@mcp-abap-adt/interfaces 0.2.7 → 0.2.9

package/CHANGELOG.md

@@ -7,6 +7,30 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.2.9] - 2025-12-23
+
+### Changed
+- **OAuth2 grant types**: Removed `AUTH_TYPE_IMPLICIT` and added `AUTH_TYPE_USER_TOKEN` and `AUTH_TYPE_CLIENT_X509` to `OAuth2GrantType`.
+
+## [0.2.8] - 2025-12-23
+
+### Added
+- **New Token Provider Interface**: Added `getTokens()` method to `ITokenProvider` for stateful token management
+  - New `ITokenResult` interface with `authorizationToken`, `refreshToken`, `authType`, and `expiresIn` fields
+  - New `OAuth2GrantType` type and constants for OAuth2 grant types:
+    - `AUTH_TYPE_AUTHORIZATION_CODE` - Standard authorization code flow
+    - `AUTH_TYPE_AUTHORIZATION_CODE_PKCE` - Authorization code with PKCE
+    - `AUTH_TYPE_IMPLICIT` - Implicit grant (legacy)
+    - `AUTH_TYPE_PASSWORD` - Password credentials grant
+    - `AUTH_TYPE_CLIENT_CREDENTIALS` - Client credentials grant
+  - All old methods (`getConnectionConfig`, `refreshTokenFromSession`, `refreshTokenFromServiceKey`) remain optional for backward compatibility
+
+### Changed
+- **ITokenProvider Interface**: Extended with optional `getTokens()` method
+  - Old stateless methods are now optional (marked with `?`)
+  - New stateful `getTokens()` method is optional (marked with `?`)
+  - Allows gradual migration from old to new API
+
 ## [0.2.7] - 2025-12-22
 
 ### Changed

package/dist/index.d.ts

@@ -7,7 +7,7 @@
 export type { IAdtObject, IAdtOperationOptions } from './adt/IAdtObject';
 export { AdtObjectErrorCodes } from './adt/IAdtObject';
 export type { IAdtObjectConfig, IAdtObjectState } from './adt/IAdtObjectState';
-export type { AuthType } from './auth/AuthType';
+export type { AuthType as AuthTypeEnum } from './auth/AuthType';
 export type { IAuthorizationConfig } from './auth/IAuthorizationConfig';
 export type { IConfig } from './auth/IConfig';
 export type { IConnectionConfig } from './auth/IConnectionConfig';
@@ -26,10 +26,13 @@ export type { ISessionState } from './storage/ISessionState';
 export type { ISessionStorage } from './storage/ISessionStorage';
 export type { StoreErrorCode } from './store/StoreErrorCodes';
 export { STORE_ERROR_CODES } from './store/StoreErrorCodes';
+export type { OAuth2GrantType } from './token/AuthType';
+export { AUTH_TYPE_AUTHORIZATION_CODE, AUTH_TYPE_AUTHORIZATION_CODE_PKCE, AUTH_TYPE_CLIENT_CREDENTIALS, AUTH_TYPE_CLIENT_X509, AUTH_TYPE_PASSWORD, AUTH_TYPE_USER_TOKEN, } from './token/AuthType';
 export type { ITokenProvider } from './token/ITokenProvider';
 export type { ITokenProviderOptions } from './token/ITokenProviderOptions';
 export type { ITokenProviderResult } from './token/ITokenProviderResult';
 export type { ITokenRefresher } from './token/ITokenRefresher';
+export type { ITokenResult } from './token/ITokenResult';
 export type { TokenProviderErrorCode } from './token/TokenProviderErrorCodes';
 export { TOKEN_PROVIDER_ERROR_CODES } from './token/TokenProviderErrorCodes';
 export type { ITimeoutConfig } from './utils/ITimeoutConfig';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC/E,YAAY,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAEhD,YAAY,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACxE,YAAY,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,YAAY,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAElE,YAAY,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AACpE,YAAY,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EACL,cAAc,EACd,mBAAmB,GACpB,MAAM,4BAA4B,CAAC;AAEpC,cAAc,WAAW,CAAC;AAE1B,YAAY,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,YAAY,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,YAAY,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAErD,YAAY,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,YAAY,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAC7D,YAAY,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAE7D,YAAY,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AACjE,YAAY,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAE9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D,YAAY,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,YAAY,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAC3E,YAAY,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACzE,YAAY,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC/D,YAAY,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,YAAY,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAE7D,YAAY,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AACvE,YAAY,EAAE,uBAAuB,EAAE,MAAM,sCAAsC,CAAC;AAEpF,YAAY,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC/E,YAAY,EAAE,QAAQ,IAAI,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAEhE,YAAY,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACxE,YAAY,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,YAAY,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAElE,YAAY,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AACpE,YAAY,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EACL,cAAc,EACd,mBAAmB,GACpB,MAAM,4BAA4B,CAAC;AAEpC,cAAc,WAAW,CAAC;AAE1B,YAAY,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,YAAY,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,YAAY,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAErD,YAAY,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,YAAY,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAC7D,YAAY,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAE7D,YAAY,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AACjE,YAAY,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAE9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EACL,4BAA4B,EAC5B,iCAAiC,EACjC,4BAA4B,EAC5B,qBAAqB,EACrB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,kBAAkB,CAAC;AAE1B,YAAY,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC7D,YAAY,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAC3E,YAAY,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACzE,YAAY,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC/D,YAAY,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACzD,YAAY,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,YAAY,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAE7D,YAAY,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AACvE,YAAY,EAAE,uBAAuB,EAAE,MAAM,sCAAsC,CAAC;AAEpF,YAAY,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC"}

package/dist/index.js

@@ -20,7 +20,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthMethodPriority = exports.TOKEN_PROVIDER_ERROR_CODES = exports.STORE_ERROR_CODES = exports.LogLevel = exports.NETWORK_ERROR_CODES = exports.isNetworkError = exports.AdtObjectErrorCodes = void 0;
+exports.AuthMethodPriority = exports.TOKEN_PROVIDER_ERROR_CODES = exports.AUTH_TYPE_USER_TOKEN = exports.AUTH_TYPE_PASSWORD = exports.AUTH_TYPE_CLIENT_X509 = exports.AUTH_TYPE_CLIENT_CREDENTIALS = exports.AUTH_TYPE_AUTHORIZATION_CODE_PKCE = exports.AUTH_TYPE_AUTHORIZATION_CODE = exports.STORE_ERROR_CODES = exports.LogLevel = exports.NETWORK_ERROR_CODES = exports.isNetworkError = exports.AdtObjectErrorCodes = void 0;
 var IAdtObject_1 = require("./adt/IAdtObject");
 Object.defineProperty(exports, "AdtObjectErrorCodes", { enumerable: true, get: function () { return IAdtObject_1.AdtObjectErrorCodes; } });
 var NetworkErrors_1 = require("./connection/NetworkErrors");
@@ -33,6 +33,13 @@ Object.defineProperty(exports, "LogLevel", { enumerable: true, get: function ()
 // Store domain
 var StoreErrorCodes_1 = require("./store/StoreErrorCodes");
 Object.defineProperty(exports, "STORE_ERROR_CODES", { enumerable: true, get: function () { return StoreErrorCodes_1.STORE_ERROR_CODES; } });
+var AuthType_1 = require("./token/AuthType");
+Object.defineProperty(exports, "AUTH_TYPE_AUTHORIZATION_CODE", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_AUTHORIZATION_CODE; } });
+Object.defineProperty(exports, "AUTH_TYPE_AUTHORIZATION_CODE_PKCE", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_AUTHORIZATION_CODE_PKCE; } });
+Object.defineProperty(exports, "AUTH_TYPE_CLIENT_CREDENTIALS", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_CLIENT_CREDENTIALS; } });
+Object.defineProperty(exports, "AUTH_TYPE_CLIENT_X509", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_CLIENT_X509; } });
+Object.defineProperty(exports, "AUTH_TYPE_PASSWORD", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_PASSWORD; } });
+Object.defineProperty(exports, "AUTH_TYPE_USER_TOKEN", { enumerable: true, get: function () { return AuthType_1.AUTH_TYPE_USER_TOKEN; } });
 var TokenProviderErrorCodes_1 = require("./token/TokenProviderErrorCodes");
 Object.defineProperty(exports, "TOKEN_PROVIDER_ERROR_CODES", { enumerable: true, get: function () { return TokenProviderErrorCodes_1.TOKEN_PROVIDER_ERROR_CODES; } });
 var IValidatedAuthConfig_1 = require("./validation/IValidatedAuthConfig");

package/dist/token/AuthType.d.ts

@@ -0,0 +1,38 @@
+/**
+ * OAuth2 Grant Types
+ *
+ * Constants for different OAuth2 authentication flows (grant types)
+ */
+/**
+ * Authorization Code grant type
+ * Standard OAuth2 flow with browser-based authorization
+ */
+export declare const AUTH_TYPE_AUTHORIZATION_CODE: "authorization_code";
+/**
+ * Authorization Code with PKCE grant type
+ * More secure variant for public clients
+ */
+export declare const AUTH_TYPE_AUTHORIZATION_CODE_PKCE: "authorization_code_pkce";
+/**
+ * Password Credentials grant type
+ * Direct username/password authentication
+ */
+export declare const AUTH_TYPE_PASSWORD: "password";
+/**
+ * Client Credentials grant type
+ * Service-to-service authentication
+ */
+export declare const AUTH_TYPE_CLIENT_CREDENTIALS: "client_credentials";
+/**
+ * User token passthrough (external token)
+ */
+export declare const AUTH_TYPE_USER_TOKEN: "user_token";
+/**
+ * Client X509 (mTLS) authentication
+ */
+export declare const AUTH_TYPE_CLIENT_X509: "client_x509";
+/**
+ * Union type for all OAuth2 grant types
+ */
+export type OAuth2GrantType = typeof AUTH_TYPE_AUTHORIZATION_CODE | typeof AUTH_TYPE_AUTHORIZATION_CODE_PKCE | typeof AUTH_TYPE_PASSWORD | typeof AUTH_TYPE_CLIENT_CREDENTIALS | typeof AUTH_TYPE_USER_TOKEN | typeof AUTH_TYPE_CLIENT_X509;
+//# sourceMappingURL=AuthType.d.ts.map

package/dist/token/AuthType.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthType.d.ts","sourceRoot":"","sources":["../../src/token/AuthType.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;GAGG;AACH,eAAO,MAAM,4BAA4B,EAAG,oBAA6B,CAAC;AAE1E;;;GAGG;AACH,eAAO,MAAM,iCAAiC,EAC5C,yBAAkC,CAAC;AAErC;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAG,UAAmB,CAAC;AAEtD;;;GAGG;AACH,eAAO,MAAM,4BAA4B,EAAG,oBAA6B,CAAC;AAE1E;;GAEG;AACH,eAAO,MAAM,oBAAoB,EAAG,YAAqB,CAAC;AAE1D;;GAEG;AACH,eAAO,MAAM,qBAAqB,EAAG,aAAsB,CAAC;AAE5D;;GAEG;AACH,MAAM,MAAM,eAAe,GACvB,OAAO,4BAA4B,GACnC,OAAO,iCAAiC,GACxC,OAAO,kBAAkB,GACzB,OAAO,4BAA4B,GACnC,OAAO,oBAAoB,GAC3B,OAAO,qBAAqB,CAAC"}

package/dist/token/AuthType.js

@@ -0,0 +1,36 @@
+"use strict";
+/**
+ * OAuth2 Grant Types
+ *
+ * Constants for different OAuth2 authentication flows (grant types)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AUTH_TYPE_CLIENT_X509 = exports.AUTH_TYPE_USER_TOKEN = exports.AUTH_TYPE_CLIENT_CREDENTIALS = exports.AUTH_TYPE_PASSWORD = exports.AUTH_TYPE_AUTHORIZATION_CODE_PKCE = exports.AUTH_TYPE_AUTHORIZATION_CODE = void 0;
+/**
+ * Authorization Code grant type
+ * Standard OAuth2 flow with browser-based authorization
+ */
+exports.AUTH_TYPE_AUTHORIZATION_CODE = 'authorization_code';
+/**
+ * Authorization Code with PKCE grant type
+ * More secure variant for public clients
+ */
+exports.AUTH_TYPE_AUTHORIZATION_CODE_PKCE = 'authorization_code_pkce';
+/**
+ * Password Credentials grant type
+ * Direct username/password authentication
+ */
+exports.AUTH_TYPE_PASSWORD = 'password';
+/**
+ * Client Credentials grant type
+ * Service-to-service authentication
+ */
+exports.AUTH_TYPE_CLIENT_CREDENTIALS = 'client_credentials';
+/**
+ * User token passthrough (external token)
+ */
+exports.AUTH_TYPE_USER_TOKEN = 'user_token';
+/**
+ * Client X509 (mTLS) authentication
+ */
+exports.AUTH_TYPE_CLIENT_X509 = 'client_x509';

package/dist/token/ITokenProvider.d.ts

@@ -1,45 +1,55 @@
 /**
  * Token Provider interface
  *
- * Converts IAuthorizationConfig to IConnectionConfig by obtaining tokens.
- * Different implementations handle different authentication flows:
- * - XSUAA: client_credentials grant type (no browser)
- * - BTP/ABAP: browser-based OAuth2 or refresh token
+ * Stateful providers that manage token lifecycle internally.
+ * Supports both old stateless methods (for backward compatibility) and new stateful getTokens() method.
  */
 import type { IAuthorizationConfig } from '../auth/IAuthorizationConfig';
 import type { ITokenProviderOptions } from './ITokenProviderOptions';
 import type { ITokenProviderResult } from './ITokenProviderResult';
+import type { ITokenResult } from './ITokenResult';
 /**
  * Interface for token providers
  *
- * Takes authorization configuration and returns connection configuration with token.
+ * Supports both:
+ * - Old stateless methods (for backward compatibility with existing code)
+ * - New stateful getTokens() method (for new implementations)
  */
 export interface ITokenProvider {
     /**
-     * Get connection configuration with token from authorization configuration
+     * Get tokens with automatic refresh/relogin logic (NEW - stateful method)
+     *
+     * Stateful providers cache tokens internally and handle refresh automatically.
+     * Checks token expiration, refreshes if needed, or triggers login.
+     *
+     * @returns Promise that resolves to token result with authorization token, optional refresh token, auth type, and expiration
+     */
+    getTokens?(): Promise<ITokenResult>;
+    /**
+     * Get connection configuration with token from authorization configuration (OLD - stateless method)
      * @param authConfig Authorization configuration (UAA credentials, optional refresh token)
      * @param options Optional provider-specific options (e.g., browser type for BTP)
      * @returns Promise that resolves to connection configuration with authorization token and optional refresh token
      */
-    getConnectionConfig(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
+    getConnectionConfig?(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
     /**
-     * Refresh token using refresh token from session (authorization config with refreshToken)
+     * Refresh token using refresh token from session (OLD - stateless method)
      * This method uses the refresh token from the session to get a new access token.
      * Typically uses refresh_token grant type or browser-based re-authentication.
      * @param authConfig Authorization configuration including refreshToken from session
      * @param options Optional provider-specific options (e.g., browser type for BTP)
      * @returns Promise that resolves to connection configuration with new authorization token and optional new refresh token
      */
-    refreshTokenFromSession(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
+    refreshTokenFromSession?(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
     /**
-     * Refresh token using UAA credentials from service key (authorization config without refreshToken)
+     * Refresh token using UAA credentials from service key (OLD - stateless method)
      * This method uses UAA credentials (uaaUrl, uaaClientId, uaaClientSecret) to get a new token.
      * Typically uses browser-based authorization flow to ensure proper role assignment.
      * @param authConfig Authorization configuration with UAA credentials from service key (no refreshToken)
      * @param options Optional provider-specific options (e.g., browser type for BTP)
      * @returns Promise that resolves to connection configuration with new authorization token and optional refresh token
      */
-    refreshTokenFromServiceKey(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
+    refreshTokenFromServiceKey?(authConfig: IAuthorizationConfig, options?: ITokenProviderOptions): Promise<ITokenProviderResult>;
     /**
      * Validate JWT token by testing connection to service
      * @param token JWT token to validate

package/dist/token/ITokenProvider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ITokenProvider.d.ts","sourceRoot":"","sources":["../../src/token/ITokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACzE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAEnE;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,mBAAmB,CACjB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;;;OAOG;IACH,uBAAuB,CACrB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;;;OAOG;IACH,0BAA0B,CACxB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;OAKG;IACH,aAAa,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE"}
+{"version":3,"file":"ITokenProvider.d.ts","sourceRoot":"","sources":["../../src/token/ITokenProvider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACzE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEnD;;;;;;GAMG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;;;OAOG;IACH,SAAS,CAAC,IAAI,OAAO,CAAC,YAAY,CAAC,CAAC;IAEpC;;;;;OAKG;IACH,mBAAmB,CAAC,CAClB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;;;OAOG;IACH,uBAAuB,CAAC,CACtB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;;;OAOG;IACH,0BAA0B,CAAC,CACzB,UAAU,EAAE,oBAAoB,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAEjC;;;;;OAKG;IACH,aAAa,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtE"}

package/dist/token/ITokenProvider.js

@@ -2,9 +2,7 @@
 /**
  * Token Provider interface
  *
- * Converts IAuthorizationConfig to IConnectionConfig by obtaining tokens.
- * Different implementations handle different authentication flows:
- * - XSUAA: client_credentials grant type (no browser)
- * - BTP/ABAP: browser-based OAuth2 or refresh token
+ * Stateful providers that manage token lifecycle internally.
+ * Supports both old stateless methods (for backward compatibility) and new stateful getTokens() method.
  */
 Object.defineProperty(exports, "__esModule", { value: true });

package/dist/token/ITokenResult.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Token result interface
+ *
+ * Result returned by ITokenProvider.getTokens() method
+ */
+import type { OAuth2GrantType } from './AuthType';
+export interface ITokenResult {
+    /**
+     * Authorization token (access token)
+     */
+    authorizationToken: string;
+    /**
+     * Refresh token (optional, not all grant types provide it)
+     */
+    refreshToken?: string;
+    /**
+     * Authentication type (OAuth2 grant type used)
+     */
+    authType: OAuth2GrantType;
+    /**
+     * Token expiration time in seconds
+     * If not provided, token expiration is determined from JWT exp claim
+     */
+    expiresIn?: number;
+}
+//# sourceMappingURL=ITokenResult.d.ts.map

package/dist/token/ITokenResult.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ITokenResult.d.ts","sourceRoot":"","sources":["../../src/token/ITokenResult.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAElD,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,eAAe,CAAC;IAE1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}

package/dist/token/ITokenResult.js

@@ -0,0 +1,7 @@
+"use strict";
+/**
+ * Token result interface
+ *
+ * Result returned by ITokenProvider.getTokens() method
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-abap-adt/interfaces",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "description": "Shared interfaces for MCP ABAP ADT packages",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",