@mcp-abap-adt/auth-broker 0.1.7 → 0.1.9

package/CHANGELOG.md

@@ -9,6 +9,39 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 Thank you to all contributors! See [CONTRIBUTORS.md](CONTRIBUTORS.md) for the complete list.
 
+## [Unreleased]
+
+## [0.1.9] - 2025-12-05
+
+### Changed
+- **Dependency Injection for Logger**: Migrated from concrete `Logger` implementation to `ILogger` interface
+  - Removed dependency on `@mcp-abap-adt/logger` package
+  - Now uses `ILogger` interface from `@mcp-abap-adt/interfaces`
+  - Logger parameter in constructor is optional - uses no-op logger if not provided
+  - Follows Dependency Inversion Principle - depends on interface, not implementation
+- **Bin Script Fixes**: Fixed `generate-env-from-service-key.ts` script
+  - Corrected imports from non-existent packages (`@mcp-abap-adt/auth-stores-btp`, `@mcp-abap-adt/auth-stores-xsuaa`) to correct package (`@mcp-abap-adt/auth-stores`)
+  - Fixed constructor parameters: changed from array `[directory]` to string `directory` for all store constructors
+
+### Removed
+- **Unused Dependencies**: Removed `@mcp-abap-adt/connection` dependency (not used in production code)
+
+## [0.1.8] - 2025-12-04
+
+### Added
+- **Interfaces Package Integration**: Migrated to use `@mcp-abap-adt/interfaces` package for all interface definitions
+  - All interfaces now imported from shared package
+  - Backward compatibility maintained with type aliases
+  - Dependency on `@mcp-abap-adt/interfaces@^0.1.0` added
+  - Updated `@mcp-abap-adt/connection` dependency to `^0.1.14`
+
+### Changed
+- **Interface Renaming**: Interfaces renamed to follow `I` prefix convention:
+  - `TokenProviderResult` → `ITokenProviderResult` (type alias for backward compatibility)
+  - `TokenProviderOptions` → `ITokenProviderOptions` (type alias for backward compatibility)
+  - Old names still work via type aliases for backward compatibility
+- **AuthType Export**: `AuthType` now exported from `@mcp-abap-adt/interfaces` instead of local definition
+
 ## [0.1.7] - 2025-12-04
 
 ### Changed
@@ -45,7 +78,7 @@ Thank you to all contributors! See [CONTRIBUTORS.md](CONTRIBUTORS.md) for the co
 - Token validator utility (moved to providers)
 - Authentication functions (moved to providers)
 
-## [0.1.5] - 2025-12-03
+## [0.1.5] - 2025-12-02
 
 ### Changed
 - **Interface Naming** - All interfaces now start with `I` prefix
@@ -253,64 +286,6 @@ Thank you to all contributors! See [CONTRIBUTORS.md](CONTRIBUTORS.md) for the co
   - Properly expands `~` to home directory in paths
   - Added diagnostic logging controlled by `TEST_VERBOSE` environment variable
 
-## [0.1.5] - 2025-12-02
-
-### Added
-- **SafeSessionStore** - New in-memory session store implementation
-  - Stores session data in memory (Map) - data is lost after application restart
-  - Secure by default - doesn't persist sensitive data to disk
-  - Use when you want to ensure tokens are not saved to files
-  - Perfect for applications that require re-authentication after restart
-- **SafeSessionStore Tests** - Comprehensive test coverage for SafeSessionStore
-  - Tests for `loadSession()` - loading non-existent, existing, and deleted sessions
-  - Tests for `saveSession()` - saving, overwriting, and multiple destinations
-  - Tests for `deleteSession()` - deleting existing and non-existent sessions
-  - Tests for in-memory behavior - data isolation between instances
-  - 11 test cases covering all functionality
-
-### Changed
-- **Interface Naming** - Renamed interfaces for better readability
-  - `ServiceKeyStore` → `IServiceKeyStore` (new interface name)
-  - `SessionStore` → `ISessionStore` (new interface name)
-  - Old names still available as type aliases for backward compatibility
-  - All implementations updated to use new interface names
-- **AuthBroker Constructor** - Simplified API
-  - Removed `searchPathsOrStores` parameter (string/array/object)
-  - Now accepts only `stores` object with `serviceKeyStore` and `sessionStore` properties
-  - Consumers must explicitly provide stores - no automatic path resolution
-  - Default stores: `FileServiceKeyStore()` and `FileSessionStore()` if not provided
-  - This change gives consumers full control over storage implementation
-
-### Breaking Changes
-- **AuthBroker Constructor** - API change
-  - Old API: `new AuthBroker(searchPaths?: string | string[], browser?: string, logger?: Logger)`
-  - New API: `new AuthBroker(stores?: { serviceKeyStore?: IServiceKeyStore; sessionStore?: ISessionStore }, browser?: string, logger?: Logger)`
-  - Migration: Instead of passing paths, create stores explicitly:
-    ```typescript
-    // Old way (no longer works)
-    const broker = new AuthBroker(['/path/to/destinations']);
-    
-    // New way
-    const { FileServiceKeyStore, FileSessionStore } = require('@mcp-abap-adt/auth-broker');
-    const broker = new AuthBroker({
-      serviceKeyStore: new FileServiceKeyStore(['/path/to/destinations']),
-      sessionStore: new FileSessionStore(['/path/to/destinations']),
-    });
-    ```
-
-### Fixed
-- **Test Helpers** - Updated test helpers to use new AuthBroker API
-  - `testHelpers.ts` now uses `FileServiceKeyStore` and `FileSessionStore` with explicit paths
-  - All existing tests updated to work with new constructor signature
-  - Test coverage maintained at 100% for all components
-
-### Technical Details
-- Consumers now have full control over storage implementation
-- Can choose between `FileSessionStore` (persists to disk) and `SafeSessionStore` (in-memory)
-- No automatic path resolution - consumers decide where to store files
-- Better separation of concerns - storage logic is explicit
-- All tests updated and passing (60 tests across 8 test suites)
-
 ## [0.1.4] - 2025-12-01
 
 ### Dependencies

package/README.md

@@ -157,6 +157,108 @@ This package supports two types of BTP authentication:
 - **ABAP URL**: Required, from service key or YAML configuration
 - **Use Case**: Accessing ABAP systems in BTP with full permissions
 
+## Responsibilities and Design Principles
+
+### Core Development Principle
+
+**Interface-Only Communication**: This package follows a fundamental development principle: **all interactions with external dependencies happen ONLY through interfaces**. The code knows **NOTHING beyond what is defined in the interfaces**.
+
+This means:
+- Does not know about concrete implementation classes (e.g., `AbapSessionStore`, `BtpTokenProvider`)
+- Does not know about internal data structures or methods not defined in interfaces
+- Does not make assumptions about implementation behavior beyond interface contracts
+- Does not access properties or methods not explicitly defined in interfaces
+
+This principle ensures:
+- **Loose coupling**: `AuthBroker` is decoupled from concrete implementations
+- **Flexibility**: New implementations can be added without modifying `AuthBroker`
+- **Testability**: Easy to mock dependencies for testing
+- **Maintainability**: Changes to implementations don't affect `AuthBroker`
+
+### Package Responsibilities
+
+The `@mcp-abap-adt/auth-broker` package defines **interfaces** and provides **orchestration logic** for authentication. It does **not** implement concrete storage or token acquisition mechanisms - these are provided by separate packages (`@mcp-abap-adt/auth-stores`, `@mcp-abap-adt/auth-providers`).
+
+#### What AuthBroker Does
+
+- **Orchestrates authentication flows**: Coordinates token retrieval, validation, and refresh using provided stores and providers
+- **Manages token lifecycle**: Handles token caching, validation, and automatic refresh
+- **Works with interfaces only**: Uses `IServiceKeyStore`, `ISessionStore`, and `ITokenProvider` interfaces without knowing concrete implementations
+- **Delegates to providers**: Calls `tokenProvider.getConnectionConfig()` to obtain tokens and connection configuration
+- **Delegates to stores**: Uses `sessionStore.setConnectionConfig()` to save tokens and connection configuration
+
+#### What AuthBroker Does NOT Do
+
+- **Does NOT know about `serviceUrl`**: `AuthBroker` does not know whether a specific `ISessionStore` implementation requires `serviceUrl` or not. It simply passes the `IConnectionConfig` returned by `tokenProvider` to `sessionStore.setConnectionConfig()`
+- **Does NOT merge configurations**: `AuthBroker` does not merge `serviceUrl` from service keys with connection config from token providers. This is the responsibility of the consumer or the session store implementation
+- **Does NOT implement storage**: File I/O, parsing, and storage logic are handled by concrete store implementations from `@mcp-abap-adt/auth-stores`
+- **Does NOT implement token acquisition**: OAuth2 flows, refresh token logic, and client credentials are handled by concrete provider implementations from `@mcp-abap-adt/auth-providers`
+
+### Consumer Responsibilities
+
+The **consumer** (application using `AuthBroker`) is responsible for:
+
+1. **Selecting appropriate implementations**: Choose the correct `IServiceKeyStore`, `ISessionStore`, and `ITokenProvider` implementations based on the use case:
+   - **ABAP systems**: Use `AbapServiceKeyStore`, `AbapSessionStore` (or `SafeAbapSessionStore`), and `BtpTokenProvider`
+   - **BTP systems**: Use `AbapServiceKeyStore`, `BtpSessionStore` (or `SafeBtpSessionStore`), and `BtpTokenProvider`
+   - **XSUAA services**: Use `XsuaaServiceKeyStore`, `XsuaaSessionStore` (or `SafeXsuaaSessionStore`), and `XsuaaTokenProvider`
+
+2. **Ensuring complete configuration**: If a session store requires `serviceUrl` (e.g., `AbapSessionStore` requires `sapUrl`), the consumer must ensure that:
+   - The session is created with `serviceUrl` before calling `AuthBroker.getToken()`, OR
+   - The session store implementation handles `serviceUrl` retrieval internally (e.g., from `serviceKeyStore`)
+
+3. **Understanding store requirements**: Different session store implementations have different requirements:
+   - `AbapSessionStore`: Requires `sapUrl` (maps to `serviceUrl` in `IConnectionConfig`)
+   - `BtpSessionStore`: Does not require `serviceUrl` (uses `mcpUrl` instead)
+   - `XsuaaSessionStore`: Does not require `serviceUrl` (MCP URL is optional)
+
+### Store Responsibilities
+
+Concrete `ISessionStore` implementations are responsible for:
+
+- **Handling their own data format**: Each store knows its internal data format (e.g., `AbapSessionData`, `BtpBaseSessionData`)
+- **Converting between formats**: Converting between `IConfig`/`IConnectionConfig` and internal storage format
+- **Managing required fields**: If a store requires `serviceUrl` (e.g., `AbapSessionStore`), it should:
+  - Retrieve it from `serviceKeyStore` if not provided in `IConnectionConfig`, OR
+  - Use existing value from current session if available, OR
+  - Throw an error if neither is available (depending on implementation)
+
+### Provider Responsibilities
+
+Concrete `ITokenProvider` implementations are responsible for:
+
+- **Obtaining tokens**: Using OAuth2 flows, refresh tokens, or client credentials to obtain JWT tokens
+- **Returning connection config**: Returning `IConnectionConfig` with `authorizationToken` and optionally `serviceUrl` (if known)
+- **Not returning `serviceUrl` if unknown**: Providers like `BtpTokenProvider` may not return `serviceUrl` because they only handle token acquisition, not connection configuration
+
+### Design Principles
+
+1. **Interface-Only Communication** (Core Principle): All interactions with external dependencies happen **ONLY through interfaces**. The code knows **NOTHING beyond what is defined in the interfaces** (see [Core Development Principle](#core-development-principle) above)
+2. **Dependency Inversion Principle (DIP)**: `AuthBroker` depends on abstractions (`IServiceKeyStore`, `ISessionStore`, `ITokenProvider`), not concrete implementations
+3. **Single Responsibility**: Each component has a single, well-defined responsibility:
+   - `AuthBroker`: Orchestration and token lifecycle management
+   - `ISessionStore`: Session data storage and retrieval
+   - `ITokenProvider`: Token acquisition
+   - `IServiceKeyStore`: Service key storage and retrieval
+4. **Interface Segregation**: Interfaces are focused and minimal, containing only what's necessary for their specific purpose
+5. **Open/Closed Principle**: New store and provider implementations can be added without modifying `AuthBroker`
+
+### Example: Why AuthBroker Doesn't Handle `serviceUrl`
+
+Consider this scenario:
+- `BtpTokenProvider.getConnectionConfig()` returns `IConnectionConfig` with `authorizationToken` but **without** `serviceUrl` (because it only handles token acquisition)
+- `AbapSessionStore.setConnectionConfig()` requires `sapUrl` (which maps to `serviceUrl`)
+
+If `AuthBroker` tried to merge `serviceUrl` from `serviceKeyStore`, it would:
+1. Violate the DIP by knowing about specific store requirements
+2. Break the abstraction - `AuthBroker` shouldn't know that `AbapSessionStore` needs `serviceUrl`
+3. Create coupling between `AuthBroker` and concrete implementations
+
+Instead, the consumer or `AbapSessionStore` itself should handle this:
+- **Option 1**: Consumer retrieves `serviceUrl` from `serviceKeyStore` and ensures it's in the session before calling `AuthBroker.getToken()`
+- **Option 2**: `AbapSessionStore.setConnectionConfig()` retrieves `serviceUrl` from `serviceKeyStore` internally if not provided
+- **Option 3**: `AbapSessionStore.setConnectionConfig()` uses existing `sapUrl` from current session if available
+
 ## API
 
 ### `AuthBroker`
@@ -171,7 +273,7 @@ new AuthBroker(
     tokenProvider?: ITokenProvider;
   }, 
   browser?: string, 
-  logger?: Logger
+  logger?: ILogger
 )
 ```
 

package/bin/generate-env-from-service-key.ts

@@ -16,8 +16,7 @@
 import * as path from 'path';
 import * as fs from 'fs';
 import { AuthBroker } from '../src/AuthBroker';
-import { AbapServiceKeyStore, AbapSessionStore } from '@mcp-abap-adt/auth-stores-btp';
-import { XsuaaServiceKeyStore, XsuaaSessionStore } from '@mcp-abap-adt/auth-stores-xsuaa';
+import { AbapServiceKeyStore, AbapSessionStore, XsuaaServiceKeyStore, XsuaaSessionStore } from '@mcp-abap-adt/auth-stores';
 import { BtpTokenProvider, XsuaaTokenProvider } from '@mcp-abap-adt/auth-providers';
 
 async function main() {
@@ -59,12 +58,12 @@ async function main() {
 
     // Create appropriate stores
     const serviceKeyStore = isXsuaa
-      ? new XsuaaServiceKeyStore([serviceKeyDir])
-      : new AbapServiceKeyStore([serviceKeyDir]);
+      ? new XsuaaServiceKeyStore(serviceKeyDir)
+      : new AbapServiceKeyStore(serviceKeyDir);
     
     const sessionStore = isXsuaa
-      ? new XsuaaSessionStore([sessionDir])
-      : new AbapSessionStore([sessionDir]);
+      ? new XsuaaSessionStore(sessionDir)
+      : new AbapSessionStore(sessionDir);
 
     // Create token provider
     const tokenProvider = isXsuaa

package/dist/AuthBroker.d.ts

@@ -1,7 +1,7 @@
 /**
  * Main AuthBroker class for managing JWT tokens based on destinations
  */
-import { Logger } from '@mcp-abap-adt/logger';
+import { ILogger } from '@mcp-abap-adt/interfaces';
 import { IServiceKeyStore, ISessionStore, IAuthorizationConfig, IConnectionConfig } from './stores/interfaces';
 import { ITokenProvider } from './providers';
 /**
@@ -22,13 +22,13 @@ export declare class AuthBroker {
      * @param browser Optional browser name for authentication (chrome, edge, firefox, system, none).
      *                Default: 'system' (system default browser).
      *                Use 'none' to print URL instead of opening browser.
-     * @param logger Optional logger instance. If not provided, uses default logger.
+     * @param logger Optional logger instance implementing ILogger interface. If not provided, uses no-op logger.
      */
     constructor(stores: {
         serviceKeyStore: IServiceKeyStore;
         sessionStore: ISessionStore;
         tokenProvider: ITokenProvider;
-    }, browser?: string, logger?: Logger);
+    }, browser?: string, logger?: ILogger);
     /**
      * Get authentication token for destination.
      * Tries to load from session store, validates it, and refreshes if needed using a fallback chain.

package/dist/AuthBroker.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AuthBroker.d.ts","sourceRoot":"","sources":["../src/AuthBroker.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAiB,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAC/G,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,OAAO,CAAqB;IACpC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,eAAe,CAAmB;IAC1C,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,aAAa,CAAiB;IAEtC;;;;;;;;;;OAUG;gBAED,MAAM,EAAE;QAAE,eAAe,EAAE,gBAAgB,CAAC;QAAC,YAAY,EAAE,aAAa,CAAC;QAAC,aAAa,EAAE,cAAc,CAAA;KAAE,EACzG,OAAO,CAAC,EAAE,MAAM,EAChB,MAAM,CAAC,EAAE,MAAM;IASjB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACG,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmIpD;;;;;OAKG;IACG,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAuCxD;;;;OAIG;IACG,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAWvF;;;;OAIG;IACG,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC;CAWlF"}
+{"version":3,"file":"AuthBroker.d.ts","sourceRoot":"","sources":["../src/AuthBroker.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAC/G,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAY7C;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,OAAO,CAAqB;IACpC,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,eAAe,CAAmB;IAC1C,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,aAAa,CAAiB;IAEtC;;;;;;;;;;OAUG;gBAED,MAAM,EAAE;QAAE,eAAe,EAAE,gBAAgB,CAAC;QAAC,YAAY,EAAE,aAAa,CAAC;QAAC,aAAa,EAAE,cAAc,CAAA;KAAE,EACzG,OAAO,CAAC,EAAE,MAAM,EAChB,MAAM,CAAC,EAAE,OAAO;IASlB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACG,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmIpD;;;;;OAKG;IACG,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAuCxD;;;;OAIG;IACG,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAWvF;;;;OAIG;IACG,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC;CAWlF"}

package/dist/AuthBroker.js

@@ -4,7 +4,15 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthBroker = void 0;
-const logger_1 = require("@mcp-abap-adt/logger");
+/**
+ * No-op logger implementation for default fallback when logger is not provided
+ */
+const noOpLogger = {
+    info: () => { },
+    error: () => { },
+    warn: () => { },
+    debug: () => { },
+};
 /**
  * AuthBroker manages JWT authentication tokens for destinations
  */
@@ -23,14 +31,14 @@ class AuthBroker {
      * @param browser Optional browser name for authentication (chrome, edge, firefox, system, none).
      *                Default: 'system' (system default browser).
      *                Use 'none' to print URL instead of opening browser.
-     * @param logger Optional logger instance. If not provided, uses default logger.
+     * @param logger Optional logger instance implementing ILogger interface. If not provided, uses no-op logger.
      */
     constructor(stores, browser, logger) {
         this.serviceKeyStore = stores.serviceKeyStore;
         this.sessionStore = stores.sessionStore;
         this.tokenProvider = stores.tokenProvider;
         this.browser = browser || 'system';
-        this.logger = logger || logger_1.defaultLogger;
+        this.logger = logger || noOpLogger;
     }
     /**
      * Get authentication token for destination.

package/dist/index.d.ts

@@ -6,5 +6,6 @@ export { AuthBroker } from './AuthBroker';
 export type { IAuthorizationConfig, IConnectionConfig, IServiceKeyStore, ISessionStore } from './stores/interfaces';
 export type { IConfig } from './types';
 export type { ITokenProvider, TokenProviderOptions, TokenProviderResult } from './providers';
-export type { Logger } from '@mcp-abap-adt/logger';
+export type { ILogger } from '@mcp-abap-adt/interfaces';
+export type { AuthType } from '@mcp-abap-adt/interfaces';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAG1C,YAAY,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpH,YAAY,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAEvC,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAE7F,YAAY,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAG1C,YAAY,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpH,YAAY,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAEvC,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAE7F,YAAY,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAExD,YAAY,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC"}

package/dist/providers/ITokenProvider.d.ts

@@ -6,44 +6,8 @@
  * - XSUAA: client_credentials grant type (no browser)
  * - BTP/ABAP: browser-based OAuth2 or refresh token
  */
-import { IAuthorizationConfig, IConnectionConfig } from '../stores/interfaces';
-/**
- * Result from token provider
- */
-export interface TokenProviderResult {
-    /** Connection configuration with authorization token */
-    connectionConfig: IConnectionConfig;
-    /** Refresh token (optional, for BTP/ABAP) */
-    refreshToken?: string;
-}
-/**
- * Interface for token providers
- *
- * Takes authorization configuration and returns connection configuration with token.
- */
-export interface ITokenProvider {
-    /**
-     * Get connection configuration with token from authorization configuration
-     * @param authConfig Authorization configuration (UAA credentials, optional refresh token)
-     * @param options Optional provider-specific options (e.g., browser type for BTP)
-     * @returns Promise that resolves to connection configuration with authorization token and optional refresh token
-     */
-    getConnectionConfig(authConfig: IAuthorizationConfig, options?: TokenProviderOptions): Promise<TokenProviderResult>;
-    /**
-     * Validate JWT token by testing connection to service
-     * @param token JWT token to validate
-     * @param serviceUrl Service URL (optional, for services that require URL validation)
-     * @returns Promise that resolves to true if token is valid, false otherwise
-     */
-    validateToken?(token: string, serviceUrl?: string): Promise<boolean>;
-}
-/**
- * Options for token providers
- */
-export interface TokenProviderOptions {
-    /** Browser type for browser-based authentication (chrome, edge, firefox, system, none) */
-    browser?: string;
-    /** Logger instance for logging */
-    logger?: import('@mcp-abap-adt/logger').Logger;
-}
+import type { IAuthorizationConfig, IConnectionConfig, ITokenProvider, ITokenProviderResult, ITokenProviderOptions } from '@mcp-abap-adt/interfaces';
+export type { ITokenProvider, IAuthorizationConfig, IConnectionConfig, };
+export type TokenProviderResult = ITokenProviderResult;
+export type TokenProviderOptions = ITokenProviderOptions;
 //# sourceMappingURL=ITokenProvider.d.ts.map

package/dist/providers/ITokenProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ITokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/ITokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAE/E;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,wDAAwD;IACxD,gBAAgB,EAAE,iBAAiB,CAAC;IACpC,6CAA6C;IAC7C,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,mBAAmB,CACjB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEhC;;;;;OAKG;IACH,aAAa,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,0FAA0F;IAC1F,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,MAAM,CAAC,EAAE,OAAO,sBAAsB,EAAE,MAAM,CAAC;CAChD"}
+{"version":3,"file":"ITokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/ITokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EACV,oBAAoB,EACpB,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,qBAAqB,EACtB,MAAM,0BAA0B,CAAC;AAGlC,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,iBAAiB,GAClB,CAAC;AACF,MAAM,MAAM,mBAAmB,GAAG,oBAAoB,CAAC;AACvD,MAAM,MAAM,oBAAoB,GAAG,qBAAqB,CAAC"}

package/dist/stores/interfaces.d.ts

@@ -1,117 +1,9 @@
 /**
  * Storage interfaces for AuthBroker
  *
- * All interfaces are defined here. Types (type aliases) are in types.ts.
+ * All interfaces are imported from @mcp-abap-adt/interfaces package.
+ * Type aliases (type) are in types.ts.
  */
-import type { IConfig } from '../types';
-/**
- * Authorization configuration - values needed for obtaining and refreshing tokens
- * Returned by stores with actual values (not file paths)
- */
-export interface IAuthorizationConfig {
-    /** UAA URL for token refresh */
-    uaaUrl: string;
-    /** UAA client ID */
-    uaaClientId: string;
-    /** UAA client secret */
-    uaaClientSecret: string;
-    /** Refresh token for token renewal (optional) */
-    refreshToken?: string;
-}
-/**
- * Connection configuration - values needed for connecting to services
- * Returned by stores with actual values (not file paths)
- */
-export interface IConnectionConfig {
-    /** Service URL (SAP/ABAP/MCP URL) - undefined for XSUAA if not provided */
-    serviceUrl?: string;
-    /** Authorization token (JWT token) */
-    authorizationToken: string;
-    /** SAP client number (optional, for ABAP/BTP) */
-    sapClient?: string;
-    /** Language (optional, for ABAP/BTP) */
-    language?: string;
-}
-/**
- * Interface for storing and retrieving service keys
- *
- * Service keys contain UAA credentials and connection URLs.
- */
-export interface IServiceKeyStore {
-    /**
-     * Get raw service key for destination
-     * @param destination Destination name (e.g., "TRIAL")
-     * @returns Service key object (implementation-specific) or null if not found
-     */
-    getServiceKey(destination: string): Promise<IConfig | null>;
-    /**
-     * Get authorization configuration from service key
-     * Returns values needed for obtaining and refreshing tokens
-     * @param destination Destination name (e.g., "TRIAL")
-     * @returns IAuthorizationConfig with actual values or null if not found
-     */
-    getAuthorizationConfig(destination: string): Promise<IAuthorizationConfig | null>;
-    /**
-     * Get connection configuration from service key
-     * Returns values needed for connecting to services
-     * @param destination Destination name (e.g., "TRIAL")
-     * @returns IConnectionConfig with actual values or null if not found
-     */
-    getConnectionConfig(destination: string): Promise<IConnectionConfig | null>;
-}
-/**
- * Interface for session stores - stores and retrieves session data
- *
- * Session stores handle loading, saving, and managing session data (tokens, configuration).
- */
-export interface ISessionStore {
-    /**
-     * Load session configuration for destination
-     * Returns optional composition of IAuthorizationConfig and IConnectionConfig
-     * Can contain either authorization config, or connection config, or both
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @returns IConfig with actual values or null if not found
-     */
-    loadSession(destination: string): Promise<IConfig | null>;
-    /**
-     * Save session configuration for destination
-     * Accepts IConfig (optional composition) or internal representation (for backward compatibility)
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @param config IConfig or internal session configuration to save
-     */
-    saveSession(destination: string, config: IConfig | unknown): Promise<void>;
-    /**
-     * Delete session for destination (optional)
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     */
-    deleteSession?(destination: string): Promise<void>;
-    /**
-     * Get authorization configuration with actual values (not file paths)
-     * Returns values needed for obtaining and refreshing tokens
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @returns IAuthorizationConfig with actual values or null if not found
-     */
-    getAuthorizationConfig(destination: string): Promise<IAuthorizationConfig | null>;
-    /**
-     * Get connection configuration with actual values (not file paths)
-     * Returns values needed for connecting to services
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @returns IConnectionConfig with actual values or null if not found
-     */
-    getConnectionConfig(destination: string): Promise<IConnectionConfig | null>;
-    /**
-     * Set authorization configuration
-     * Updates values needed for obtaining and refreshing tokens
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @param config IAuthorizationConfig with values to set
-     */
-    setAuthorizationConfig(destination: string, config: IAuthorizationConfig): Promise<void>;
-    /**
-     * Set connection configuration
-     * Updates values needed for connecting to services
-     * @param destination Destination name (e.g., "TRIAL" or "mcp")
-     * @param config IConnectionConfig with values to set
-     */
-    setConnectionConfig(destination: string, config: IConnectionConfig): Promise<void>;
-}
+import type { IAuthorizationConfig, IConnectionConfig, IServiceKeyStore, ISessionStore } from '@mcp-abap-adt/interfaces';
+export type { IAuthorizationConfig, IConnectionConfig, IServiceKeyStore, ISessionStore, };
 //# sourceMappingURL=interfaces.d.ts.map

package/dist/stores/interfaces.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/stores/interfaces.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AAExC;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,wBAAwB;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,iDAAiD;IACjD,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,2EAA2E;IAC3E,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sCAAsC;IACtC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAE5D;;;;;OAKG;IACH,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAElF;;;;;OAKG;IACH,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;CAC7E;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B;;;;;;OAMG;IACH,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAE1D;;;;;OAKG;IACH,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3E;;;OAGG;IACH,aAAa,CAAC,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEnD;;;;;OAKG;IACH,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CAAC;IAElF;;;;;OAKG;IACH,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAE5E;;;;;OAKG;IACH,sBAAsB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzF;;;;;OAKG;IACH,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACpF"}
+{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/stores/interfaces.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EACV,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EAEd,MAAM,0BAA0B,CAAC;AAGlC,YAAY,EACV,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,GACd,CAAC"}

package/dist/stores/interfaces.js

@@ -2,6 +2,7 @@
 /**
  * Storage interfaces for AuthBroker
  *
- * All interfaces are defined here. Types (type aliases) are in types.ts.
+ * All interfaces are imported from @mcp-abap-adt/interfaces package.
+ * Type aliases (type) are in types.ts.
  */
 Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types.d.ts

@@ -1,13 +1,8 @@
 /**
  * Type definitions for auth-broker package
  *
- * Type aliases (type) are defined here. Interfaces are in stores/interfaces.ts.
+ * Type aliases (type) are defined here. Interfaces are imported from @mcp-abap-adt/interfaces.
  */
-import type { IAuthorizationConfig, IConnectionConfig } from './stores/interfaces';
-/**
- * Configuration - optional composition of authorization and connection configuration
- * Can contain either authorization config, or connection config, or both
- */
-export type IConfig = Partial<IAuthorizationConfig> & Partial<IConnectionConfig>;
-export type { IAuthorizationConfig, IConnectionConfig, IServiceKeyStore, ISessionStore, } from './stores/interfaces';
+import type { IAuthorizationConfig, IConnectionConfig, IConfig, IServiceKeyStore, ISessionStore } from '@mcp-abap-adt/interfaces';
+export type { IConfig, IAuthorizationConfig, IConnectionConfig, IServiceKeyStore, ISessionStore, };
 //# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAEnF;;;GAGG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAGjF,YAAY,EACV,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,GACd,MAAM,qBAAqB,CAAC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EACV,oBAAoB,EACpB,iBAAiB,EACjB,OAAO,EACP,gBAAgB,EAChB,aAAa,EACd,MAAM,0BAA0B,CAAC;AAGlC,YAAY,EACV,OAAO,EACP,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,GACd,CAAC"}

package/dist/types.js

@@ -2,6 +2,6 @@
 /**
  * Type definitions for auth-broker package
  *
- * Type aliases (type) are defined here. Interfaces are in stores/interfaces.ts.
+ * Type aliases (type) are defined here. Interfaces are imported from @mcp-abap-adt/interfaces.
  */
 Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-abap-adt/auth-broker",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "description": "JWT authentication broker for MCP ABAP ADT - manages tokens based on destination headers",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -51,13 +51,11 @@
     "node": ">=18.0.0"
   },
   "dependencies": {
-    "@mcp-abap-adt/connection": "^0.1.13",
-    "@mcp-abap-adt/logger": "^0.1.0"
+    "@mcp-abap-adt/interfaces": "^0.1.1"
   },
   "devDependencies": {
-    "@mcp-abap-adt/auth-providers": "^0.1.0",
-    "@mcp-abap-adt/auth-stores-btp": "^0.1.0",
-    "@mcp-abap-adt/auth-stores-xsuaa": "^0.1.0",
+    "@mcp-abap-adt/auth-providers": "^0.1.2",
+    "@mcp-abap-adt/auth-stores": "^0.1.4",
     "@types/express": "^5.0.5",
     "@types/jest": "^30.0.0",
     "@types/js-yaml": "^4.0.9",