@mcp-abap-adt/auth-stores 0.2.7 → 0.2.9

package/CHANGELOG.md

@@ -7,6 +7,40 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.2.9] - 2025-12-22
+
+### Changed
+- **Migrated to Biome**: Replaced ESLint/Prettier with Biome for linting and formatting
+  - Added `@biomejs/biome` as dev dependency (^2.3.10)
+  - Added `biome.json` configuration file with recommended rules
+  - Added npm scripts: `lint`, `lint:check`, `format`
+  - Updated `build` script to include Biome check before TypeScript compilation
+  - All code now follows Biome formatting and linting rules
+  - Updated Node.js imports to use `node:` protocol (fs, path, os)
+
+### Fixed
+- **Type Safety Improvements**: Replaced `any` types with `unknown` for better type safety
+  - Parser methods (`canParse`, `parse`): Changed parameter types from `any` to `unknown` with proper type guards
+  - `AbapSessionStore`: Replaced `as any` casts with proper type intersections (`IConfig & Record<string, unknown>`)
+  - All parsers now use proper type guards to safely access object properties
+- **Code Quality**: Improved code organization
+  - Organized imports automatically
+  - Fixed code formatting issues
+  - Improved type safety in session store operations
+
+## [0.2.8] - 2025-12-21
+
+### Added
+- **EnvFileSessionStore**: File persistence for JWT tokens
+  - `save()` method writes `SAP_JWT_TOKEN` and `SAP_REFRESH_TOKEN` back to the .env file
+  - `setToken()`, `setRefreshToken()`, `setConnectionConfig()`, `setAuthorizationConfig()`, `saveSession()` now automatically persist JWT changes to file
+  - Enables token refresh flow to update the .env file with new tokens
+
+### Changed
+- **EnvFileSessionStore**: No longer "read-only" for JWT auth
+  - Basic auth credentials remain read-only (not written back)
+  - JWT tokens are persisted on update
+
 ## [0.2.7] - 2025-12-21
 
 ### Fixed

package/dist/index.d.ts

@@ -4,20 +4,17 @@
  *
  * Provides ABAP and XSUAA store implementations
  */
+export { FileNotFoundError, InvalidConfigError, ParseError, StorageError, StoreError, } from './errors/StoreErrors';
+export { loadServiceKey } from './loaders/abap/serviceKeyLoader';
+export { loadXSUAAServiceKey } from './loaders/xsuaa/xsuaaServiceKeyLoader';
+export { AbapServiceKeyStore } from './stores/abap/AbapServiceKeyStore';
 export { AbapSessionStore } from './stores/abap/AbapSessionStore';
 export { SafeAbapSessionStore } from './stores/abap/SafeAbapSessionStore';
-export { AbapServiceKeyStore } from './stores/abap/AbapServiceKeyStore';
-export { XsuaaSessionStore } from './stores/xsuaa/XsuaaSessionStore';
-export { SafeXsuaaSessionStore } from './stores/xsuaa/SafeXsuaaSessionStore';
-export { XsuaaServiceKeyStore } from './stores/xsuaa/XsuaaServiceKeyStore';
-export { XsuaaSessionStore as BtpSessionStore } from './stores/xsuaa/XsuaaSessionStore';
-export { SafeXsuaaSessionStore as SafeBtpSessionStore } from './stores/xsuaa/SafeXsuaaSessionStore';
-export { XsuaaServiceKeyStore as BtpServiceKeyStore } from './stores/xsuaa/XsuaaServiceKeyStore';
 export { EnvFileSessionStore } from './stores/env/EnvFileSessionStore';
-export { StoreError, FileNotFoundError, ParseError, InvalidConfigError, StorageError } from './errors/StoreErrors';
-export { resolveSearchPaths, findFileInPaths } from './utils/pathResolver';
-export { JsonFileHandler } from './utils/JsonFileHandler';
+export { SafeXsuaaSessionStore, SafeXsuaaSessionStore as SafeBtpSessionStore, } from './stores/xsuaa/SafeXsuaaSessionStore';
+export { XsuaaServiceKeyStore, XsuaaServiceKeyStore as BtpServiceKeyStore, } from './stores/xsuaa/XsuaaServiceKeyStore';
+export { XsuaaSessionStore, XsuaaSessionStore as BtpSessionStore, } from './stores/xsuaa/XsuaaSessionStore';
+export { ABAP_AUTHORIZATION_VARS, ABAP_CONNECTION_VARS, BTP_AUTHORIZATION_VARS, BTP_CONNECTION_VARS, XSUAA_AUTHORIZATION_VARS, XSUAA_CONNECTION_VARS, } from './utils/constants';
 export { EnvFileHandler } from './utils/EnvFileHandler';
-export { ABAP_AUTHORIZATION_VARS, ABAP_CONNECTION_VARS, BTP_AUTHORIZATION_VARS, BTP_CONNECTION_VARS, XSUAA_AUTHORIZATION_VARS, XSUAA_CONNECTION_VARS } from './utils/constants';
-export { loadServiceKey } from './loaders/abap/serviceKeyLoader';
-export { loadXSUAAServiceKey } from './loaders/xsuaa/xsuaaServiceKeyLoader';
+export { JsonFileHandler } from './utils/JsonFileHandler';
+export { findFileInPaths, resolveSearchPaths } from './utils/pathResolver';

package/dist/index.js

@@ -6,46 +6,40 @@
  * Provides ABAP and XSUAA store implementations
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.loadXSUAAServiceKey = exports.loadServiceKey = exports.XSUAA_CONNECTION_VARS = exports.XSUAA_AUTHORIZATION_VARS = exports.BTP_CONNECTION_VARS = exports.BTP_AUTHORIZATION_VARS = exports.ABAP_CONNECTION_VARS = exports.ABAP_AUTHORIZATION_VARS = exports.EnvFileHandler = exports.JsonFileHandler = exports.findFileInPaths = exports.resolveSearchPaths = exports.StorageError = exports.InvalidConfigError = exports.ParseError = exports.FileNotFoundError = exports.StoreError = exports.EnvFileSessionStore = exports.BtpServiceKeyStore = exports.SafeBtpSessionStore = exports.BtpSessionStore = exports.XsuaaServiceKeyStore = exports.SafeXsuaaSessionStore = exports.XsuaaSessionStore = exports.AbapServiceKeyStore = exports.SafeAbapSessionStore = exports.AbapSessionStore = void 0;
+exports.resolveSearchPaths = exports.findFileInPaths = exports.JsonFileHandler = exports.EnvFileHandler = exports.XSUAA_CONNECTION_VARS = exports.XSUAA_AUTHORIZATION_VARS = exports.BTP_CONNECTION_VARS = exports.BTP_AUTHORIZATION_VARS = exports.ABAP_CONNECTION_VARS = exports.ABAP_AUTHORIZATION_VARS = exports.BtpSessionStore = exports.XsuaaSessionStore = exports.BtpServiceKeyStore = exports.XsuaaServiceKeyStore = exports.SafeBtpSessionStore = exports.SafeXsuaaSessionStore = exports.EnvFileSessionStore = exports.SafeAbapSessionStore = exports.AbapSessionStore = exports.AbapServiceKeyStore = exports.loadXSUAAServiceKey = exports.loadServiceKey = exports.StoreError = exports.StorageError = exports.ParseError = exports.InvalidConfigError = exports.FileNotFoundError = void 0;
+// Error classes
+var StoreErrors_1 = require("./errors/StoreErrors");
+Object.defineProperty(exports, "FileNotFoundError", { enumerable: true, get: function () { return StoreErrors_1.FileNotFoundError; } });
+Object.defineProperty(exports, "InvalidConfigError", { enumerable: true, get: function () { return StoreErrors_1.InvalidConfigError; } });
+Object.defineProperty(exports, "ParseError", { enumerable: true, get: function () { return StoreErrors_1.ParseError; } });
+Object.defineProperty(exports, "StorageError", { enumerable: true, get: function () { return StoreErrors_1.StorageError; } });
+Object.defineProperty(exports, "StoreError", { enumerable: true, get: function () { return StoreErrors_1.StoreError; } });
+// Loaders
+var serviceKeyLoader_1 = require("./loaders/abap/serviceKeyLoader");
+Object.defineProperty(exports, "loadServiceKey", { enumerable: true, get: function () { return serviceKeyLoader_1.loadServiceKey; } });
+var xsuaaServiceKeyLoader_1 = require("./loaders/xsuaa/xsuaaServiceKeyLoader");
+Object.defineProperty(exports, "loadXSUAAServiceKey", { enumerable: true, get: function () { return xsuaaServiceKeyLoader_1.loadXSUAAServiceKey; } });
+var AbapServiceKeyStore_1 = require("./stores/abap/AbapServiceKeyStore");
+Object.defineProperty(exports, "AbapServiceKeyStore", { enumerable: true, get: function () { return AbapServiceKeyStore_1.AbapServiceKeyStore; } });
 // ABAP stores (with sapUrl)
 var AbapSessionStore_1 = require("./stores/abap/AbapSessionStore");
 Object.defineProperty(exports, "AbapSessionStore", { enumerable: true, get: function () { return AbapSessionStore_1.AbapSessionStore; } });
 var SafeAbapSessionStore_1 = require("./stores/abap/SafeAbapSessionStore");
 Object.defineProperty(exports, "SafeAbapSessionStore", { enumerable: true, get: function () { return SafeAbapSessionStore_1.SafeAbapSessionStore; } });
-var AbapServiceKeyStore_1 = require("./stores/abap/AbapServiceKeyStore");
-Object.defineProperty(exports, "AbapServiceKeyStore", { enumerable: true, get: function () { return AbapServiceKeyStore_1.AbapServiceKeyStore; } });
-// XSUAA stores
-var XsuaaSessionStore_1 = require("./stores/xsuaa/XsuaaSessionStore");
-Object.defineProperty(exports, "XsuaaSessionStore", { enumerable: true, get: function () { return XsuaaSessionStore_1.XsuaaSessionStore; } });
+// Env file stores (for --env=path scenarios)
+var EnvFileSessionStore_1 = require("./stores/env/EnvFileSessionStore");
+Object.defineProperty(exports, "EnvFileSessionStore", { enumerable: true, get: function () { return EnvFileSessionStore_1.EnvFileSessionStore; } });
 var SafeXsuaaSessionStore_1 = require("./stores/xsuaa/SafeXsuaaSessionStore");
 Object.defineProperty(exports, "SafeXsuaaSessionStore", { enumerable: true, get: function () { return SafeXsuaaSessionStore_1.SafeXsuaaSessionStore; } });
+Object.defineProperty(exports, "SafeBtpSessionStore", { enumerable: true, get: function () { return SafeXsuaaSessionStore_1.SafeXsuaaSessionStore; } });
 var XsuaaServiceKeyStore_1 = require("./stores/xsuaa/XsuaaServiceKeyStore");
 Object.defineProperty(exports, "XsuaaServiceKeyStore", { enumerable: true, get: function () { return XsuaaServiceKeyStore_1.XsuaaServiceKeyStore; } });
+Object.defineProperty(exports, "BtpServiceKeyStore", { enumerable: true, get: function () { return XsuaaServiceKeyStore_1.XsuaaServiceKeyStore; } });
+// XSUAA stores
 // BTP stores - aliases for XSUAA (backward compatibility)
-var XsuaaSessionStore_2 = require("./stores/xsuaa/XsuaaSessionStore");
-Object.defineProperty(exports, "BtpSessionStore", { enumerable: true, get: function () { return XsuaaSessionStore_2.XsuaaSessionStore; } });
-var SafeXsuaaSessionStore_2 = require("./stores/xsuaa/SafeXsuaaSessionStore");
-Object.defineProperty(exports, "SafeBtpSessionStore", { enumerable: true, get: function () { return SafeXsuaaSessionStore_2.SafeXsuaaSessionStore; } });
-var XsuaaServiceKeyStore_2 = require("./stores/xsuaa/XsuaaServiceKeyStore");
-Object.defineProperty(exports, "BtpServiceKeyStore", { enumerable: true, get: function () { return XsuaaServiceKeyStore_2.XsuaaServiceKeyStore; } });
-// Env file stores (for --env=path scenarios)
-var EnvFileSessionStore_1 = require("./stores/env/EnvFileSessionStore");
-Object.defineProperty(exports, "EnvFileSessionStore", { enumerable: true, get: function () { return EnvFileSessionStore_1.EnvFileSessionStore; } });
-// Error classes
-var StoreErrors_1 = require("./errors/StoreErrors");
-Object.defineProperty(exports, "StoreError", { enumerable: true, get: function () { return StoreErrors_1.StoreError; } });
-Object.defineProperty(exports, "FileNotFoundError", { enumerable: true, get: function () { return StoreErrors_1.FileNotFoundError; } });
-Object.defineProperty(exports, "ParseError", { enumerable: true, get: function () { return StoreErrors_1.ParseError; } });
-Object.defineProperty(exports, "InvalidConfigError", { enumerable: true, get: function () { return StoreErrors_1.InvalidConfigError; } });
-Object.defineProperty(exports, "StorageError", { enumerable: true, get: function () { return StoreErrors_1.StorageError; } });
-// Utils
-var pathResolver_1 = require("./utils/pathResolver");
-Object.defineProperty(exports, "resolveSearchPaths", { enumerable: true, get: function () { return pathResolver_1.resolveSearchPaths; } });
-Object.defineProperty(exports, "findFileInPaths", { enumerable: true, get: function () { return pathResolver_1.findFileInPaths; } });
-var JsonFileHandler_1 = require("./utils/JsonFileHandler");
-Object.defineProperty(exports, "JsonFileHandler", { enumerable: true, get: function () { return JsonFileHandler_1.JsonFileHandler; } });
-var EnvFileHandler_1 = require("./utils/EnvFileHandler");
-Object.defineProperty(exports, "EnvFileHandler", { enumerable: true, get: function () { return EnvFileHandler_1.EnvFileHandler; } });
+var XsuaaSessionStore_1 = require("./stores/xsuaa/XsuaaSessionStore");
+Object.defineProperty(exports, "XsuaaSessionStore", { enumerable: true, get: function () { return XsuaaSessionStore_1.XsuaaSessionStore; } });
+Object.defineProperty(exports, "BtpSessionStore", { enumerable: true, get: function () { return XsuaaSessionStore_1.XsuaaSessionStore; } });
 var constants_1 = require("./utils/constants");
 Object.defineProperty(exports, "ABAP_AUTHORIZATION_VARS", { enumerable: true, get: function () { return constants_1.ABAP_AUTHORIZATION_VARS; } });
 Object.defineProperty(exports, "ABAP_CONNECTION_VARS", { enumerable: true, get: function () { return constants_1.ABAP_CONNECTION_VARS; } });
@@ -53,8 +47,11 @@ Object.defineProperty(exports, "BTP_AUTHORIZATION_VARS", { enumerable: true, get
 Object.defineProperty(exports, "BTP_CONNECTION_VARS", { enumerable: true, get: function () { return constants_1.BTP_CONNECTION_VARS; } });
 Object.defineProperty(exports, "XSUAA_AUTHORIZATION_VARS", { enumerable: true, get: function () { return constants_1.XSUAA_AUTHORIZATION_VARS; } });
 Object.defineProperty(exports, "XSUAA_CONNECTION_VARS", { enumerable: true, get: function () { return constants_1.XSUAA_CONNECTION_VARS; } });
-// Loaders
-var serviceKeyLoader_1 = require("./loaders/abap/serviceKeyLoader");
-Object.defineProperty(exports, "loadServiceKey", { enumerable: true, get: function () { return serviceKeyLoader_1.loadServiceKey; } });
-var xsuaaServiceKeyLoader_1 = require("./loaders/xsuaa/xsuaaServiceKeyLoader");
-Object.defineProperty(exports, "loadXSUAAServiceKey", { enumerable: true, get: function () { return xsuaaServiceKeyLoader_1.loadXSUAAServiceKey; } });
+var EnvFileHandler_1 = require("./utils/EnvFileHandler");
+Object.defineProperty(exports, "EnvFileHandler", { enumerable: true, get: function () { return EnvFileHandler_1.EnvFileHandler; } });
+var JsonFileHandler_1 = require("./utils/JsonFileHandler");
+Object.defineProperty(exports, "JsonFileHandler", { enumerable: true, get: function () { return JsonFileHandler_1.JsonFileHandler; } });
+// Utils
+var pathResolver_1 = require("./utils/pathResolver");
+Object.defineProperty(exports, "findFileInPaths", { enumerable: true, get: function () { return pathResolver_1.findFileInPaths; } });
+Object.defineProperty(exports, "resolveSearchPaths", { enumerable: true, get: function () { return pathResolver_1.resolveSearchPaths; } });

package/dist/loaders/abap/serviceKeyLoader.js

@@ -41,8 +41,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.loadServiceKey = loadServiceKey;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const AbapServiceKeyParser_1 = require("../../parsers/abap/AbapServiceKeyParser");
 const XsuaaServiceKeyParser_1 = require("../../parsers/xsuaa/XsuaaServiceKeyParser");
 /**
@@ -62,10 +62,7 @@ async function loadServiceKey(destination, directory) {
         const fileContent = fs.readFileSync(serviceKeyPath, 'utf8');
         const rawData = JSON.parse(fileContent);
         // Try parsers in order: ABAP format first, then XSUAA format
-        const parsers = [
-            new AbapServiceKeyParser_1.AbapServiceKeyParser(),
-            new XsuaaServiceKeyParser_1.XsuaaServiceKeyParser(),
-        ];
+        const parsers = [new AbapServiceKeyParser_1.AbapServiceKeyParser(), new XsuaaServiceKeyParser_1.XsuaaServiceKeyParser()];
         for (const parser of parsers) {
             if (parser.canParse(rawData)) {
                 return parser.parse(rawData);

package/dist/loaders/xsuaa/xsuaaServiceKeyLoader.js

@@ -45,8 +45,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.loadXSUAAServiceKey = loadXSUAAServiceKey;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const XsuaaServiceKeyParser_1 = require("../../parsers/xsuaa/XsuaaServiceKeyParser");
 /**
  * Load XSUAA service key from {destination}.json file

package/dist/parsers/abap/AbapServiceKeyParser.d.ts

@@ -31,12 +31,12 @@ export declare class AbapServiceKeyParser {
      * @param rawData Raw JSON data from service key file
      * @returns true if data has nested uaa object, false otherwise
      */
-    canParse(rawData: any): boolean;
+    canParse(rawData: unknown): boolean;
     /**
      * Parse raw service key data
      * @param rawData Raw JSON data from service key file
      * @returns Parsed service key object
      * @throws Error if data cannot be parsed or is invalid
      */
-    parse(rawData: any): unknown;
+    parse(rawData: unknown): unknown;
 }

package/dist/parsers/abap/AbapServiceKeyParser.js

@@ -36,8 +36,14 @@ class AbapServiceKeyParser {
      * @returns true if data has nested uaa object, false otherwise
      */
     canParse(rawData) {
-        const result = rawData && typeof rawData === 'object' && rawData.uaa && typeof rawData.uaa === 'object';
-        this.log?.debug(`canParse check: hasUaa(${!!rawData?.uaa}), result(${result})`);
+        if (!rawData || typeof rawData !== 'object' || Array.isArray(rawData)) {
+            return false;
+        }
+        const data = rawData;
+        const result = !!(data.uaa &&
+            typeof data.uaa === 'object' &&
+            !Array.isArray(data.uaa));
+        this.log?.debug(`canParse check: hasUaa(${!!data.uaa}), result(${result})`);
         return result;
     }
     /**
@@ -47,21 +53,28 @@ class AbapServiceKeyParser {
      * @throws Error if data cannot be parsed or is invalid
      */
     parse(rawData) {
-        this.log?.debug(`Parsing ABAP service key: hasUaa(${!!rawData?.uaa}), keys(${rawData ? Object.keys(rawData).join(', ') : 'none'})`);
+        if (!rawData || typeof rawData !== 'object' || Array.isArray(rawData)) {
+            throw new Error('Service key data must be an object');
+        }
+        const data = rawData;
+        this.log?.debug(`Parsing ABAP service key: hasUaa(${!!data.uaa}), keys(${Object.keys(data).join(', ')})`);
         if (!this.canParse(rawData)) {
             this.log?.error(`Service key does not match ABAP format: missing uaa object`);
             throw new Error('Service key does not match ABAP format (missing uaa object)');
         }
+        // After canParse, we know uaa exists and is an object
+        const uaa = data.uaa;
         // Validate UAA configuration
-        const hasUrl = !!rawData.uaa.url;
-        const hasClientId = !!rawData.uaa.clientid;
-        const hasClientSecret = !!rawData.uaa.clientsecret;
+        const hasUrl = typeof uaa.url === 'string' && uaa.url.length > 0;
+        const hasClientId = typeof uaa.clientid === 'string' && uaa.clientid.length > 0;
+        const hasClientSecret = typeof uaa.clientsecret === 'string' && uaa.clientsecret.length > 0;
         this.log?.debug(`UAA validation: url(${hasUrl}), clientid(${hasClientId}), clientsecret(${hasClientSecret})`);
         if (!hasUrl || !hasClientId || !hasClientSecret) {
             this.log?.error(`Service key uaa object missing required fields: url(${hasUrl}), clientid(${hasClientId}), clientsecret(${hasClientSecret})`);
             throw new Error('Service key "uaa" object missing required fields: url, clientid, clientsecret');
         }
-        this.log?.debug(`ABAP service key parsed successfully: uaaUrl(${rawData.uaa.url.substring(0, 40)}...), hasAbap(${!!rawData.abap})`);
+        const uaaUrl = typeof uaa.url === 'string' ? uaa.url : '';
+        this.log?.debug(`ABAP service key parsed successfully: uaaUrl(${uaaUrl.substring(0, 40)}...), hasAbap(${!!data.abap})`);
         return rawData;
     }
 }

package/dist/parsers/xsuaa/XsuaaServiceKeyParser.d.ts

@@ -26,12 +26,12 @@ export declare class XsuaaServiceKeyParser {
      * @param rawData Raw JSON data from service key file
      * @returns true if data has direct XSUAA fields (url, clientid, clientsecret) without nested uaa object
      */
-    canParse(rawData: any): boolean;
+    canParse(rawData: unknown): boolean;
     /**
      * Parse raw service key data
      * @param rawData Raw JSON data from service key file
      * @returns Parsed service key object (normalized format)
      * @throws Error if data cannot be parsed or is invalid
      */
-    parse(rawData: any): unknown;
+    parse(rawData: unknown): unknown;
 }

package/dist/parsers/xsuaa/XsuaaServiceKeyParser.js

@@ -35,15 +35,16 @@ class XsuaaServiceKeyParser {
             this.log?.debug(`canParse check: invalid type, result(false)`);
             return false;
         }
+        const data = rawData;
         // Check for nested uaa object (ABAP format) - should not have it
-        if (rawData.uaa) {
+        if (data.uaa) {
             this.log?.debug(`canParse check: has nested uaa (ABAP format), result(false)`);
             return false;
         }
         // Check for required XSUAA fields at root level
-        const hasUrl = typeof rawData.url === 'string' && rawData.url.length > 0;
-        const hasClientId = typeof rawData.clientid === 'string' && rawData.clientid.length > 0;
-        const hasClientSecret = typeof rawData.clientsecret === 'string' && rawData.clientsecret.length > 0;
+        const hasUrl = typeof data.url === 'string' && data.url.length > 0;
+        const hasClientId = typeof data.clientid === 'string' && data.clientid.length > 0;
+        const hasClientSecret = typeof data.clientsecret === 'string' && data.clientsecret.length > 0;
         const result = hasUrl && hasClientId && hasClientSecret;
         this.log?.debug(`canParse check: url(${hasUrl}), clientid(${hasClientId}), clientsecret(${hasClientSecret}), result(${result})`);
         return result;
@@ -55,32 +56,39 @@ class XsuaaServiceKeyParser {
      * @throws Error if data cannot be parsed or is invalid
      */
     parse(rawData) {
-        this.log?.debug(`Parsing XSUAA service key: hasUrl(${!!rawData?.url}), hasClientId(${!!rawData?.clientid}), hasClientSecret(${!!rawData?.clientsecret}), keys(${rawData ? Object.keys(rawData).join(', ') : 'none'})`);
+        if (!rawData || typeof rawData !== 'object' || Array.isArray(rawData)) {
+            throw new Error('Service key data must be an object');
+        }
+        const data = rawData;
+        this.log?.debug(`Parsing XSUAA service key: hasUrl(${!!data.url}), hasClientId(${!!data.clientid}), hasClientSecret(${!!data.clientsecret}), keys(${Object.keys(data).join(', ')})`);
         if (!this.canParse(rawData)) {
             this.log?.error(`Service key does not match XSUAA format: missing required fields at root level`);
             throw new Error('Service key does not match XSUAA format (missing url, clientid, or clientsecret at root level)');
         }
+        // After canParse, we know url, clientid, and clientsecret exist and are strings
+        const uaaUrl = typeof data.url === 'string' ? data.url : '';
+        const clientId = typeof data.clientid === 'string' ? data.clientid : '';
+        const clientSecret = typeof data.clientsecret === 'string' ? data.clientsecret : '';
         // Normalize to standard format
         // For authorization (OAuth2 authorize endpoint), use 'url' (not 'apiurl')
         // 'apiurl' is for token endpoint, but authorization uses base 'url'
-        const uaaUrl = rawData.url;
         const result = {
             uaa: {
                 url: uaaUrl,
-                clientid: rawData.clientid,
-                clientsecret: rawData.clientsecret,
+                clientid: clientId,
+                clientsecret: clientSecret,
             },
             // Preserve abap.url if present
-            abap: rawData.abap,
+            abap: data.abap,
             // Preserve other optional fields
-            url: rawData.url, // UAA URL
-            apiurl: rawData.apiurl, // API URL (prioritized for UAA)
-            sap_url: rawData.sap_url,
-            client: rawData.client,
-            sap_client: rawData.sap_client,
-            language: rawData.language,
+            url: data.url, // UAA URL
+            apiurl: data.apiurl, // API URL (prioritized for UAA)
+            sap_url: data.sap_url,
+            client: data.client,
+            sap_client: data.sap_client,
+            language: data.language,
         };
-        this.log?.debug(`XSUAA service key parsed successfully: uaaUrl(${uaaUrl.substring(0, 40)}...), hasAbap(${!!rawData.abap})`);
+        this.log?.debug(`XSUAA service key parsed successfully: uaaUrl(${uaaUrl.substring(0, 40)}...), hasAbap(${!!data.abap})`);
         return result;
     }
 }

package/dist/storage/abap/envLoader.js

@@ -37,8 +37,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.loadEnvFile = loadEnvFile;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const dotenv = __importStar(require("dotenv"));
 const constants_1 = require("../../utils/constants");
 /**
@@ -78,7 +78,7 @@ async function loadEnvFile(destination, directory, log) {
         // If neither is present, it's OK - auth can be set later (e.g., via setAuthorizationConfig)
         const isBasicAuth = !!(username && password) && (!jwtToken || jwtToken.trim() === '');
         const isJwtAuth = !!(jwtToken && jwtToken.trim() !== '');
-        const hasNoAuth = !isBasicAuth && !isJwtAuth;
+        const _hasNoAuth = !isBasicAuth && !isJwtAuth;
         const config = {
             sapUrl: sapUrl.trim(),
         };
@@ -102,7 +102,8 @@ async function loadEnvFile(destination, directory, log) {
             config.sapClient = parsed[constants_1.ABAP_CONNECTION_VARS.SAP_CLIENT].trim();
         }
         if (parsed[constants_1.ABAP_AUTHORIZATION_VARS.REFRESH_TOKEN]) {
-            config.refreshToken = parsed[constants_1.ABAP_AUTHORIZATION_VARS.REFRESH_TOKEN].trim();
+            config.refreshToken =
+                parsed[constants_1.ABAP_AUTHORIZATION_VARS.REFRESH_TOKEN].trim();
         }
         if (parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_URL]) {
             config.uaaUrl = parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_URL].trim();
@@ -111,7 +112,8 @@ async function loadEnvFile(destination, directory, log) {
             config.uaaClientId = parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_CLIENT_ID].trim();
         }
         if (parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_CLIENT_SECRET]) {
-            config.uaaClientSecret = parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_CLIENT_SECRET].trim();
+            config.uaaClientSecret =
+                parsed[constants_1.ABAP_AUTHORIZATION_VARS.UAA_CLIENT_SECRET].trim();
         }
         if (parsed[constants_1.ABAP_CONNECTION_VARS.SAP_LANGUAGE]) {
             config.language = parsed[constants_1.ABAP_CONNECTION_VARS.SAP_LANGUAGE].trim();

package/dist/storage/abap/tokenStorage.js

@@ -37,8 +37,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.saveTokenToEnv = saveTokenToEnv;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const constants_1 = require("../../utils/constants");
 /**
  * Save token to {destination}.env file
@@ -131,7 +131,7 @@ async function saveTokenToEnv(destination, savePath, config, log) {
             : value;
         envLines.push(`${key}=${escapedValue}`);
     }
-    const envContent = envLines.join('\n') + '\n';
+    const envContent = `${envLines.join('\n')}\n`;
     log?.debug(`Writing ${envLines.length} variables to env file: ${Object.keys(config).join(', ')}`);
     // Write to temp file
     fs.writeFileSync(tempFilePath, envContent, 'utf8');
@@ -140,5 +140,5 @@ async function saveTokenToEnv(destination, savePath, config, log) {
     const authInfo = hasBasicAuth
         ? `basic auth (username: ${config.username})`
         : `JWT token(${tokenLength} chars)`;
-    log?.info(`Token saved to ${envFilePath}: ${authInfo}, sapUrl(${config.sapUrl ? config.sapUrl.substring(0, 50) + '...' : 'none'}), variables(${envLines.length})`);
+    log?.info(`Token saved to ${envFilePath}: ${authInfo}, sapUrl(${config.sapUrl ? `${config.sapUrl.substring(0, 50)}...` : 'none'}), variables(${envLines.length})`);
 }

package/dist/storage/xsuaa/xsuaaEnvLoader.js

@@ -37,8 +37,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.loadXsuaaEnvFile = loadXsuaaEnvFile;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const dotenv = __importStar(require("dotenv"));
 const constants_1 = require("../../utils/constants");
 /**
@@ -62,7 +62,9 @@ async function loadXsuaaEnvFile(destination, directory, log) {
         const envContent = fs.readFileSync(envFilePath, 'utf8');
         log?.debug(`XSUAA env file read successfully, size: ${envContent.length} bytes`);
         const parsed = dotenv.parse(envContent);
-        log?.debug(`Parsed XSUAA env variables: ${Object.keys(parsed).filter(k => k.startsWith('XSUAA_')).join(', ')}`);
+        log?.debug(`Parsed XSUAA env variables: ${Object.keys(parsed)
+            .filter((k) => k.startsWith('XSUAA_'))
+            .join(', ')}`);
         // Extract required fields (XSUAA_* variables)
         const jwtToken = parsed[constants_1.XSUAA_CONNECTION_VARS.AUTHORIZATION_TOKEN];
         log?.debug(`Extracted fields: hasJwtToken(${jwtToken !== undefined && jwtToken !== null})`);
@@ -77,22 +79,25 @@ async function loadXsuaaEnvFile(destination, directory, log) {
         };
         // mcpUrl can be loaded from .env file as additional variable (not part of CONNECTION_VARS, but can be stored)
         // URL comes from elsewhere (YAML config, parameter, or request header), but can be stored in .env
-        if (parsed['XSUAA_MCP_URL']) {
-            config.mcpUrl = parsed['XSUAA_MCP_URL'].trim();
+        if (parsed.XSUAA_MCP_URL) {
+            config.mcpUrl = parsed.XSUAA_MCP_URL.trim();
         }
         if (parsed[constants_1.XSUAA_AUTHORIZATION_VARS.REFRESH_TOKEN]) {
-            config.refreshToken = parsed[constants_1.XSUAA_AUTHORIZATION_VARS.REFRESH_TOKEN].trim();
+            config.refreshToken =
+                parsed[constants_1.XSUAA_AUTHORIZATION_VARS.REFRESH_TOKEN].trim();
         }
         if (parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_URL]) {
             config.uaaUrl = parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_URL].trim();
         }
         if (parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_ID]) {
-            config.uaaClientId = parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_ID].trim();
+            config.uaaClientId =
+                parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_ID].trim();
         }
         if (parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_SECRET]) {
-            config.uaaClientSecret = parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_SECRET].trim();
+            config.uaaClientSecret =
+                parsed[constants_1.XSUAA_AUTHORIZATION_VARS.UAA_CLIENT_SECRET].trim();
         }
-        log?.info(`XSUAA env config loaded from ${envFilePath}: token(${config.jwtToken.length} chars), hasRefreshToken(${!!config.refreshToken}), hasUaaUrl(${!!config.uaaUrl}), mcpUrl(${config.mcpUrl ? config.mcpUrl.substring(0, 50) + '...' : 'none'})`);
+        log?.info(`XSUAA env config loaded from ${envFilePath}: token(${config.jwtToken.length} chars), hasRefreshToken(${!!config.refreshToken}), hasUaaUrl(${!!config.uaaUrl}), mcpUrl(${config.mcpUrl ? `${config.mcpUrl.substring(0, 50)}...` : 'none'})`);
         return config;
     }
     catch (error) {

package/dist/storage/xsuaa/xsuaaTokenStorage.js

@@ -37,8 +37,8 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.saveXsuaaTokenToEnv = saveXsuaaTokenToEnv;
-const fs = __importStar(require("fs"));
-const path = __importStar(require("path"));
+const fs = __importStar(require("node:fs"));
+const path = __importStar(require("node:path"));
 const constants_1 = require("../../utils/constants");
 /**
  * Save XSUAA token to {destination}.env file using XSUAA_* variables
@@ -51,7 +51,7 @@ async function saveXsuaaTokenToEnv(destination, savePath, config, log) {
     const envFilePath = path.join(savePath, `${destination}.env`);
     const tempFilePath = `${envFilePath}.tmp`;
     log?.debug(`Saving XSUAA token to env file: ${envFilePath}`);
-    log?.debug(`Config to save: token(${config.jwtToken.length} chars), hasRefreshToken(${!!config.refreshToken}), hasUaaUrl(${!!config.uaaUrl}), mcpUrl(${config.mcpUrl ? config.mcpUrl.substring(0, 50) + '...' : 'none'})`);
+    log?.debug(`Config to save: token(${config.jwtToken.length} chars), hasRefreshToken(${!!config.refreshToken}), hasUaaUrl(${!!config.uaaUrl}), mcpUrl(${config.mcpUrl ? `${config.mcpUrl.substring(0, 50)}...` : 'none'})`);
     // Ensure directory exists
     if (!fs.existsSync(savePath)) {
         log?.debug(`Creating directory: ${savePath}`);
@@ -79,8 +79,13 @@ async function saveXsuaaTokenToEnv(destination, savePath, config, log) {
         if (match) {
             const key = match[1].trim();
             // Skip old SAP_* variables for XSUAA (we use XSUAA_* now)
-            if (key.startsWith('SAP_') && (key === 'SAP_URL' || key === 'SAP_JWT_TOKEN' || key === 'SAP_REFRESH_TOKEN' ||
-                key === 'SAP_UAA_URL' || key === 'SAP_UAA_CLIENT_ID' || key === 'SAP_UAA_CLIENT_SECRET')) {
+            if (key.startsWith('SAP_') &&
+                (key === 'SAP_URL' ||
+                    key === 'SAP_JWT_TOKEN' ||
+                    key === 'SAP_REFRESH_TOKEN' ||
+                    key === 'SAP_UAA_URL' ||
+                    key === 'SAP_UAA_CLIENT_ID' ||
+                    key === 'SAP_UAA_CLIENT_SECRET')) {
                 continue; // Don't preserve old SAP_* variables
             }
             const value = match[2].trim().replace(/^["']|["']$/g, ''); // Remove quotes
@@ -116,11 +121,11 @@ async function saveXsuaaTokenToEnv(destination, savePath, config, log) {
             : value;
         envLines.push(`${key}=${escapedValue}`);
     }
-    const envContent = envLines.join('\n') + '\n';
+    const envContent = `${envLines.join('\n')}\n`;
     log?.debug(`Writing ${envLines.length} XSUAA variables to env file: ${Object.keys(config).join(', ')}`);
     // Write to temp file
     fs.writeFileSync(tempFilePath, envContent, 'utf8');
     // Atomic rename
     fs.renameSync(tempFilePath, envFilePath);
-    log?.info(`XSUAA token saved to ${envFilePath}: token(${config.jwtToken.length} chars), mcpUrl(${config.mcpUrl ? config.mcpUrl.substring(0, 50) + '...' : 'none'}), variables(${envLines.length})`);
+    log?.info(`XSUAA token saved to ${envFilePath}: token(${config.jwtToken.length} chars), mcpUrl(${config.mcpUrl ? `${config.mcpUrl.substring(0, 50)}...` : 'none'}), variables(${envLines.length})`);
 }

package/dist/stores/abap/AbapServiceKeyStore.d.ts

@@ -1,7 +1,7 @@
 /**
  * ABAP Service key store - reads ABAP service keys from {destination}.json files
  */
-import type { IServiceKeyStore, IAuthorizationConfig, IConnectionConfig, IConfig, ILogger } from '@mcp-abap-adt/interfaces';
+import type { IAuthorizationConfig, IConfig, IConnectionConfig, ILogger, IServiceKeyStore } from '@mcp-abap-adt/interfaces';
 /**
  * ABAP Service key store implementation
  *

package/dist/stores/abap/AbapServiceKeyStore.js

@@ -37,10 +37,10 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AbapServiceKeyStore = void 0;
-const JsonFileHandler_1 = require("../../utils/JsonFileHandler");
-const AbapServiceKeyParser_1 = require("../../parsers/abap/AbapServiceKeyParser");
+const path = __importStar(require("node:path"));
 const StoreErrors_1 = require("../../errors/StoreErrors");
-const path = __importStar(require("path"));
+const AbapServiceKeyParser_1 = require("../../parsers/abap/AbapServiceKeyParser");
+const JsonFileHandler_1 = require("../../utils/JsonFileHandler");
 /**
  * ABAP Service key store implementation
  *
@@ -99,7 +99,10 @@ class AbapServiceKeyStore {
             }
             const key = parsed;
             this.log?.debug(`Parsed service key structure: hasUaa(${!!key.uaa}), uaaKeys(${key.uaa ? Object.keys(key.uaa).join(', ') : 'none'})`);
-            if (!key.uaa || !key.uaa.url || !key.uaa.clientid || !key.uaa.clientsecret) {
+            if (!key.uaa ||
+                !key.uaa.url ||
+                !key.uaa.clientid ||
+                !key.uaa.clientsecret) {
                 this.log?.warn(`Service key for ${destination} missing required UAA fields: url(${!!key.uaa?.url}), clientid(${!!key.uaa?.clientid}), clientsecret(${!!key.uaa?.clientsecret})`);
                 return null;
             }
@@ -140,7 +143,9 @@ class AbapServiceKeyStore {
             const key = parsed;
             this.log?.debug(`Parsed service key structure: hasAbap(${!!key.abap}), hasSapUrl(${!!key.sap_url}), hasUrl(${!!key.url})`);
             // Service key doesn't have tokens - only URLs and client info
-            const serviceUrl = key.abap?.url || key.sap_url || (key.url && !key.url.includes('authentication') ? key.url : undefined);
+            const serviceUrl = key.abap?.url ||
+                key.sap_url ||
+                (key.url && !key.url.includes('authentication') ? key.url : undefined);
             const sapClient = key.abap?.client || key.sap_client || key.client;
             const language = key.abap?.language || key.language;
             const result = {
@@ -149,7 +154,7 @@ class AbapServiceKeyStore {
                 sapClient,
                 language,
             };
-            this.log?.info(`Connection config loaded from ${filePath}: serviceUrl(${serviceUrl ? serviceUrl.substring(0, 50) + '...' : 'none'}), client(${sapClient || 'none'}), language(${language || 'none'})`);
+            this.log?.info(`Connection config loaded from ${filePath}: serviceUrl(${serviceUrl ? `${serviceUrl.substring(0, 50)}...` : 'none'}), client(${sapClient || 'none'}), language(${language || 'none'})`);
             return result;
         }
         catch (error) {

package/dist/stores/abap/AbapSessionStore.d.ts

@@ -5,7 +5,7 @@
  * Stores full ABAP configuration: SAP URL (sapUrl), JWT token, refresh token, UAA config, SAP client, language.
  * This extends base BTP store by adding sapUrl requirement.
  */
-import type { IAuthorizationConfig, IConnectionConfig, ISessionStore, IConfig, ILogger } from '@mcp-abap-adt/interfaces';
+import type { IAuthorizationConfig, IConfig, IConnectionConfig, ILogger, ISessionStore } from '@mcp-abap-adt/interfaces';
 /**
  * ABAP Session store implementation
  *