@mcp-abap-adt/auth-stores 0.2.3 → 0.2.6

package/CHANGELOG.md

@@ -7,6 +7,38 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.2.6] - 2025-12-21
+
+### Added
+- **EnvFileSessionStore**: New session store that reads from a specific `.env` file path
+  - Use case: `mcp-abap-adt --env /path/to/.env` CLI option
+  - Supports both basic auth (SAP_USERNAME/SAP_PASSWORD) and JWT auth (SAP_JWT_TOKEN)
+  - `getAuthType()` method to determine auth type from the file
+  - Read-only for file content; token updates stored in memory only
+  - Automatic detection of auth type based on file content
+
+## [0.2.5] - 2025-12-19
+
+### Fixed
+- **Version Correction**: This release corrects the version numbering issue. The typed error classes and service key store updates that were documented in 0.2.4 were released after 0.2.4 was already published. This version properly documents those changes.
+
+## [0.2.4] - 2025-12-19
+
+### Added
+- **Typed Error Classes**: Added typed error classes for better error handling in auth-broker
+  - `StoreError` - Base error class with error code
+  - `FileNotFoundError` - File not found errors (includes filePath)
+  - `ParseError` - JSON/YAML parsing errors (includes filePath and cause)
+  - `InvalidConfigError` - Missing required config fields (includes missingFields array)
+  - `StorageError` - File write/permission errors (includes operation and cause)
+
+### Changed
+- **Service Key Stores**: Now throw typed errors instead of generic Error
+  - `FileNotFoundError` when service key file not found (returns null)
+  - `ParseError` when JSON parsing fails or format is invalid
+  - `InvalidConfigError` when required UAA fields are missing (returns null)
+- **Dependency**: Updated `@mcp-abap-adt/interfaces` to `^0.2.3` for STORE_ERROR_CODES
+
 ## [0.2.3] - 2025-12-16
 
 ### Changed

package/README.md

@@ -90,6 +90,9 @@ Session stores manage authentication tokens and configuration:
 - **`SafeAbapSessionStore`** - In-memory store for ABAP sessions
 - **`SafeXsuaaSessionStore`** - In-memory store for XSUAA sessions
 
+**File-based single-file stores**:
+- **`EnvFileSessionStore`** - Reads from a specific `.env` file path (e.g., `--env /path/to/.env`)
+
 ## Usage
 
 ### BTP Stores (base BTP without sapUrl)
@@ -141,6 +144,54 @@ const sessionStore = new XsuaaSessionStore('/path/to/sessions', 'https://default
 const safeSessionStore = new SafeXsuaaSessionStore('https://default.mcp.com', logger);
 ```
 
+### EnvFileSessionStore (Single File)
+
+`EnvFileSessionStore` reads connection configuration from a specific `.env` file path rather than a directory. This is useful for the `--env` CLI option.
+
+```typescript
+import { EnvFileSessionStore } from '@mcp-abap-adt/auth-stores';
+
+// Create store pointing to specific .env file
+const store = new EnvFileSessionStore('/path/to/.env', logger);
+
+// Check the auth type from the file
+const authType = store.getAuthType(); // 'basic' | 'jwt' | null
+
+// Load session (works like other session stores)
+const config = await store.loadSession('default');
+console.log(config?.serviceUrl, config?.authType);
+
+// For basic auth
+console.log(config?.username, config?.password);
+
+// For JWT auth
+console.log(config?.authorizationToken, config?.refreshToken);
+```
+
+**Env file format:**
+```bash
+# Connection
+SAP_URL=https://your-sap-system.com
+SAP_CLIENT=100
+
+# Auth type: 'basic' or 'jwt' (defaults to 'basic')
+SAP_AUTH_TYPE=basic
+
+# Basic auth credentials
+SAP_USERNAME=your-username
+SAP_PASSWORD=your-password
+
+# OR JWT auth
+# SAP_AUTH_TYPE=jwt
+# SAP_JWT_TOKEN=your-jwt-token
+# SAP_REFRESH_TOKEN=your-refresh-token
+# SAP_UAA_URL=https://uaa.example.com
+# SAP_UAA_CLIENT_ID=client-id
+# SAP_UAA_CLIENT_SECRET=client-secret
+```
+
+**Important**: This store is **read-only** for the file. Token updates (e.g., refreshed JWT tokens) are stored in memory only and do not modify the original `.env` file.
+
 ### Directory Configuration
 
 All stores accept a single directory path in the constructor:
@@ -198,6 +249,58 @@ The `defaultServiceUrl` is used when creating new sessions via `setConnectionCon
 
 ## File Handlers
 
+This package provides utility classes for safe file operations:
+
+### Error Handling
+
+All service key stores throw typed errors for better error handling:
+
+```typescript
+import { 
+  BtpServiceKeyStore,
+  FileNotFoundError,
+  ParseError,
+  InvalidConfigError 
+} from '@mcp-abap-adt/auth-stores';
+import { STORE_ERROR_CODES } from '@mcp-abap-adt/interfaces';
+
+const serviceKeyStore = new BtpServiceKeyStore('/path/to/keys');
+
+try {
+  const authConfig = await serviceKeyStore.getAuthorizationConfig('TRIAL');
+  console.log('Auth config loaded:', authConfig);
+} catch (error: any) {
+  if (error.code === STORE_ERROR_CODES.FILE_NOT_FOUND) {
+    // File not found - returns null instead of throwing
+    console.error('Service key file not found:', error.filePath);
+  } else if (error.code === STORE_ERROR_CODES.PARSE_ERROR) {
+    // JSON parsing failed or invalid format
+    console.error('Failed to parse service key:', error.filePath);
+    console.error('Cause:', error.cause);
+  } else if (error.code === STORE_ERROR_CODES.INVALID_CONFIG) {
+    // Required UAA fields missing - returns null instead of throwing
+    console.error('Invalid config:', error.missingFields);
+  } else if (error.code === STORE_ERROR_CODES.STORAGE_ERROR) {
+    // File write/permission error
+    console.error('Storage operation failed:', error.operation);
+    console.error('Cause:', error.cause);
+  } else {
+    // Generic error
+    console.error('Unexpected error:', error.message);
+  }
+}
+```
+
+**Error Types:**
+- **`FileNotFoundError`** - Service key file not found (includes `filePath`)
+- **`ParseError`** - JSON parsing failed or invalid format (includes `filePath` and `cause`)
+- **`InvalidConfigError`** - Required configuration fields missing (includes `missingFields` array)
+- **`StorageError`** - File write or permission error (includes `operation` and `cause`)
+
+**Note**: Most errors result in `null` return values rather than exceptions. Only fatal errors (like JSON parsing failures) throw exceptions.
+
+## File Handlers
+
 Utility classes for working with files:
 
 ### JsonFileHandler

package/dist/errors/StoreErrors.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Store error codes and typed error classes
+ */
+import { type StoreErrorCode } from '@mcp-abap-adt/interfaces';
+/**
+ * Base error class for all store errors
+ */
+export declare class StoreError extends Error {
+    readonly code: StoreErrorCode;
+    constructor(message: string, code: StoreErrorCode);
+}
+/**
+ * Error thrown when a file is not found
+ */
+export declare class FileNotFoundError extends StoreError {
+    readonly filePath: string;
+    constructor(filePath: string, message?: string);
+}
+/**
+ * Error thrown when a file cannot be parsed (invalid JSON, YAML, etc.)
+ */
+export declare class ParseError extends StoreError {
+    readonly filePath?: string;
+    readonly cause?: Error;
+    constructor(message: string, filePath?: string, cause?: Error);
+}
+/**
+ * Error thrown when required configuration fields are missing
+ */
+export declare class InvalidConfigError extends StoreError {
+    readonly missingFields: string[];
+    constructor(message: string, missingFields?: string[]);
+}
+/**
+ * Error thrown when storage operations fail (file write, permission denied, etc.)
+ */
+export declare class StorageError extends StoreError {
+    readonly operation: string;
+    readonly cause?: Error;
+    constructor(operation: string, message: string, cause?: Error);
+}

package/dist/errors/StoreErrors.js

@@ -0,0 +1,76 @@
+"use strict";
+/**
+ * Store error codes and typed error classes
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StorageError = exports.InvalidConfigError = exports.ParseError = exports.FileNotFoundError = exports.StoreError = void 0;
+const interfaces_1 = require("@mcp-abap-adt/interfaces");
+/**
+ * Base error class for all store errors
+ */
+class StoreError extends Error {
+    code;
+    constructor(message, code) {
+        super(message);
+        this.name = 'StoreError';
+        this.code = code;
+        Object.setPrototypeOf(this, StoreError.prototype);
+    }
+}
+exports.StoreError = StoreError;
+/**
+ * Error thrown when a file is not found
+ */
+class FileNotFoundError extends StoreError {
+    filePath;
+    constructor(filePath, message) {
+        super(message || `File not found: ${filePath}`, interfaces_1.STORE_ERROR_CODES.FILE_NOT_FOUND);
+        this.name = 'FileNotFoundError';
+        this.filePath = filePath;
+        Object.setPrototypeOf(this, FileNotFoundError.prototype);
+    }
+}
+exports.FileNotFoundError = FileNotFoundError;
+/**
+ * Error thrown when a file cannot be parsed (invalid JSON, YAML, etc.)
+ */
+class ParseError extends StoreError {
+    filePath;
+    cause;
+    constructor(message, filePath, cause) {
+        super(message, interfaces_1.STORE_ERROR_CODES.PARSE_ERROR);
+        this.name = 'ParseError';
+        this.filePath = filePath;
+        this.cause = cause;
+        Object.setPrototypeOf(this, ParseError.prototype);
+    }
+}
+exports.ParseError = ParseError;
+/**
+ * Error thrown when required configuration fields are missing
+ */
+class InvalidConfigError extends StoreError {
+    missingFields;
+    constructor(message, missingFields = []) {
+        super(message, interfaces_1.STORE_ERROR_CODES.INVALID_CONFIG);
+        this.name = 'InvalidConfigError';
+        this.missingFields = missingFields;
+        Object.setPrototypeOf(this, InvalidConfigError.prototype);
+    }
+}
+exports.InvalidConfigError = InvalidConfigError;
+/**
+ * Error thrown when storage operations fail (file write, permission denied, etc.)
+ */
+class StorageError extends StoreError {
+    operation;
+    cause;
+    constructor(operation, message, cause) {
+        super(message, interfaces_1.STORE_ERROR_CODES.STORAGE_ERROR);
+        this.name = 'StorageError';
+        this.operation = operation;
+        this.cause = cause;
+        Object.setPrototypeOf(this, StorageError.prototype);
+    }
+}
+exports.StorageError = StorageError;

package/dist/index.d.ts

@@ -13,6 +13,8 @@ export { AbapServiceKeyStore } from './stores/abap/AbapServiceKeyStore';
 export { XsuaaSessionStore } from './stores/xsuaa/XsuaaSessionStore';
 export { SafeXsuaaSessionStore } from './stores/xsuaa/SafeXsuaaSessionStore';
 export { XsuaaServiceKeyStore } from './stores/xsuaa/XsuaaServiceKeyStore';
+export { EnvFileSessionStore } from './stores/env/EnvFileSessionStore';
+export { StoreError, FileNotFoundError, ParseError, InvalidConfigError, StorageError } from './errors/StoreErrors';
 export { resolveSearchPaths, findFileInPaths } from './utils/pathResolver';
 export { JsonFileHandler } from './utils/JsonFileHandler';
 export { EnvFileHandler } from './utils/EnvFileHandler';

package/dist/index.js

@@ -6,7 +6,7 @@
  * Provides BTP, ABAP, and XSUAA store implementations
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.loadXSUAAServiceKey = exports.loadServiceKey = exports.XSUAA_CONNECTION_VARS = exports.XSUAA_AUTHORIZATION_VARS = exports.BTP_CONNECTION_VARS = exports.BTP_AUTHORIZATION_VARS = exports.ABAP_CONNECTION_VARS = exports.ABAP_AUTHORIZATION_VARS = exports.EnvFileHandler = exports.JsonFileHandler = exports.findFileInPaths = exports.resolveSearchPaths = exports.XsuaaServiceKeyStore = exports.SafeXsuaaSessionStore = exports.XsuaaSessionStore = exports.AbapServiceKeyStore = exports.SafeAbapSessionStore = exports.AbapSessionStore = exports.BtpServiceKeyStore = exports.SafeBtpSessionStore = exports.BtpSessionStore = void 0;
+exports.loadXSUAAServiceKey = exports.loadServiceKey = exports.XSUAA_CONNECTION_VARS = exports.XSUAA_AUTHORIZATION_VARS = exports.BTP_CONNECTION_VARS = exports.BTP_AUTHORIZATION_VARS = exports.ABAP_CONNECTION_VARS = exports.ABAP_AUTHORIZATION_VARS = exports.EnvFileHandler = exports.JsonFileHandler = exports.findFileInPaths = exports.resolveSearchPaths = exports.StorageError = exports.InvalidConfigError = exports.ParseError = exports.FileNotFoundError = exports.StoreError = exports.EnvFileSessionStore = exports.XsuaaServiceKeyStore = exports.SafeXsuaaSessionStore = exports.XsuaaSessionStore = exports.AbapServiceKeyStore = exports.SafeAbapSessionStore = exports.AbapSessionStore = exports.BtpServiceKeyStore = exports.SafeBtpSessionStore = exports.BtpSessionStore = void 0;
 // BTP stores (base BTP without sapUrl)
 var BtpSessionStore_1 = require("./stores/btp/BtpSessionStore");
 Object.defineProperty(exports, "BtpSessionStore", { enumerable: true, get: function () { return BtpSessionStore_1.BtpSessionStore; } });
@@ -28,6 +28,16 @@ var SafeXsuaaSessionStore_1 = require("./stores/xsuaa/SafeXsuaaSessionStore");
 Object.defineProperty(exports, "SafeXsuaaSessionStore", { enumerable: true, get: function () { return SafeXsuaaSessionStore_1.SafeXsuaaSessionStore; } });
 var XsuaaServiceKeyStore_1 = require("./stores/xsuaa/XsuaaServiceKeyStore");
 Object.defineProperty(exports, "XsuaaServiceKeyStore", { enumerable: true, get: function () { return XsuaaServiceKeyStore_1.XsuaaServiceKeyStore; } });
+// Env file stores (for --env=path scenarios)
+var EnvFileSessionStore_1 = require("./stores/env/EnvFileSessionStore");
+Object.defineProperty(exports, "EnvFileSessionStore", { enumerable: true, get: function () { return EnvFileSessionStore_1.EnvFileSessionStore; } });
+// Error classes
+var StoreErrors_1 = require("./errors/StoreErrors");
+Object.defineProperty(exports, "StoreError", { enumerable: true, get: function () { return StoreErrors_1.StoreError; } });
+Object.defineProperty(exports, "FileNotFoundError", { enumerable: true, get: function () { return StoreErrors_1.FileNotFoundError; } });
+Object.defineProperty(exports, "ParseError", { enumerable: true, get: function () { return StoreErrors_1.ParseError; } });
+Object.defineProperty(exports, "InvalidConfigError", { enumerable: true, get: function () { return StoreErrors_1.InvalidConfigError; } });
+Object.defineProperty(exports, "StorageError", { enumerable: true, get: function () { return StoreErrors_1.StorageError; } });
 // Utils
 var pathResolver_1 = require("./utils/pathResolver");
 Object.defineProperty(exports, "resolveSearchPaths", { enumerable: true, get: function () { return pathResolver_1.resolveSearchPaths; } });

package/dist/stores/abap/AbapServiceKeyStore.js

@@ -39,6 +39,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AbapServiceKeyStore = void 0;
 const JsonFileHandler_1 = require("../../utils/JsonFileHandler");
 const AbapServiceKeyParser_1 = require("../../parsers/abap/AbapServiceKeyParser");
+const StoreErrors_1 = require("../../errors/StoreErrors");
 const path = __importStar(require("path"));
 /**
  * ABAP Service key store implementation
@@ -112,7 +113,7 @@ class AbapServiceKeyStore {
         }
         catch (error) {
             this.log?.error(`Failed to parse service key from ${filePath}: ${error instanceof Error ? error.message : String(error)}`);
-            throw new Error(`Failed to parse service key for destination "${destination}": ${error instanceof Error ? error.message : String(error)}`);
+            throw new StoreErrors_1.ParseError(`Failed to parse service key for destination "${destination}"`, filePath, error instanceof Error ? error : undefined);
         }
     }
     /**

package/dist/stores/btp/BtpServiceKeyStore.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.BtpServiceKeyStore = void 0;
 const JsonFileHandler_1 = require("../../utils/JsonFileHandler");
 const XsuaaServiceKeyParser_1 = require("../../parsers/xsuaa/XsuaaServiceKeyParser");
+const StoreErrors_1 = require("../../errors/StoreErrors");
 /**
  * Base BTP Service key store implementation
  *
@@ -73,7 +74,7 @@ class BtpServiceKeyStore {
         }
         catch (error) {
             this.log?.error(`Failed to parse service key for ${destination}: ${error instanceof Error ? error.message : String(error)}`);
-            throw new Error(`Failed to parse service key for destination "${destination}": ${error instanceof Error ? error.message : String(error)}`);
+            throw new StoreErrors_1.ParseError(`Failed to parse service key for destination "${destination}"`, `${destination}.json`, error instanceof Error ? error : undefined);
         }
     }
     /**

package/dist/stores/env/EnvFileSessionStore.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Env File Session Store - reads session from a specific .env file
+ *
+ * This store reads connection configuration from a .env file at a specified path.
+ * Unlike other stores that work with directories, this one works with a single file.
+ *
+ * Use case: `mcp-abap-adt --env=/path/to/.env`
+ *
+ * The store is READ-ONLY for connection config (writes only update in-memory state).
+ * For token refresh scenarios (JWT), the in-memory state is used.
+ */
+import type { ISessionStore, IConnectionConfig, IAuthorizationConfig, IConfig, ILogger } from '@mcp-abap-adt/interfaces';
+/**
+ * Session store that reads from a specific .env file
+ */
+export declare class EnvFileSessionStore implements ISessionStore {
+    private envFilePath;
+    private log?;
+    private loadedData;
+    private inMemoryUpdates;
+    /**
+     * Create a new EnvFileSessionStore
+     * @param envFilePath Absolute path to the .env file
+     * @param log Optional logger
+     */
+    constructor(envFilePath: string, log?: ILogger);
+    /**
+     * Get the auth type from the loaded .env file
+     */
+    getAuthType(): 'basic' | 'jwt' | null;
+    /**
+     * Parse .env file content into key-value pairs
+     */
+    private parseEnvContent;
+    /**
+     * Load and parse the .env file
+     */
+    private loadEnvFile;
+    /**
+     * Convert internal format to IConfig
+     */
+    private toIConfig;
+    loadSession(destination: string): Promise<IConfig | null>;
+    saveSession(destination: string, config: IConfig): Promise<void>;
+    getConnectionConfig(destination: string): Promise<IConnectionConfig | null>;
+    setConnectionConfig(destination: string, config: IConnectionConfig): Promise<void>;
+    getAuthorizationConfig(destination: string): Promise<IAuthorizationConfig | null>;
+    setAuthorizationConfig(destination: string, config: IAuthorizationConfig): Promise<void>;
+    getToken(destination: string): Promise<string | undefined>;
+    setToken(destination: string, token: string): Promise<void>;
+    getRefreshToken(destination: string): Promise<string | undefined>;
+    setRefreshToken(destination: string, refreshToken: string): Promise<void>;
+    /**
+     * Clear in-memory updates (useful for testing)
+     */
+    clear(): void;
+}

package/dist/stores/env/EnvFileSessionStore.js

@@ -0,0 +1,338 @@
+"use strict";
+/**
+ * Env File Session Store - reads session from a specific .env file
+ *
+ * This store reads connection configuration from a .env file at a specified path.
+ * Unlike other stores that work with directories, this one works with a single file.
+ *
+ * Use case: `mcp-abap-adt --env=/path/to/.env`
+ *
+ * The store is READ-ONLY for connection config (writes only update in-memory state).
+ * For token refresh scenarios (JWT), the in-memory state is used.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnvFileSessionStore = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+/**
+ * Session store that reads from a specific .env file
+ */
+class EnvFileSessionStore {
+    envFilePath;
+    log;
+    loadedData = null;
+    inMemoryUpdates = new Map();
+    /**
+     * Create a new EnvFileSessionStore
+     * @param envFilePath Absolute path to the .env file
+     * @param log Optional logger
+     */
+    constructor(envFilePath, log) {
+        this.envFilePath = path.resolve(envFilePath);
+        this.log = log;
+    }
+    /**
+     * Get the auth type from the loaded .env file
+     */
+    getAuthType() {
+        if (!this.loadedData) {
+            this.loadEnvFile();
+        }
+        return this.loadedData?.authType || null;
+    }
+    /**
+     * Parse .env file content into key-value pairs
+     */
+    parseEnvContent(content) {
+        const envVars = {};
+        for (const line of content.split(/\r?\n/)) {
+            const trimmed = line.trim();
+            if (!trimmed || trimmed.startsWith('#'))
+                continue;
+            const eqIndex = trimmed.indexOf('=');
+            if (eqIndex === -1)
+                continue;
+            const key = trimmed.substring(0, eqIndex).trim();
+            let value = trimmed.substring(eqIndex + 1);
+            // Remove inline comments (but be careful with URLs containing #)
+            // Only remove # comments that are preceded by whitespace
+            const commentMatch = value.match(/\s+#/);
+            if (commentMatch) {
+                value = value.substring(0, commentMatch.index).trim();
+            }
+            else {
+                value = value.trim();
+            }
+            // Remove surrounding quotes
+            value = value.replace(/^["']+|["']+$/g, '').trim();
+            if (key) {
+                envVars[key] = value;
+            }
+        }
+        return envVars;
+    }
+    /**
+     * Load and parse the .env file
+     */
+    loadEnvFile() {
+        if (this.loadedData) {
+            return this.loadedData;
+        }
+        if (!fs.existsSync(this.envFilePath)) {
+            this.log?.error(`EnvFileSessionStore: .env file not found: ${this.envFilePath}`);
+            return null;
+        }
+        try {
+            const content = fs.readFileSync(this.envFilePath, 'utf8');
+            const envVars = this.parseEnvContent(content);
+            // Validate required fields
+            if (!envVars.SAP_URL) {
+                this.log?.error(`EnvFileSessionStore: .env file missing SAP_URL`);
+                return null;
+            }
+            const authType = (envVars.SAP_AUTH_TYPE || 'basic');
+            const data = {
+                serviceUrl: envVars.SAP_URL,
+                sapClient: envVars.SAP_CLIENT,
+                authType,
+            };
+            if (authType === 'basic') {
+                if (!envVars.SAP_USERNAME || !envVars.SAP_PASSWORD) {
+                    this.log?.error(`EnvFileSessionStore: .env file missing SAP_USERNAME or SAP_PASSWORD for basic auth`);
+                    return null;
+                }
+                data.username = envVars.SAP_USERNAME;
+                data.password = envVars.SAP_PASSWORD;
+            }
+            else if (authType === 'jwt') {
+                if (!envVars.SAP_JWT_TOKEN) {
+                    this.log?.error(`EnvFileSessionStore: .env file missing SAP_JWT_TOKEN for JWT auth`);
+                    return null;
+                }
+                data.jwtToken = envVars.SAP_JWT_TOKEN;
+                data.refreshToken = envVars.SAP_REFRESH_TOKEN;
+                data.uaaUrl = envVars.SAP_UAA_URL;
+                data.uaaClientId = envVars.SAP_UAA_CLIENT_ID;
+                data.uaaClientSecret = envVars.SAP_UAA_CLIENT_SECRET;
+            }
+            this.loadedData = data;
+            this.log?.debug(`EnvFileSessionStore: loaded .env file`, {
+                serviceUrl: data.serviceUrl,
+                authType: data.authType
+            });
+            return data;
+        }
+        catch (error) {
+            this.log?.error(`EnvFileSessionStore: failed to read .env file`, {
+                error: error instanceof Error ? error.message : String(error)
+            });
+            return null;
+        }
+    }
+    /**
+     * Convert internal format to IConfig
+     */
+    toIConfig(data) {
+        const config = {
+            serviceUrl: data.serviceUrl,
+            sapClient: data.sapClient,
+            authType: data.authType,
+        };
+        if (data.authType === 'basic') {
+            config.username = data.username;
+            config.password = data.password;
+        }
+        else if (data.authType === 'jwt') {
+            config.authorizationToken = data.jwtToken;
+            config.refreshToken = data.refreshToken;
+            config.uaaUrl = data.uaaUrl;
+            config.uaaClientId = data.uaaClientId;
+            config.uaaClientSecret = data.uaaClientSecret;
+        }
+        return config;
+    }
+    // ============================================================================
+    // ISessionStore implementation
+    // ============================================================================
+    async loadSession(destination) {
+        // Check in-memory updates first (for token refresh)
+        const updated = this.inMemoryUpdates.get(destination);
+        if (updated) {
+            return this.toIConfig(updated);
+        }
+        // Load from .env file
+        const data = this.loadEnvFile();
+        if (!data)
+            return null;
+        return this.toIConfig(data);
+    }
+    async saveSession(destination, config) {
+        // Save to in-memory only (don't overwrite .env file)
+        const data = {
+            serviceUrl: config.serviceUrl || this.loadedData?.serviceUrl || '',
+            sapClient: config.sapClient || this.loadedData?.sapClient,
+            authType: config.authType || this.loadedData?.authType || 'basic',
+            username: config.username,
+            password: config.password,
+            jwtToken: config.authorizationToken,
+            refreshToken: config.refreshToken,
+            uaaUrl: config.uaaUrl,
+            uaaClientId: config.uaaClientId,
+            uaaClientSecret: config.uaaClientSecret,
+        };
+        this.inMemoryUpdates.set(destination, data);
+        this.log?.debug(`EnvFileSessionStore: saved session to memory`, { destination });
+    }
+    async getConnectionConfig(destination) {
+        // Check in-memory updates first
+        const updated = this.inMemoryUpdates.get(destination);
+        if (updated) {
+            return {
+                serviceUrl: updated.serviceUrl,
+                sapClient: updated.sapClient,
+                authType: updated.authType,
+                username: updated.username,
+                password: updated.password,
+                authorizationToken: updated.jwtToken,
+            };
+        }
+        const data = this.loadEnvFile();
+        if (!data)
+            return null;
+        return {
+            serviceUrl: data.serviceUrl,
+            sapClient: data.sapClient,
+            authType: data.authType,
+            username: data.username,
+            password: data.password,
+            authorizationToken: data.jwtToken,
+        };
+    }
+    async setConnectionConfig(destination, config) {
+        // Store in memory (merge with existing data)
+        const existing = this.inMemoryUpdates.get(destination) || this.loadEnvFile() || {};
+        const data = {
+            ...existing,
+            serviceUrl: config.serviceUrl || existing.serviceUrl,
+            sapClient: config.sapClient || existing.sapClient,
+            authType: config.authType || existing.authType || 'basic',
+            username: config.username || existing.username,
+            password: config.password || existing.password,
+            jwtToken: config.authorizationToken || existing.jwtToken,
+        };
+        this.inMemoryUpdates.set(destination, data);
+        this.log?.debug(`EnvFileSessionStore: set connection config`, { destination, serviceUrl: data.serviceUrl });
+    }
+    async getAuthorizationConfig(destination) {
+        // Check in-memory updates first
+        const updated = this.inMemoryUpdates.get(destination);
+        if (updated && updated.authType === 'jwt') {
+            return {
+                uaaUrl: updated.uaaUrl || '',
+                uaaClientId: updated.uaaClientId || '',
+                uaaClientSecret: updated.uaaClientSecret || '',
+            };
+        }
+        const data = this.loadEnvFile();
+        if (!data || data.authType !== 'jwt')
+            return null;
+        return {
+            uaaUrl: data.uaaUrl || '',
+            uaaClientId: data.uaaClientId || '',
+            uaaClientSecret: data.uaaClientSecret || '',
+        };
+    }
+    async setAuthorizationConfig(destination, config) {
+        const existing = this.inMemoryUpdates.get(destination) || this.loadEnvFile() || {};
+        const data = {
+            ...existing,
+            serviceUrl: existing.serviceUrl || '',
+            authType: existing.authType || 'jwt',
+            uaaUrl: config.uaaUrl,
+            uaaClientId: config.uaaClientId,
+            uaaClientSecret: config.uaaClientSecret,
+        };
+        this.inMemoryUpdates.set(destination, data);
+        this.log?.debug(`EnvFileSessionStore: set authorization config`, { destination });
+    }
+    async getToken(destination) {
+        // Check in-memory updates first (refreshed token)
+        const updated = this.inMemoryUpdates.get(destination);
+        if (updated?.jwtToken) {
+            return updated.jwtToken;
+        }
+        const data = this.loadEnvFile();
+        return data?.jwtToken;
+    }
+    async setToken(destination, token) {
+        const existing = this.inMemoryUpdates.get(destination) || this.loadEnvFile() || {};
+        const data = {
+            ...existing,
+            serviceUrl: existing.serviceUrl || '',
+            authType: 'jwt',
+            jwtToken: token,
+        };
+        this.inMemoryUpdates.set(destination, data);
+        this.log?.debug(`EnvFileSessionStore: set token`, { destination });
+    }
+    async getRefreshToken(destination) {
+        const updated = this.inMemoryUpdates.get(destination);
+        if (updated?.refreshToken) {
+            return updated.refreshToken;
+        }
+        const data = this.loadEnvFile();
+        return data?.refreshToken;
+    }
+    async setRefreshToken(destination, refreshToken) {
+        const existing = this.inMemoryUpdates.get(destination) || this.loadEnvFile() || {};
+        const data = {
+            ...existing,
+            serviceUrl: existing.serviceUrl || '',
+            authType: 'jwt',
+            refreshToken,
+        };
+        this.inMemoryUpdates.set(destination, data);
+        this.log?.debug(`EnvFileSessionStore: set refresh token`, { destination });
+    }
+    /**
+     * Clear in-memory updates (useful for testing)
+     */
+    clear() {
+        this.inMemoryUpdates.clear();
+        this.loadedData = null;
+    }
+}
+exports.EnvFileSessionStore = EnvFileSessionStore;

package/dist/stores/xsuaa/XsuaaServiceKeyStore.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.XsuaaServiceKeyStore = void 0;
 const JsonFileHandler_1 = require("../../utils/JsonFileHandler");
 const XsuaaServiceKeyParser_1 = require("../../parsers/xsuaa/XsuaaServiceKeyParser");
+const StoreErrors_1 = require("../../errors/StoreErrors");
 /**
  * XSUAA Service key store implementation
  *
@@ -73,7 +74,7 @@ class XsuaaServiceKeyStore {
         }
         catch (error) {
             this.log?.error(`Failed to parse service key for ${destination}: ${error instanceof Error ? error.message : String(error)}`);
-            throw new Error(`Failed to parse service key for destination "${destination}": ${error instanceof Error ? error.message : String(error)}`);
+            throw new StoreErrors_1.ParseError(`Failed to parse service key for destination "${destination}"`, `${destination}.json`, error instanceof Error ? error : undefined);
         }
     }
     /**
@@ -107,7 +108,7 @@ class XsuaaServiceKeyStore {
         }
         catch (error) {
             this.log?.error(`Failed to parse service key for ${destination}: ${error instanceof Error ? error.message : String(error)}`);
-            throw new Error(`Failed to parse service key for destination "${destination}": ${error instanceof Error ? error.message : String(error)}`);
+            throw new StoreErrors_1.ParseError(`Failed to parse service key for destination "${destination}"`, `${destination}.json`, error instanceof Error ? error : undefined);
         }
     }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-abap-adt/auth-stores",
-  "version": "0.2.3",
+  "version": "0.2.6",
   "description": "Stores for MCP ABAP ADT auth-broker - BTP, ABAP, and XSUAA implementations",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -49,7 +49,7 @@
     "node": ">=18.0.0"
   },
   "dependencies": {
-    "@mcp-abap-adt/interfaces": "^0.1.17",
+    "@mcp-abap-adt/interfaces": "^0.2.3",
     "dotenv": "^17.2.1"
   },
   "devDependencies": {