}]`);
+    }
+  }
+  /**
+   * Get the telemetry on the vector
+   * @returns telemetry
+   */
+  __getTelemetry() {
+    return this.telemetry;
+  }
+  /* 
+    get experimental_telemetry config
+    */
+  get experimental_telemetry() {
+    return this.telemetry ? {
+      // tracer: this.telemetry.tracer,
+      tracer: this.telemetry.getBaggageTracer(),
+      isEnabled: !!this.telemetry.tracer
+    } : void 0;
+  }
+};
+
+// ../core/dist/chunk-C6A6W6XS.js
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, {
+  enumerable: true,
+  configurable: true,
+  writable: true,
+  value
+}) : obj[key] = value;
+var __name = (target, value) => __defProp(target, "name", {
+  value,
+  configurable: true
+});
+var __decoratorStart = (base) => [, , , __create(base?.[__knownSymbol("metadata")] ?? null)];
+var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
+var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
+var __decoratorContext = (kind, name, done, metadata, fns) => ({
+  kind: __decoratorStrings[kind],
+  name,
+  metadata,
+  addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null))
+});
+var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
+var __runInitializers = (array, flags, self, value) => {
+  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) fns[i].call(self) ;
+  return value;
+};
+var __decorateElement = (array, flags, name, decorators, target, extra) => {
+  var it, done, ctx, k = flags & 7, p = false;
+  var j = 0;
+  var extraInitializers = array[j] || (array[j] = []);
+  var desc = k && ((target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(target , name));
+  __name(target, name);
+  for (var i = decorators.length - 1; i >= 0; i--) {
+    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
+    it = (0, decorators[i])(target, ctx), done._ = 1;
+    __expectFn(it) && (target = it);
+  }
+  return __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
+};
+
+// ../core/dist/server/index.js
+var _MastraAuthProvider_decorators;
+var _init;
+var _a;
+_MastraAuthProvider_decorators = [InstrumentClass({
+  prefix: "auth",
+  excludeMethods: ["__setTools", "__setLogger", "__setTelemetry", "#log"]
+})];
+var MastraAuthProvider = class extends (_a = MastraBase) {
+  constructor(options) {
+    super({
+      component: "AUTH",
+      name: options?.name
+    });
+    if (options?.authorizeUser) {
+      this.authorizeUser = options.authorizeUser.bind(this);
+    }
+  }
+  registerOptions(opts) {
+    if (opts?.authorizeUser) {
+      this.authorizeUser = opts.authorizeUser.bind(this);
+    }
+  }
+};
+MastraAuthProvider = /* @__PURE__ */ ((_) => {
+  _init = __decoratorStart(_a);
+  MastraAuthProvider = __decorateElement(_init, 0, "MastraAuthProvider", _MastraAuthProvider_decorators, MastraAuthProvider);
+  __runInitializers(_init, 1, MastraAuthProvider);
+  return MastraAuthProvider;
+})();
+var MastraJwtAuth = class extends MastraAuthProvider {
+  secret;
+  constructor(options) {
+    super({ name: options?.name ?? "jwt" });
+    this.secret = options?.secret ?? process.env.JWT_AUTH_SECRET ?? "";
+    if (!this.secret) {
+      throw new Error("JWT auth secret is required");
+    }
+    this.registerOptions(options);
+  }
+  async authenticateToken(token) {
+    return jwt.verify(token, this.secret);
+  }
+  async authorizeUser(user) {
+    return !!user;
+  }
+};
+
+export { MastraJwtAuth, decodeToken, getTokenIssuer, verifyHmac, verifyJwks };

package/package.json

@@ -0,0 +1,46 @@
+{
+  "name": "@mastra/auth",
+  "version": "0.1.0",
+  "description": "",
+  "type": "module",
+  "files": [
+    "dist"
+  ],
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "keywords": [],
+  "author": "",
+  "license": "Elastic-2.0",
+  "dependencies": {
+    "jsonwebtoken": "^9.0.2",
+    "jwks-rsa": "^3.2.0"
+  },
+  "devDependencies": {
+    "@types/jsonwebtoken": "^9.0.9",
+    "@types/node": "^20.17.27",
+    "typescript": "^5.8.2",
+    "vitest": "^2.1.9",
+    "eslint": "^9.23.0",
+    "tsup": "^8.4.0",
+    "@internal/lint": "0.0.7",
+    "@mastra/core": "0.10.2-alpha.5"
+  },
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --clean --experimental-dts --treeshake=smallest --splitting --publicDir",
+    "build:watch": "pnpm build --watch",
+    "test": "vitest run",
+    "lint": "eslint ."
+  }
+}