@mcp-abap-adt/connection 0.2.2 → 0.2.4

package/README.md

@@ -105,6 +105,7 @@ This package interacts with external packages **ONLY through interfaces**:
 - 📝 **Custom Logging**: Pluggable logger interface for integration with any logging system (optional)
 - 📦 **TypeScript**: Full TypeScript support with type definitions included
 - ⚡ **Timeout Management**: Configurable timeouts for different operation types
+- 🌐 **Network Error Detection**: Automatic detection and proper handling of network-level errors (connection refused, timeout, DNS failures)
 
 ## Installation
 
@@ -177,6 +178,38 @@ const response = await connection.makeAdtRequest({
 });
 ```
 
+### Cloud Usage with Automatic Token Refresh
+
+For automatic token refresh on 401/403 errors, inject `ITokenRefresher`:
+
+```typescript
+import { JwtAbapConnection, SapConfig } from "@mcp-abap-adt/connection";
+import type { ITokenRefresher } from "@mcp-abap-adt/interfaces";
+
+// Token refresher provides token acquisition and refresh
+// (created by @mcp-abap-adt/auth-broker or custom implementation)
+const tokenRefresher: ITokenRefresher = {
+  getToken: async () => { /* return current token */ },
+  refreshToken: async () => { /* refresh and return new token */ },
+};
+
+// JWT configuration
+const config: SapConfig = {
+  url: "https://your-instance.abap.cloud.sap",
+  authType: "jwt",
+  jwtToken: await tokenRefresher.getToken(), // Get initial token
+};
+
+// Create connection with token refresher - 401/403 handled automatically
+const connection = new JwtAbapConnection(config, logger, undefined, tokenRefresher);
+
+// Requests automatically retry with refreshed token on auth errors
+const response = await connection.makeAdtRequest({
+  method: "GET",
+  url: "/sap/bc/adt/programs/programs/your-program",
+});
+```
+
 ### Stateful Sessions
 
 For operations that require session state (e.g., object modifications), you can enable stateful sessions:

package/dist/connection/AbstractAbapConnection.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AbstractAbapConnection.d.ts","sourceRoot":"","sources":["../../src/connection/AbstractAbapConnection.ts"],"names":[],"mappings":"AAAA,OAAc,EAAiD,aAAa,EAAE,MAAM,OAAO,CAAC;AAG5F,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzE,uBAAe,sBAAuB,YAAW,cAAc;IAU3D,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,GAAG,IAAI;IAV3C,OAAO,CAAC,aAAa,CAA8B;IACnD,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,OAAO,CAAuB;IACtC,OAAO,CAAC,WAAW,CAAkC;IACrD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,WAAW,CAAyC;IAE5D,SAAS,aACU,MAAM,EAAE,SAAS,EACf,MAAM,EAAE,OAAO,GAAG,IAAI,EACzC,SAAS,CAAC,EAAE,MAAM;IAgBpB;;;;;OAKG;IACH,cAAc,CAAC,IAAI,EAAE,UAAU,GAAG,WAAW,GAAG,IAAI;IAOpD;;;;OAIG;IACH,qBAAqB,IAAI,IAAI;IAI7B;;;OAGG;IACH,sBAAsB,IAAI,IAAI;IAU9B;;OAEG;IACH,cAAc,IAAI,WAAW,GAAG,UAAU;IAI1C;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAKrC;;OAEG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAK7B,SAAS,IAAI,SAAS;IAItB,KAAK,IAAI,IAAI;IAYP,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC;IAI7B,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAevD;;;;;;;;OAQG;IACH,QAAQ,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAE3B,cAAc,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC;IA2MzE,SAAS,CAAC,QAAQ,CAAC,wBAAwB,IAAI,MAAM;IAErD;;;OAGG;cACa,cAAc,CAC5B,GAAG,EAAE,MAAM,EACX,UAAU,GAAE,MAAgC,EAC5C,UAAU,GAAE,MAAgC,GAC3C,OAAO,CAAC,MAAM,CAAC;IAkKlB;;OAEG;IACH,SAAS,CAAC,YAAY,IAAI,MAAM,GAAG,IAAI;IAIvC;;OAEG;IACH,SAAS,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIlD;;OAEG;IACH,SAAS,CAAC,UAAU,IAAI,MAAM,GAAG,IAAI;IAIrC,OAAO,CAAC,yBAAyB;IAuDjC,OAAO,CAAC,gBAAgB;YAmBV,oBAAoB;IAwBlC,OAAO,CAAC,eAAe;CAyBxB;AAGD,OAAO,EAAE,sBAAsB,EAAE,CAAC"}
+{"version":3,"file":"AbstractAbapConnection.d.ts","sourceRoot":"","sources":["../../src/connection/AbstractAbapConnection.ts"],"names":[],"mappings":"AAAA,OAAc,EAAiD,aAAa,EAAE,MAAM,OAAO,CAAC;AAI5F,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzE,uBAAe,sBAAuB,YAAW,cAAc;IAU3D,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,GAAG,IAAI;IAV3C,OAAO,CAAC,aAAa,CAA8B;IACnD,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,OAAO,CAAuB;IACtC,OAAO,CAAC,WAAW,CAAkC;IACrD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,WAAW,CAAyC;IAE5D,SAAS,aACU,MAAM,EAAE,SAAS,EACf,MAAM,EAAE,OAAO,GAAG,IAAI,EACzC,SAAS,CAAC,EAAE,MAAM;IAgBpB;;;;;OAKG;IACH,cAAc,CAAC,IAAI,EAAE,UAAU,GAAG,WAAW,GAAG,IAAI;IAOpD;;;;OAIG;IACH,qBAAqB,IAAI,IAAI;IAI7B;;;OAGG;IACH,sBAAsB,IAAI,IAAI;IAU9B;;OAEG;IACH,cAAc,IAAI,WAAW,GAAG,UAAU;IAI1C;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAKrC;;OAEG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAK7B,SAAS,IAAI,SAAS;IAItB,KAAK,IAAI,IAAI;IAYP,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC;IAI7B,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAevD;;;;;;;;OAQG;IACH,QAAQ,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAE3B,cAAc,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC;IAoNzE,SAAS,CAAC,QAAQ,CAAC,wBAAwB,IAAI,MAAM;IAErD;;;OAGG;cACa,cAAc,CAC5B,GAAG,EAAE,MAAM,EACX,UAAU,GAAE,MAAgC,EAC5C,UAAU,GAAE,MAAgC,GAC3C,OAAO,CAAC,MAAM,CAAC;IAkKlB;;OAEG;IACH,SAAS,CAAC,YAAY,IAAI,MAAM,GAAG,IAAI;IAIvC;;OAEG;IACH,SAAS,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAIlD;;OAEG;IACH,SAAS,CAAC,UAAU,IAAI,MAAM,GAAG,IAAI;IAIrC,OAAO,CAAC,yBAAyB;IAuDjC,OAAO,CAAC,gBAAgB;YAmBV,oBAAoB;IAwBlC,OAAO,CAAC,eAAe;CAyBxB;AAGD,OAAO,EAAE,sBAAsB,EAAE,CAAC"}

package/dist/connection/AbstractAbapConnection.js

@@ -37,6 +37,7 @@ exports.AbstractAbapConnection = void 0;
 const axios_1 = __importStar(require("axios"));
 const https_1 = require("https");
 const crypto_1 = require("crypto");
+const interfaces_1 = require("@mcp-abap-adt/interfaces");
 const timeouts_js_1 = require("../utils/timeouts.js");
 const csrfConfig_js_1 = require("./csrfConfig.js");
 class AbstractAbapConnection {
@@ -247,6 +248,13 @@ class AbstractAbapConnection {
                         : JSON.stringify(error.response.data).slice(0, 200);
                 this.updateCookiesFromResponse(error.response.headers);
             }
+            // Check if this is a network error (connection refused, timeout, DNS, etc.)
+            // Don't retry for network errors - these indicate infrastructure/VPN issues
+            const networkError = (0, interfaces_1.isNetworkError)(error);
+            if (networkError) {
+                this.logger?.error(`Network error - cannot connect to SAP system: ${errorDetails.message}`, errorDetails);
+                throw error;
+            }
             // Log 404 as debug (common for existence checks), other errors as error
             if (errorDetails.status === 404) {
                 this.logger?.debug(errorDetails.message, errorDetails);

package/dist/connection/JwtAbapConnection.d.ts

@@ -3,26 +3,34 @@ import { AbstractAbapConnection } from "./AbstractAbapConnection.js";
 import { AbapRequestOptions } from "./AbapConnection.js";
 import { ILogger } from "../logger.js";
 import { AxiosResponse } from "axios";
+import type { ITokenRefresher } from "@mcp-abap-adt/interfaces";
 /**
  * JWT Authentication connection for SAP BTP Cloud systems
- * Note: Token refresh functionality is not supported in this package.
- * Use @mcp-abap-adt/auth-broker for token refresh functionality.
+ *
+ * Supports automatic token refresh via ITokenRefresher injection:
+ * - If tokenRefresher is provided, 401/403 errors trigger automatic token refresh
+ * - If tokenRefresher is not provided, 401/403 errors throw an error (legacy behavior)
  */
 export declare class JwtAbapConnection extends AbstractAbapConnection {
-    constructor(config: SapConfig, logger?: ILogger | null, sessionId?: string);
+    private tokenRefresher?;
+    private currentToken;
+    constructor(config: SapConfig, logger?: ILogger | null, sessionId?: string, tokenRefresher?: ITokenRefresher);
     protected buildAuthorizationHeader(): string;
+    /**
+     * Refresh the JWT token using the injected tokenRefresher
+     * @returns true if token was refreshed, false if no refresher available
+     */
+    private tryRefreshToken;
     /**
      * Override connect to handle JWT token refresh on errors
      */
     connect(): Promise<void>;
     /**
-     * Override makeAdtRequest to handle JWT auth errors
-     * Note: Token refresh is not supported in connection package - use auth-broker instead
+     * Override makeAdtRequest to handle JWT auth errors with automatic token refresh
      */
     makeAdtRequest(options: AbapRequestOptions): Promise<AxiosResponse>;
     /**
-     * Override fetchCsrfToken to handle JWT auth errors
-     * Note: Token refresh is not supported in connection package - use auth-broker instead
+     * Override fetchCsrfToken to handle JWT auth errors with automatic token refresh
      */
     protected fetchCsrfToken(url: string, retryCount?: number, retryDelay?: number): Promise<string>;
     private static validateConfig;

package/dist/connection/JwtAbapConnection.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"JwtAbapConnection.d.ts","sourceRoot":"","sources":["../../src/connection/JwtAbapConnection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAc,aAAa,EAAE,MAAM,OAAO,CAAC;AAElD;;;;GAIG;AACH,qBAAa,iBAAkB,SAAQ,sBAAsB;gBAGzD,MAAM,EAAE,SAAS,EACjB,MAAM,CAAC,EAAE,OAAO,GAAG,IAAI,EACvB,SAAS,CAAC,EAAE,MAAM;IAMpB,SAAS,CAAC,wBAAwB,IAAI,MAAM;IAW5C;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA2C9B;;;OAGG;IACG,cAAc,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC;IAkCzE;;;OAGG;cACa,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,SAAI,EAAE,UAAU,SAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IA8B/F,OAAO,CAAC,MAAM,CAAC,cAAc;CAS9B"}
+{"version":3,"file":"JwtAbapConnection.d.ts","sourceRoot":"","sources":["../../src/connection/JwtAbapConnection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAc,aAAa,EAAE,MAAM,OAAO,CAAC;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAEhE;;;;;;GAMG;AACH,qBAAa,iBAAkB,SAAQ,sBAAsB;IAC3D,OAAO,CAAC,cAAc,CAAC,CAAkB;IACzC,OAAO,CAAC,YAAY,CAAS;gBAG3B,MAAM,EAAE,SAAS,EACjB,MAAM,CAAC,EAAE,OAAO,GAAG,IAAI,EACvB,SAAS,CAAC,EAAE,MAAM,EAClB,cAAc,CAAC,EAAE,eAAe;IAQlC,SAAS,CAAC,wBAAwB,IAAI,MAAM;IAO5C;;;OAGG;YACW,eAAe;IAmB7B;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAgD9B;;OAEG;IACG,cAAc,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC;IAwCzE;;OAEG;cACa,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,SAAI,EAAE,UAAU,SAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IAmC/F,OAAO,CAAC,MAAM,CAAC,cAAc;CAS9B"}

package/dist/connection/JwtAbapConnection.js

@@ -5,21 +5,46 @@ const AbstractAbapConnection_js_1 = require("./AbstractAbapConnection.js");
 const axios_1 = require("axios");
 /**
  * JWT Authentication connection for SAP BTP Cloud systems
- * Note: Token refresh functionality is not supported in this package.
- * Use @mcp-abap-adt/auth-broker for token refresh functionality.
+ *
+ * Supports automatic token refresh via ITokenRefresher injection:
+ * - If tokenRefresher is provided, 401/403 errors trigger automatic token refresh
+ * - If tokenRefresher is not provided, 401/403 errors throw an error (legacy behavior)
  */
 class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnection {
-    constructor(config, logger, sessionId) {
+    tokenRefresher;
+    currentToken;
+    constructor(config, logger, sessionId, tokenRefresher) {
         JwtAbapConnection.validateConfig(config);
         super(config, logger || null, sessionId);
+        this.tokenRefresher = tokenRefresher;
+        this.currentToken = config.jwtToken;
     }
     buildAuthorizationHeader() {
-        const config = this.getConfig();
-        const { jwtToken } = config;
-        // Log token preview for debugging (first 10 and last 4 chars)
-        const tokenPreview = jwtToken ? `${jwtToken.substring(0, 10)}...${jwtToken.substring(Math.max(0, jwtToken.length - 4))}` : 'null';
+        // Use currentToken which may have been refreshed
+        const tokenPreview = this.currentToken ? `${this.currentToken.substring(0, 10)}...${this.currentToken.substring(Math.max(0, this.currentToken.length - 4))}` : 'null';
         this.logger?.debug(`[DEBUG] JwtAbapConnection.buildAuthorizationHeader - Using token: ${tokenPreview}`);
-        return `Bearer ${jwtToken}`;
+        return `Bearer ${this.currentToken}`;
+    }
+    /**
+     * Refresh the JWT token using the injected tokenRefresher
+     * @returns true if token was refreshed, false if no refresher available
+     */
+    async tryRefreshToken() {
+        if (!this.tokenRefresher) {
+            this.logger?.debug(`[DEBUG] JwtAbapConnection - No tokenRefresher available, cannot refresh token`);
+            return false;
+        }
+        try {
+            this.logger?.debug(`[DEBUG] JwtAbapConnection - Refreshing token via tokenRefresher...`);
+            const newToken = await this.tokenRefresher.refreshToken();
+            this.currentToken = newToken;
+            this.logger?.debug(`[DEBUG] JwtAbapConnection - Token refreshed successfully`);
+            return true;
+        }
+        catch (error) {
+            this.logger?.error(`[ERROR] JwtAbapConnection - Failed to refresh token: ${error instanceof Error ? error.message : String(error)}`);
+            return false;
+        }
     }
     /**
      * Override connect to handle JWT token refresh on errors
@@ -51,8 +76,12 @@ class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnecti
                     responseText.includes("Missing authorization")) {
                     throw error;
                 }
-                // Token refresh is not supported in connection package
-                // Use auth-broker for token refresh functionality
+                // Try to refresh token if tokenRefresher is available
+                if (await this.tryRefreshToken()) {
+                    // Retry connect with new token
+                    this.logger?.debug(`[DEBUG] JwtAbapConnection - Retrying connect after token refresh...`);
+                    return this.connect();
+                }
                 throw new Error("JWT token has expired. Please re-authenticate.");
             }
             // Re-throw other errors
@@ -60,8 +89,7 @@ class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnecti
         }
     }
     /**
-     * Override makeAdtRequest to handle JWT auth errors
-     * Note: Token refresh is not supported in connection package - use auth-broker instead
+     * Override makeAdtRequest to handle JWT auth errors with automatic token refresh
      */
     async makeAdtRequest(options) {
         this.logger?.debug(`[DEBUG] JwtAbapConnection.makeAdtRequest - Starting request: ${options.method} ${options.url}`);
@@ -75,7 +103,7 @@ class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnecti
             // Handle JWT auth errors (401/403)
             if (error instanceof axios_1.AxiosError &&
                 (error.response?.status === 401 || error.response?.status === 403)) {
-                this.logger?.debug(`[DEBUG] JwtAbapConnection.makeAdtRequest - Got ${error.response.status}, checking if refresh is possible...`);
+                this.logger?.debug(`[DEBUG] JwtAbapConnection.makeAdtRequest - Got ${error.response.status}, attempting token refresh...`);
                 // Check if this is really an auth error, not a permissions error
                 const responseData = error.response?.data;
                 const responseText = typeof responseData === "string" ? responseData : JSON.stringify(responseData || "");
@@ -85,16 +113,20 @@ class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnecti
                     responseText.includes("Missing authorization")) {
                     throw error;
                 }
-                // Token refresh is not supported in connection package
-                // Use auth-broker for token refresh functionality
+                // Try to refresh token if tokenRefresher is available
+                if (await this.tryRefreshToken()) {
+                    // Reset connection state and retry request with new token
+                    this.logger?.debug(`[DEBUG] JwtAbapConnection.makeAdtRequest - Retrying request after token refresh...`);
+                    this.reset();
+                    return super.makeAdtRequest(options);
+                }
                 throw new Error("JWT token has expired. Please re-authenticate.");
             }
             throw error;
         }
     }
     /**
-     * Override fetchCsrfToken to handle JWT auth errors
-     * Note: Token refresh is not supported in connection package - use auth-broker instead
+     * Override fetchCsrfToken to handle JWT auth errors with automatic token refresh
      */
     async fetchCsrfToken(url, retryCount = 3, retryDelay = 1000) {
         try {
@@ -114,8 +146,12 @@ class JwtAbapConnection extends AbstractAbapConnection_js_1.AbstractAbapConnecti
                     responseText.includes("Missing authorization")) {
                     throw error;
                 }
-                // Token refresh is not supported in connection package
-                // Use auth-broker for token refresh functionality
+                // Try to refresh token if tokenRefresher is available
+                if (await this.tryRefreshToken()) {
+                    // Retry CSRF token fetch with new token
+                    this.logger?.debug(`[DEBUG] JwtAbapConnection.fetchCsrfToken - Retrying after token refresh...`);
+                    return super.fetchCsrfToken(url, retryCount, retryDelay);
+                }
                 throw new Error("JWT token has expired. Please re-authenticate.");
             }
             // Re-throw other errors

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-abap-adt/connection",
-  "version": "0.2.2",
+  "version": "0.2.4",
   "description": "ABAP connection layer for MCP ABAP ADT server",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -42,7 +42,7 @@
     "node": ">=18.0.0"
   },
   "dependencies": {
-    "@mcp-abap-adt/interfaces": "^0.1.16",
+    "@mcp-abap-adt/interfaces": "^0.2.5",
     "axios": "^1.11.0",
     "commander": "^14.0.2",
     "express": "^5.1.0",
@@ -52,6 +52,7 @@
     "@types/jest": "^30.0.0",
     "@types/node": "^24.2.1",
     "jest": "^30.2.0",
+    "jest-util": "^30.2.0",
     "ts-jest": "^29.2.5",
     "typescript": "^5.9.2"
   }