@mcp-abap-adt/auth-providers 0.1.0 → 0.1.2

package/CHANGELOG.md

@@ -7,7 +7,42 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [0.1.0] - 2024-12-04
+## [0.1.2] - 2025-12-05
+
+### Changed
+- **Dependency Injection**: Moved `@mcp-abap-adt/auth-stores` and `@mcp-abap-adt/logger` from `dependencies` to `devDependencies`
+  - These packages are only used in tests, not in production code
+  - Logger is injected via `ITokenProviderOptions.logger?: ILogger` interface in production code
+  - Auth stores are not used in production code (consumers inject their own store implementations)
+
+### Removed
+- **Unused Dependencies**: Removed `@mcp-abap-adt/connection` dependency (not used in production code)
+
+## [0.1.1] - 2025-12-04
+
+### Added
+- **Interfaces Package Integration**: Migrated to use `@mcp-abap-adt/interfaces` package for all interface definitions
+  - All interfaces now imported from shared package
+  - Dependency on `@mcp-abap-adt/interfaces@^0.1.1` added
+  - Updated `@mcp-abap-adt/connection` dependency to `^0.1.14`
+  - Updated `@mcp-abap-adt/auth-stores` dependency to `^0.1.3`
+
+### Changed
+- **Interface Renaming**: Interfaces renamed to follow `I` prefix convention:
+  - `TokenProviderResult` → `ITokenProviderResult` (type alias for backward compatibility)
+  - `TokenProviderOptions` → `ITokenProviderOptions` (type alias for backward compatibility)
+  - Old names still work via type aliases for backward compatibility
+- **Logger Interface**: Updated to use `ILogger` from `@mcp-abap-adt/interfaces` instead of `Logger` from `@mcp-abap-adt/logger`
+  - `browserAuth.ts` now uses `ILogger` interface with basic methods (info, error, warn, debug)
+  - Browser-specific logging methods (browserUrl, browserOpening) now use basic `info` and `debug` methods
+
+### Fixed
+- **BtpTokenProvider Integration Tests**: Fixed to use ABAP destination and `AbapServiceKeyStore` instead of XSUAA
+  - BTP and ABAP use the same authentication flow and service key format
+  - Tests now correctly use `getAbapDestination` and `hasRealConfig(config, 'abap')`
+  - Tests now use `AbapServiceKeyStore` instead of `BtpServiceKeyStore` for loading service keys
+
+## [0.1.0] - 2025-12-04
 
 ### Added
 - Initial release
@@ -23,10 +58,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - YAML-based test configuration (`tests/test-config.yaml.template`)
   - Tests for service key to session conversion
   - Tests for token validation
-  - BTP tests use `BtpServiceKeyStore` and `BtpSessionStore` (without `sapUrl`)
+  - BTP tests use `AbapServiceKeyStore` (same format as ABAP) and `BtpSessionStore` (without `sapUrl`)
   - ABAP tests use `AbapServiceKeyStore` and `AbapSessionStore` (with `sapUrl`)
-  - BTP tests use `xsuaa.btp_destination` from config
-  - ABAP tests use `abap.destination` from config
+  - Both BTP and ABAP tests use `abap.destination` from config (same authentication flow)
 
 ### Fixed
 - **Integration Tests**: Corrected BTP and ABAP test separation

package/README.md

@@ -17,6 +17,58 @@ This package implements the `ITokenProvider` interface from `@mcp-abap-adt/auth-
 - **XsuaaTokenProvider** - Uses `client_credentials` grant type (no browser required)
 - **BtpTokenProvider** - Uses browser-based OAuth2 or refresh token flow
 
+## Responsibilities and Design Principles
+
+### Core Development Principle
+
+**Interface-Only Communication**: This package follows a fundamental development principle: **all interactions with external dependencies happen ONLY through interfaces**. The code knows **NOTHING beyond what is defined in the interfaces**.
+
+This means:
+- Does not know about concrete implementation classes from other packages
+- Does not know about internal data structures or methods not defined in interfaces
+- Does not make assumptions about implementation behavior beyond interface contracts
+- Does not access properties or methods not explicitly defined in interfaces
+
+This principle ensures:
+- **Loose coupling**: Providers are decoupled from concrete implementations in other packages
+- **Flexibility**: New implementations can be added without modifying providers
+- **Testability**: Easy to mock dependencies for testing
+- **Maintainability**: Changes to implementations don't affect providers
+
+### Package Responsibilities
+
+This package is responsible for:
+
+1. **Implementing token provider interface**: Provides concrete implementations of `ITokenProvider` interface defined in `@mcp-abap-adt/auth-broker`
+2. **Token acquisition**: Handles OAuth2 flows (browser-based, refresh token, client credentials) to obtain JWT tokens
+3. **Token validation**: Validates tokens by making HTTP requests to service endpoints
+4. **OAuth2 flows**: Manages browser-based OAuth2 authorization code flow and refresh token flow
+
+#### What This Package Does
+
+- **Implements ITokenProvider**: Provides concrete implementations (`XsuaaTokenProvider`, `BtpTokenProvider`)
+- **Handles OAuth2 flows**: Browser-based OAuth2, refresh token, and client credentials grant types
+- **Obtains tokens**: Makes HTTP requests to UAA endpoints to obtain JWT tokens
+- **Validates tokens**: Tests token validity by making requests to service endpoints
+- **Returns connection config**: Returns `IConnectionConfig` with `authorizationToken` and optionally `serviceUrl` (if known)
+
+#### What This Package Does NOT Do
+
+- **Does NOT store tokens**: Token storage is handled by `@mcp-abap-adt/auth-stores`
+- **Does NOT orchestrate authentication**: Token lifecycle management is handled by `@mcp-abap-adt/auth-broker`
+- **Does NOT know about service keys**: Service key loading is handled by stores
+- **Does NOT manage sessions**: Session management is handled by stores
+- **Does NOT return `serviceUrl` if unknown**: Providers may not return `serviceUrl` because they only handle token acquisition, not connection configuration
+
+### External Dependencies
+
+This package interacts with external packages **ONLY through interfaces**:
+
+- **`@mcp-abap-adt/auth-broker`**: Uses interfaces (`ITokenProvider`, `IAuthorizationConfig`, `IConnectionConfig`) - does not know about `AuthBroker` implementation
+- **`@mcp-abap-adt/logger`**: Uses `Logger` interface for logging - does not know about concrete logger implementation
+- **`@mcp-abap-adt/connection`**: Uses connection utilities for token validation - interacts through well-defined functions
+- **No direct dependencies on stores**: All interactions with stores happen through interfaces passed by consumers
+
 ## Usage
 
 ### Basic Usage

package/dist/auth/browserAuth.d.ts

@@ -1,8 +1,7 @@
 /**
  * Browser authentication - OAuth2 flow for obtaining tokens
  */
-import type { IAuthorizationConfig } from '@mcp-abap-adt/auth-broker';
-import type { Logger } from '@mcp-abap-adt/logger';
+import type { IAuthorizationConfig, ILogger } from '@mcp-abap-adt/interfaces';
 /**
  * Start browser authentication flow
  * @param authConfig Authorization configuration with UAA credentials
@@ -10,7 +9,7 @@ import type { Logger } from '@mcp-abap-adt/logger';
  * @param logger Optional logger instance. If not provided, uses default logger.
  * @returns Promise that resolves to tokens
  */
-export declare function startBrowserAuth(authConfig: IAuthorizationConfig, browser?: string, logger?: Logger): Promise<{
+export declare function startBrowserAuth(authConfig: IAuthorizationConfig, browser?: string, logger?: ILogger): Promise<{
     accessToken: string;
     refreshToken?: string;
 }>;

package/dist/auth/browserAuth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"browserAuth.d.ts","sourceRoot":"","sources":["../../src/auth/browserAuth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAkFnD;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,UAAU,EAAE,oBAAoB,EAChC,OAAO,GAAE,MAAiB,EAC1B,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAkSzD"}
+{"version":3,"file":"browserAuth.d.ts","sourceRoot":"","sources":["../../src/auth/browserAuth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,KAAK,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAkF9E;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,UAAU,EAAE,oBAAoB,EAChC,OAAO,GAAE,MAAiB,EAC1B,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAkSzD"}

package/dist/auth/browserAuth.js

@@ -116,8 +116,8 @@ async function startBrowserAuth(authConfig, browser = 'system', logger) {
         info: (msg) => logger.info(msg),
         debug: (msg) => logger.debug(msg),
         error: (msg) => logger.error(msg),
-        browserUrl: (url) => logger.browserUrl(url),
-        browserOpening: () => logger.browserOpening(),
+        browserUrl: (url) => logger.info(`🔗 Open in browser: ${url}`),
+        browserOpening: () => logger.debug('🌐 Opening browser for authentication...'),
     } : defaultLogger;
     return new Promise((originalResolve, originalReject) => {
         let timeoutId = null;

package/dist/providers/BtpTokenProvider.d.ts

@@ -4,15 +4,14 @@
  * Uses browser-based OAuth2 or refresh token to obtain tokens.
  * For ABAP and full-scope BTP connections.
  */
-import type { ITokenProvider, TokenProviderOptions, TokenProviderResult } from '@mcp-abap-adt/auth-broker';
-import type { IAuthorizationConfig } from '@mcp-abap-adt/auth-broker';
+import type { ITokenProvider, ITokenProviderOptions, ITokenProviderResult, IAuthorizationConfig } from '@mcp-abap-adt/interfaces';
 /**
  * BTP/ABAP token provider implementation
  *
  * Uses browser-based OAuth2 (if no refresh token) or refresh token flow.
  */
 export declare class BtpTokenProvider implements ITokenProvider {
-    getConnectionConfig(authConfig: IAuthorizationConfig, options?: TokenProviderOptions): Promise<TokenProviderResult>;
+    getConnectionConfig(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
     validateToken(token: string, serviceUrl?: string): Promise<boolean>;
 }
 //# sourceMappingURL=BtpTokenProvider.d.ts.map

package/dist/providers/BtpTokenProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"BtpTokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/BtpTokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAC3G,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAKtE;;;;GAIG;AACH,qBAAa,gBAAiB,YAAW,cAAc;IAC/C,mBAAmB,CACvB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC;IAmCzB,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CA0C1E"}
+{"version":3,"file":"BtpTokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/BtpTokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAKlI;;;;GAIG;AACH,qBAAa,gBAAiB,YAAW,cAAc;IAC/C,mBAAmB,CACvB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC;IAmC1B,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CA0C1E"}

package/dist/providers/XsuaaTokenProvider.d.ts

@@ -4,15 +4,14 @@
  * Uses client_credentials grant type to obtain tokens (no browser required).
  * For XSUAA service keys with reduced scope access.
  */
-import type { ITokenProvider, TokenProviderOptions, TokenProviderResult } from '@mcp-abap-adt/auth-broker';
-import type { IAuthorizationConfig } from '@mcp-abap-adt/auth-broker';
+import type { ITokenProvider, ITokenProviderOptions, ITokenProviderResult, IAuthorizationConfig } from '@mcp-abap-adt/interfaces';
 /**
  * XSUAA token provider implementation
  *
  * Uses client_credentials grant type - no browser, no refresh token needed.
  */
 export declare class XsuaaTokenProvider implements ITokenProvider {
-    getConnectionConfig(authConfig: IAuthorizationConfig, options?: TokenProviderOptions): Promise<TokenProviderResult>;
+    getConnectionConfig(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
     validateToken(token: string, serviceUrl?: string): Promise<boolean>;
 }
 //# sourceMappingURL=XsuaaTokenProvider.d.ts.map

package/dist/providers/XsuaaTokenProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"XsuaaTokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/XsuaaTokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAC3G,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAItE;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,cAAc;IACjD,mBAAmB,CACvB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,oBAAoB,GAC7B,OAAO,CAAC,mBAAmB,CAAC;IAyBzB,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAgD1E"}
+{"version":3,"file":"XsuaaTokenProvider.d.ts","sourceRoot":"","sources":["../../src/providers/XsuaaTokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAIlI;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,cAAc;IACjD,mBAAmB,CACvB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC;IAyB1B,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAgD1E"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-abap-adt/auth-providers",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Token providers for MCP ABAP ADT auth-broker - XSUAA and BTP token providers",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -48,15 +48,14 @@
     "node": ">=18.0.0"
   },
   "dependencies": {
-    "@mcp-abap-adt/auth-broker": "^0.1.6",
-    "@mcp-abap-adt/connection": "^0.1.13",
-    "@mcp-abap-adt/auth-stores": "^0.1.2",
-    "@mcp-abap-adt/logger": "^0.1.0",
+    "@mcp-abap-adt/interfaces": "^0.1.1",
     "axios": "^1.11.0",
     "express": "^5.1.0",
     "open": "^11.0.0"
   },
   "devDependencies": {
+    "@mcp-abap-adt/auth-stores": "^0.1.4",
+    "@mcp-abap-adt/logger": "^0.1.1",
     "@types/express": "^5.0.5",
     "@types/jest": "^30.0.0",
     "@types/js-yaml": "^4.0.9",
@@ -67,4 +66,3 @@
     "typescript": "^5.9.2"
   }
 }
-