@mcp-z/oauth 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (131) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +71 -0
  3. package/dist/cjs/account-utils.d.cts +107 -0
  4. package/dist/cjs/account-utils.d.ts +107 -0
  5. package/dist/cjs/account-utils.js +481 -0
  6. package/dist/cjs/account-utils.js.map +1 -0
  7. package/dist/cjs/index.d.cts +19 -0
  8. package/dist/cjs/index.d.ts +19 -0
  9. package/dist/cjs/index.js +149 -0
  10. package/dist/cjs/index.js.map +1 -0
  11. package/dist/cjs/jwt-auth.d.cts +53 -0
  12. package/dist/cjs/jwt-auth.d.ts +53 -0
  13. package/dist/cjs/jwt-auth.js +417 -0
  14. package/dist/cjs/jwt-auth.js.map +1 -0
  15. package/dist/cjs/key-utils.d.cts +131 -0
  16. package/dist/cjs/key-utils.d.ts +131 -0
  17. package/dist/cjs/key-utils.js +421 -0
  18. package/dist/cjs/key-utils.js.map +1 -0
  19. package/dist/cjs/lib/account-server/index.d.cts +45 -0
  20. package/dist/cjs/lib/account-server/index.d.ts +45 -0
  21. package/dist/cjs/lib/account-server/index.js +67 -0
  22. package/dist/cjs/lib/account-server/index.js.map +1 -0
  23. package/dist/cjs/lib/account-server/loopback.d.cts +22 -0
  24. package/dist/cjs/lib/account-server/loopback.d.ts +22 -0
  25. package/dist/cjs/lib/account-server/loopback.js +778 -0
  26. package/dist/cjs/lib/account-server/loopback.js.map +1 -0
  27. package/dist/cjs/lib/account-server/me.d.cts +23 -0
  28. package/dist/cjs/lib/account-server/me.d.ts +23 -0
  29. package/dist/cjs/lib/account-server/me.js +412 -0
  30. package/dist/cjs/lib/account-server/me.js.map +1 -0
  31. package/dist/cjs/lib/account-server/shared-utils.d.cts +6 -0
  32. package/dist/cjs/lib/account-server/shared-utils.d.ts +6 -0
  33. package/dist/cjs/lib/account-server/shared-utils.js +235 -0
  34. package/dist/cjs/lib/account-server/shared-utils.js.map +1 -0
  35. package/dist/cjs/lib/account-server/stateless.d.cts +20 -0
  36. package/dist/cjs/lib/account-server/stateless.d.ts +20 -0
  37. package/dist/cjs/lib/account-server/stateless.js +32 -0
  38. package/dist/cjs/lib/account-server/stateless.js.map +1 -0
  39. package/dist/cjs/lib/account-server/types.d.cts +32 -0
  40. package/dist/cjs/lib/account-server/types.d.ts +32 -0
  41. package/dist/cjs/lib/account-server/types.js +7 -0
  42. package/dist/cjs/lib/account-server/types.js.map +1 -0
  43. package/dist/cjs/lib/dcr-types.d.cts +126 -0
  44. package/dist/cjs/lib/dcr-types.d.ts +126 -0
  45. package/dist/cjs/lib/dcr-types.js +12 -0
  46. package/dist/cjs/lib/dcr-types.js.map +1 -0
  47. package/dist/cjs/lib/rfc-metadata-types.d.cts +46 -0
  48. package/dist/cjs/lib/rfc-metadata-types.d.ts +46 -0
  49. package/dist/cjs/lib/rfc-metadata-types.js +8 -0
  50. package/dist/cjs/lib/rfc-metadata-types.js.map +1 -0
  51. package/dist/cjs/package.json +1 -0
  52. package/dist/cjs/pkce.d.cts +36 -0
  53. package/dist/cjs/pkce.d.ts +36 -0
  54. package/dist/cjs/pkce.js +25 -0
  55. package/dist/cjs/pkce.js.map +1 -0
  56. package/dist/cjs/sanitizer.d.cts +37 -0
  57. package/dist/cjs/sanitizer.d.ts +37 -0
  58. package/dist/cjs/sanitizer.js +407 -0
  59. package/dist/cjs/sanitizer.js.map +1 -0
  60. package/dist/cjs/schemas/index.d.cts +36 -0
  61. package/dist/cjs/schemas/index.d.ts +36 -0
  62. package/dist/cjs/schemas/index.js +28 -0
  63. package/dist/cjs/schemas/index.js.map +1 -0
  64. package/dist/cjs/session-auth.d.cts +79 -0
  65. package/dist/cjs/session-auth.d.ts +79 -0
  66. package/dist/cjs/session-auth.js +354 -0
  67. package/dist/cjs/session-auth.js.map +1 -0
  68. package/dist/cjs/templates.d.cts +18 -0
  69. package/dist/cjs/templates.d.ts +18 -0
  70. package/dist/cjs/templates.js +38 -0
  71. package/dist/cjs/templates.js.map +1 -0
  72. package/dist/cjs/types.d.cts +343 -0
  73. package/dist/cjs/types.d.ts +343 -0
  74. package/dist/cjs/types.js +210 -0
  75. package/dist/cjs/types.js.map +1 -0
  76. package/dist/esm/account-utils.d.ts +107 -0
  77. package/dist/esm/account-utils.js +179 -0
  78. package/dist/esm/account-utils.js.map +1 -0
  79. package/dist/esm/index.d.ts +19 -0
  80. package/dist/esm/index.js +23 -0
  81. package/dist/esm/index.js.map +1 -0
  82. package/dist/esm/jwt-auth.d.ts +53 -0
  83. package/dist/esm/jwt-auth.js +164 -0
  84. package/dist/esm/jwt-auth.js.map +1 -0
  85. package/dist/esm/key-utils.d.ts +131 -0
  86. package/dist/esm/key-utils.js +143 -0
  87. package/dist/esm/key-utils.js.map +1 -0
  88. package/dist/esm/lib/account-server/index.d.ts +45 -0
  89. package/dist/esm/lib/account-server/index.js +41 -0
  90. package/dist/esm/lib/account-server/index.js.map +1 -0
  91. package/dist/esm/lib/account-server/loopback.d.ts +22 -0
  92. package/dist/esm/lib/account-server/loopback.js +372 -0
  93. package/dist/esm/lib/account-server/loopback.js.map +1 -0
  94. package/dist/esm/lib/account-server/me.d.ts +23 -0
  95. package/dist/esm/lib/account-server/me.js +170 -0
  96. package/dist/esm/lib/account-server/me.js.map +1 -0
  97. package/dist/esm/lib/account-server/shared-utils.d.ts +6 -0
  98. package/dist/esm/lib/account-server/shared-utils.js +24 -0
  99. package/dist/esm/lib/account-server/shared-utils.js.map +1 -0
  100. package/dist/esm/lib/account-server/stateless.d.ts +20 -0
  101. package/dist/esm/lib/account-server/stateless.js +25 -0
  102. package/dist/esm/lib/account-server/stateless.js.map +1 -0
  103. package/dist/esm/lib/account-server/types.d.ts +32 -0
  104. package/dist/esm/lib/account-server/types.js +6 -0
  105. package/dist/esm/lib/account-server/types.js.map +1 -0
  106. package/dist/esm/lib/dcr-types.d.ts +126 -0
  107. package/dist/esm/lib/dcr-types.js +13 -0
  108. package/dist/esm/lib/dcr-types.js.map +1 -0
  109. package/dist/esm/lib/rfc-metadata-types.d.ts +46 -0
  110. package/dist/esm/lib/rfc-metadata-types.js +7 -0
  111. package/dist/esm/lib/rfc-metadata-types.js.map +1 -0
  112. package/dist/esm/package.json +1 -0
  113. package/dist/esm/pkce.d.ts +36 -0
  114. package/dist/esm/pkce.js +33 -0
  115. package/dist/esm/pkce.js.map +1 -0
  116. package/dist/esm/sanitizer.d.ts +37 -0
  117. package/dist/esm/sanitizer.js +256 -0
  118. package/dist/esm/sanitizer.js.map +1 -0
  119. package/dist/esm/schemas/index.d.ts +36 -0
  120. package/dist/esm/schemas/index.js +19 -0
  121. package/dist/esm/schemas/index.js.map +1 -0
  122. package/dist/esm/session-auth.d.ts +79 -0
  123. package/dist/esm/session-auth.js +141 -0
  124. package/dist/esm/session-auth.js.map +1 -0
  125. package/dist/esm/templates.d.ts +18 -0
  126. package/dist/esm/templates.js +132 -0
  127. package/dist/esm/templates.js.map +1 -0
  128. package/dist/esm/types.d.ts +343 -0
  129. package/dist/esm/types.js +34 -0
  130. package/dist/esm/types.js.map +1 -0
  131. package/package.json +82 -0
package/dist/cjs/account-utils.js ADDED
@@ -0,0 +1,481 @@
1
+ /**
2
+ * Account management utilities for OAuth token storage
3
+ *
4
+ * Provides account lifecycle operations (add, remove, activate) and account data
5
+ * access (tokens, metadata). Uses named parameters consistent with key-utils.ts.
6
+ */ "use strict";
7
+ Object.defineProperty(exports, "__esModule", {
8
+ value: true
9
+ });
10
+ function _export(target, all) {
11
+ for(var name in all)Object.defineProperty(target, name, {
12
+ enumerable: true,
13
+ get: Object.getOwnPropertyDescriptor(all, name).get
14
+ });
15
+ }
16
+ _export(exports, {
17
+ get addAccount () {
18
+ return addAccount;
19
+ },
20
+ get getAccountInfo () {
21
+ return getAccountInfo;
22
+ },
23
+ get getActiveAccount () {
24
+ return getActiveAccount;
25
+ },
26
+ get getLinkedAccounts () {
27
+ return getLinkedAccounts;
28
+ },
29
+ get getToken () {
30
+ return getToken;
31
+ },
32
+ get removeAccount () {
33
+ return removeAccount;
34
+ },
35
+ get setAccountInfo () {
36
+ return setAccountInfo;
37
+ },
38
+ get setActiveAccount () {
39
+ return setActiveAccount;
40
+ },
41
+ get setToken () {
42
+ return setToken;
43
+ }
44
+ });
45
+ var _keyutilsts = require("./key-utils.js");
46
+ function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
47
+ try {
48
+ var info = gen[key](arg);
49
+ var value = info.value;
50
+ } catch (error) {
51
+ reject(error);
52
+ return;
53
+ }
54
+ if (info.done) {
55
+ resolve(value);
56
+ } else {
57
+ Promise.resolve(value).then(_next, _throw);
58
+ }
59
+ }
60
+ function _async_to_generator(fn) {
61
+ return function() {
62
+ var self = this, args = arguments;
63
+ return new Promise(function(resolve, reject) {
64
+ var gen = fn.apply(self, args);
65
+ function _next(value) {
66
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
67
+ }
68
+ function _throw(err) {
69
+ asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
70
+ }
71
+ _next(undefined);
72
+ });
73
+ };
74
+ }
75
+ function _ts_generator(thisArg, body) {
76
+ var f, y, t, _ = {
77
+ label: 0,
78
+ sent: function() {
79
+ if (t[0] & 1) throw t[1];
80
+ return t[1];
81
+ },
82
+ trys: [],
83
+ ops: []
84
+ }, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype), d = Object.defineProperty;
85
+ return d(g, "next", {
86
+ value: verb(0)
87
+ }), d(g, "throw", {
88
+ value: verb(1)
89
+ }), d(g, "return", {
90
+ value: verb(2)
91
+ }), typeof Symbol === "function" && d(g, Symbol.iterator, {
92
+ value: function() {
93
+ return this;
94
+ }
95
+ }), g;
96
+ function verb(n) {
97
+ return function(v) {
98
+ return step([
99
+ n,
100
+ v
101
+ ]);
102
+ };
103
+ }
104
+ function step(op) {
105
+ if (f) throw new TypeError("Generator is already executing.");
106
+ while(g && (g = 0, op[0] && (_ = 0)), _)try {
107
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
108
+ if (y = 0, t) op = [
109
+ op[0] & 2,
110
+ t.value
111
+ ];
112
+ switch(op[0]){
113
+ case 0:
114
+ case 1:
115
+ t = op;
116
+ break;
117
+ case 4:
118
+ _.label++;
119
+ return {
120
+ value: op[1],
121
+ done: false
122
+ };
123
+ case 5:
124
+ _.label++;
125
+ y = op[1];
126
+ op = [
127
+ 0
128
+ ];
129
+ continue;
130
+ case 7:
131
+ op = _.ops.pop();
132
+ _.trys.pop();
133
+ continue;
134
+ default:
135
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
136
+ _ = 0;
137
+ continue;
138
+ }
139
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
140
+ _.label = op[1];
141
+ break;
142
+ }
143
+ if (op[0] === 6 && _.label < t[1]) {
144
+ _.label = t[1];
145
+ t = op;
146
+ break;
147
+ }
148
+ if (t && _.label < t[2]) {
149
+ _.label = t[2];
150
+ _.ops.push(op);
151
+ break;
152
+ }
153
+ if (t[2]) _.ops.pop();
154
+ _.trys.pop();
155
+ continue;
156
+ }
157
+ op = body.call(thisArg, _);
158
+ } catch (e) {
159
+ op = [
160
+ 6,
161
+ e
162
+ ];
163
+ y = 0;
164
+ } finally{
165
+ f = t = 0;
166
+ }
167
+ if (op[0] & 5) throw op[1];
168
+ return {
169
+ value: op[0] ? op[1] : void 0,
170
+ done: true
171
+ };
172
+ }
173
+ }
174
+ function addAccount(store, params) {
175
+ return _async_to_generator(function() {
176
+ var linked, linkedKey, active;
177
+ return _ts_generator(this, function(_state) {
178
+ switch(_state.label){
179
+ case 0:
180
+ return [
181
+ 4,
182
+ getLinkedAccounts(store, {
183
+ service: params.service
184
+ })
185
+ ];
186
+ case 1:
187
+ linked = _state.sent();
188
+ if (!!linked.includes(params.accountId)) return [
189
+ 3,
190
+ 3
191
+ ];
192
+ linked.push(params.accountId);
193
+ linkedKey = (0, _keyutilsts.createServiceKey)('linked', {
194
+ service: params.service
195
+ });
196
+ return [
197
+ 4,
198
+ store.set(linkedKey, linked)
199
+ ];
200
+ case 2:
201
+ _state.sent();
202
+ _state.label = 3;
203
+ case 3:
204
+ return [
205
+ 4,
206
+ getActiveAccount(store, {
207
+ service: params.service
208
+ })
209
+ ];
210
+ case 4:
211
+ active = _state.sent();
212
+ if (!!active) return [
213
+ 3,
214
+ 6
215
+ ];
216
+ return [
217
+ 4,
218
+ setActiveAccount(store, params)
219
+ ];
220
+ case 5:
221
+ _state.sent();
222
+ _state.label = 6;
223
+ case 6:
224
+ return [
225
+ 2
226
+ ];
227
+ }
228
+ });
229
+ })();
230
+ }
231
+ function removeAccount(store, params) {
232
+ return _async_to_generator(function() {
233
+ var tokenKey, infoKey, linked, filtered, linkedKey, active, newActive, activeKey;
234
+ return _ts_generator(this, function(_state) {
235
+ switch(_state.label){
236
+ case 0:
237
+ tokenKey = (0, _keyutilsts.createAccountKey)('token', params);
238
+ return [
239
+ 4,
240
+ store.delete(tokenKey)
241
+ ];
242
+ case 1:
243
+ _state.sent();
244
+ infoKey = (0, _keyutilsts.createAccountKey)('metadata', params);
245
+ return [
246
+ 4,
247
+ store.delete(infoKey)
248
+ ];
249
+ case 2:
250
+ _state.sent();
251
+ return [
252
+ 4,
253
+ getLinkedAccounts(store, {
254
+ service: params.service
255
+ })
256
+ ];
257
+ case 3:
258
+ linked = _state.sent();
259
+ filtered = linked.filter(function(id) {
260
+ return id !== params.accountId;
261
+ });
262
+ linkedKey = (0, _keyutilsts.createServiceKey)('linked', {
263
+ service: params.service
264
+ });
265
+ return [
266
+ 4,
267
+ store.set(linkedKey, filtered)
268
+ ];
269
+ case 4:
270
+ _state.sent();
271
+ return [
272
+ 4,
273
+ getActiveAccount(store, {
274
+ service: params.service
275
+ })
276
+ ];
277
+ case 5:
278
+ active = _state.sent();
279
+ if (!(active === params.accountId)) return [
280
+ 3,
281
+ 9
282
+ ];
283
+ newActive = filtered[0];
284
+ if (!newActive) return [
285
+ 3,
286
+ 7
287
+ ];
288
+ return [
289
+ 4,
290
+ setActiveAccount(store, {
291
+ service: params.service,
292
+ accountId: newActive
293
+ })
294
+ ];
295
+ case 6:
296
+ _state.sent();
297
+ return [
298
+ 3,
299
+ 9
300
+ ];
301
+ case 7:
302
+ activeKey = (0, _keyutilsts.createServiceKey)('active', {
303
+ service: params.service
304
+ });
305
+ return [
306
+ 4,
307
+ store.delete(activeKey)
308
+ ];
309
+ case 8:
310
+ _state.sent();
311
+ _state.label = 9;
312
+ case 9:
313
+ return [
314
+ 2
315
+ ];
316
+ }
317
+ });
318
+ })();
319
+ }
320
+ function getActiveAccount(store, params) {
321
+ return _async_to_generator(function() {
322
+ var key;
323
+ return _ts_generator(this, function(_state) {
324
+ switch(_state.label){
325
+ case 0:
326
+ key = (0, _keyutilsts.createServiceKey)('active', params);
327
+ return [
328
+ 4,
329
+ store.get(key)
330
+ ];
331
+ case 1:
332
+ return [
333
+ 2,
334
+ _state.sent()
335
+ ];
336
+ }
337
+ });
338
+ })();
339
+ }
340
+ function setActiveAccount(store, params) {
341
+ return _async_to_generator(function() {
342
+ var key;
343
+ return _ts_generator(this, function(_state) {
344
+ switch(_state.label){
345
+ case 0:
346
+ key = (0, _keyutilsts.createServiceKey)('active', {
347
+ service: params.service
348
+ });
349
+ if (!('accountId' in params && params.accountId === null)) return [
350
+ 3,
351
+ 2
352
+ ];
353
+ // accountId: null signals deactivation per API contract
354
+ return [
355
+ 4,
356
+ store.delete(key)
357
+ ];
358
+ case 1:
359
+ _state.sent();
360
+ return [
361
+ 3,
362
+ 4
363
+ ];
364
+ case 2:
365
+ return [
366
+ 4,
367
+ store.set(key, params.accountId)
368
+ ];
369
+ case 3:
370
+ _state.sent();
371
+ _state.label = 4;
372
+ case 4:
373
+ return [
374
+ 2
375
+ ];
376
+ }
377
+ });
378
+ })();
379
+ }
380
+ function getLinkedAccounts(store, params) {
381
+ return _async_to_generator(function() {
382
+ var key, accounts;
383
+ return _ts_generator(this, function(_state) {
384
+ switch(_state.label){
385
+ case 0:
386
+ key = (0, _keyutilsts.createServiceKey)('linked', params);
387
+ return [
388
+ 4,
389
+ store.get(key)
390
+ ];
391
+ case 1:
392
+ accounts = _state.sent();
393
+ return [
394
+ 2,
395
+ accounts || []
396
+ ];
397
+ }
398
+ });
399
+ })();
400
+ }
401
+ function getAccountInfo(store, params) {
402
+ return _async_to_generator(function() {
403
+ var key;
404
+ return _ts_generator(this, function(_state) {
405
+ switch(_state.label){
406
+ case 0:
407
+ key = (0, _keyutilsts.createAccountKey)('metadata', params);
408
+ return [
409
+ 4,
410
+ store.get(key)
411
+ ];
412
+ case 1:
413
+ return [
414
+ 2,
415
+ _state.sent()
416
+ ];
417
+ }
418
+ });
419
+ })();
420
+ }
421
+ function setAccountInfo(store, params, info) {
422
+ return _async_to_generator(function() {
423
+ var key;
424
+ return _ts_generator(this, function(_state) {
425
+ switch(_state.label){
426
+ case 0:
427
+ key = (0, _keyutilsts.createAccountKey)('metadata', params);
428
+ return [
429
+ 4,
430
+ store.set(key, info)
431
+ ];
432
+ case 1:
433
+ _state.sent();
434
+ return [
435
+ 2
436
+ ];
437
+ }
438
+ });
439
+ })();
440
+ }
441
+ function getToken(store, params) {
442
+ return _async_to_generator(function() {
443
+ var key;
444
+ return _ts_generator(this, function(_state) {
445
+ switch(_state.label){
446
+ case 0:
447
+ key = (0, _keyutilsts.createAccountKey)('token', params);
448
+ return [
449
+ 4,
450
+ store.get(key)
451
+ ];
452
+ case 1:
453
+ return [
454
+ 2,
455
+ _state.sent()
456
+ ];
457
+ }
458
+ });
459
+ })();
460
+ }
461
+ function setToken(store, params, token) {
462
+ return _async_to_generator(function() {
463
+ var key;
464
+ return _ts_generator(this, function(_state) {
465
+ switch(_state.label){
466
+ case 0:
467
+ key = (0, _keyutilsts.createAccountKey)('token', params);
468
+ return [
469
+ 4,
470
+ store.set(key, token)
471
+ ];
472
+ case 1:
473
+ _state.sent();
474
+ return [
475
+ 2
476
+ ];
477
+ }
478
+ });
479
+ })();
480
+ }
481
+ /* CJS INTEROP */ if (exports.__esModule && exports.default) { try { Object.defineProperty(exports.default, '__esModule', { value: true }); for (var key in exports) { exports.default[key] = exports[key]; } } catch (_) {}; module.exports = exports.default; }
package/dist/cjs/account-utils.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["/Users/kevin/Dev/Projects/ai/mcp-z/oauth/oauth/src/account-utils.ts"],"sourcesContent":["/**\n * Account management utilities for OAuth token storage\n *\n * Provides account lifecycle operations (add, remove, activate) and account data\n * access (tokens, metadata). Uses named parameters consistent with key-utils.ts.\n */\n\nimport type { Keyv } from 'keyv';\nimport { type AccountKeyParams, createAccountKey, createServiceKey, type ServiceKeyParams } from './key-utils.ts';\nimport type { AccountInfo } from './types.ts';\n\n// ============================================================================\n// Account Lifecycle Operations\n// ============================================================================\n\n/**\n * Add account to linked accounts list and set as active if first account.\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (service, accountId)\n *\n * @example\n * await addAccount(tokenStore, {\n * service: 'gmail',\n * accountId: 'alice@gmail.com'\n * });\n */\nexport async function addAccount(store: Keyv, params: AccountKeyParams): Promise<void> {\n const linked = await getLinkedAccounts(store, { service: params.service });\n\n if (!linked.includes(params.accountId)) {\n linked.push(params.accountId);\n const linkedKey = createServiceKey('linked', { service: params.service });\n await store.set(linkedKey, linked);\n }\n\n const active = await getActiveAccount(store, { service: params.service });\n if (!active) {\n await setActiveAccount(store, params);\n }\n}\n\n/**\n * Remove account: delete token, metadata, update linked list, and active account.\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (service, accountId)\n *\n * @example\n * await removeAccount(tokenStore, {\n * service: 'gmail',\n * accountId: 'alice@gmail.com'\n * });\n */\nexport async function removeAccount(store: Keyv, params: AccountKeyParams): Promise<void> {\n const tokenKey = createAccountKey('token', params);\n await store.delete(tokenKey);\n\n const infoKey = createAccountKey('metadata', params);\n await store.delete(infoKey);\n\n const linked = await getLinkedAccounts(store, { service: params.service });\n const filtered = linked.filter((id) => id !== params.accountId);\n const linkedKey = createServiceKey('linked', { service: params.service });\n await store.set(linkedKey, filtered);\n\n // Set new active account if we're removing the currently active one\n const active = await getActiveAccount(store, { service: params.service });\n if (active === params.accountId) {\n const newActive = filtered[0];\n if (newActive) {\n await setActiveAccount(store, { service: params.service, accountId: newActive });\n } else {\n const activeKey = createServiceKey('active', { service: params.service });\n await store.delete(activeKey);\n }\n }\n}\n\n// ============================================================================\n// Service-Scoped Account Operations\n// ============================================================================\n\n/**\n * Get active account ID for a service.\n *\n * Key: {service}:active\n *\n * @param store - Keyv storage instance\n * @param params - Service identification (service)\n * @returns Active account ID or undefined if none set\n */\nexport async function getActiveAccount(store: Keyv, params: ServiceKeyParams): Promise<string | undefined> {\n const key = createServiceKey('active', params);\n return await store.get(key);\n}\n\n/**\n * Set active account ID for a service.\n * Pass null as accountId to deactivate (clear active account).\n *\n * Key: {service}:active\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (service, accountId). Pass accountId: null to deactivate.\n */\nexport async function setActiveAccount(store: Keyv, params: AccountKeyParams | (ServiceKeyParams & { accountId: null })): Promise<void> {\n const key = createServiceKey('active', { service: params.service });\n if ('accountId' in params && params.accountId === null) {\n // accountId: null signals deactivation per API contract\n await store.delete(key);\n } else {\n await store.set(key, (params as AccountKeyParams).accountId);\n }\n}\n\n/**\n * Get list of linked account IDs for a service.\n *\n * Key: {service}:linked\n *\n * @param store - Keyv storage instance\n * @param params - Service identification (service)\n * @returns Array of account IDs (empty array if none)\n */\nexport async function getLinkedAccounts(store: Keyv, params: ServiceKeyParams): Promise<string[]> {\n const key = createServiceKey('linked', params);\n const accounts = await store.get(key);\n return accounts || [];\n}\n\n// ============================================================================\n// Account Data Operations\n// ============================================================================\n\n/**\n * Get account metadata (alias, lastUsed, etc).\n *\n * Key: {accountId}:{service}:metadata\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (accountId, service)\n * @returns Account info or undefined if not found\n */\nexport async function getAccountInfo(store: Keyv, params: AccountKeyParams): Promise<AccountInfo | undefined> {\n const key = createAccountKey('metadata', params);\n return await store.get(key);\n}\n\n/**\n * Set account metadata (alias, lastUsed, etc).\n *\n * Key: {accountId}:{service}:metadata\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (accountId, service)\n * @param info - Account metadata to store\n */\nexport async function setAccountInfo(store: Keyv, params: AccountKeyParams, info: AccountInfo): Promise<void> {\n const key = createAccountKey('metadata', params);\n await store.set(key, info);\n}\n\n/**\n * Get OAuth token for an account.\n *\n * Key: {accountId}:{service}:token\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (accountId, service)\n * @returns Token or undefined if not found\n */\nexport async function getToken<T>(store: Keyv, params: AccountKeyParams): Promise<T | undefined> {\n const key = createAccountKey('token', params);\n return await store.get(key);\n}\n\n/**\n * Set OAuth token for an account.\n *\n * Key: {accountId}:{service}:token\n *\n * @param store - Keyv storage instance\n * @param params - Account identification (accountId, service)\n * @param token - OAuth token data to store\n */\nexport async function setToken<T>(store: Keyv, params: AccountKeyParams, token: T): Promise<void> {\n const key = createAccountKey('token', params);\n await store.set(key, token);\n}\n"],"names":["addAccount","getAccountInfo","getActiveAccount","getLinkedAccounts","getToken","removeAccount","setAccountInfo","setActiveAccount","setToken","store","params","linked","linkedKey","active","service","includes","accountId","push","createServiceKey","set","tokenKey","infoKey","filtered","newActive","activeKey","createAccountKey","delete","filter","id","key","get","accounts","info","token"],"mappings":"AAAA;;;;;CAKC;;;;;;;;;;;QAsBqBA;eAAAA;;QAqHAC;eAAAA;;QApDAC;eAAAA;;QAiCAC;eAAAA;;QA+CAC;eAAAA;;QAtHAC;eAAAA;;QAwGAC;eAAAA;;QApDAC;eAAAA;;QAgFAC;eAAAA;;;0BAlL2E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmB1F,SAAeR,WAAWS,KAAW,EAAEC,MAAwB;;YAC9DC,QAIEC,WAIFC;;;;oBARS;;wBAAMV,kBAAkBM,OAAO;4BAAEK,SAASJ,OAAOI,OAAO;wBAAC;;;oBAAlEH,SAAS;yBAEX,CAACA,OAAOI,QAAQ,CAACL,OAAOM,SAAS,GAAjC;;;;oBACFL,OAAOM,IAAI,CAACP,OAAOM,SAAS;oBACtBJ,YAAYM,IAAAA,4BAAgB,EAAC,UAAU;wBAAEJ,SAASJ,OAAOI,OAAO;oBAAC;oBACvE;;wBAAML,MAAMU,GAAG,CAACP,WAAWD;;;oBAA3B;;;oBAGa;;wBAAMT,iBAAiBO,OAAO;4BAAEK,SAASJ,OAAOI,OAAO;wBAAC;;;oBAAjED,SAAS;yBACX,CAACA,QAAD;;;;oBACF;;wBAAMN,iBAAiBE,OAAOC;;;oBAA9B;;;;;;;;IAEJ;;AAcO,SAAeL,cAAcI,KAAW,EAAEC,MAAwB;;YACjEU,UAGAC,SAGAV,QACAW,UACAV,WAIAC,QAEEU,WAIEC;;;;oBAlBJJ,WAAWK,IAAAA,4BAAgB,EAAC,SAASf;oBAC3C;;wBAAMD,MAAMiB,MAAM,CAACN;;;oBAAnB;oBAEMC,UAAUI,IAAAA,4BAAgB,EAAC,YAAYf;oBAC7C;;wBAAMD,MAAMiB,MAAM,CAACL;;;oBAAnB;oBAEe;;wBAAMlB,kBAAkBM,OAAO;4BAAEK,SAASJ,OAAOI,OAAO;wBAAC;;;oBAAlEH,SAAS;oBACTW,WAAWX,OAAOgB,MAAM,CAAC,SAACC;+BAAOA,OAAOlB,OAAOM,SAAS;;oBACxDJ,YAAYM,IAAAA,4BAAgB,EAAC,UAAU;wBAAEJ,SAASJ,OAAOI,OAAO;oBAAC;oBACvE;;wBAAML,MAAMU,GAAG,CAACP,WAAWU;;;oBAA3B;oBAGe;;wBAAMpB,iBAAiBO,OAAO;4BAAEK,SAASJ,OAAOI,OAAO;wBAAC;;;oBAAjED,SAAS;yBACXA,CAAAA,WAAWH,OAAOM,SAAS,AAAD,GAA1BH;;;;oBACIU,YAAYD,QAAQ,CAAC,EAAE;yBACzBC,WAAAA;;;;oBACF;;wBAAMhB,iBAAiBE,OAAO;4BAAEK,SAASJ,OAAOI,OAAO;4BAAEE,WAAWO;wBAAU;;;oBAA9E;;;;;;oBAEMC,YAAYN,IAAAA,4BAAgB,EAAC,UAAU;wBAAEJ,SAASJ,OAAOI,OAAO;oBAAC;oBACvE;;wBAAML,MAAMiB,MAAM,CAACF;;;oBAAnB;;;;;;;;IAGN;;AAeO,SAAetB,iBAAiBO,KAAW,EAAEC,MAAwB;;YACpEmB;;;;oBAAAA,MAAMX,IAAAA,4BAAgB,EAAC,UAAUR;oBAChC;;wBAAMD,MAAMqB,GAAG,CAACD;;;oBAAvB;;wBAAO;;;;IACT;;AAWO,SAAetB,iBAAiBE,KAAW,EAAEC,MAAmE;;YAC/GmB;;;;oBAAAA,MAAMX,IAAAA,4BAAgB,EAAC,UAAU;wBAAEJ,SAASJ,OAAOI,OAAO;oBAAC;yBAC7D,CAAA,eAAeJ,UAAUA,OAAOM,SAAS,KAAK,IAAG,GAAjD;;;;oBACF,wDAAwD;oBACxD;;wBAAMP,MAAMiB,MAAM,CAACG;;;oBAAnB;;;;;;oBAEA;;wBAAMpB,MAAMU,GAAG,CAACU,KAAK,AAACnB,OAA4BM,SAAS;;;oBAA3D;;;;;;;;IAEJ;;AAWO,SAAeb,kBAAkBM,KAAW,EAAEC,MAAwB;;YACrEmB,KACAE;;;;oBADAF,MAAMX,IAAAA,4BAAgB,EAAC,UAAUR;oBACtB;;wBAAMD,MAAMqB,GAAG,CAACD;;;oBAA3BE,WAAW;oBACjB;;wBAAOA;;;;IACT;;AAeO,SAAe9B,eAAeQ,KAAW,EAAEC,MAAwB;;YAClEmB;;;;oBAAAA,MAAMJ,IAAAA,4BAAgB,EAAC,YAAYf;oBAClC;;wBAAMD,MAAMqB,GAAG,CAACD;;;oBAAvB;;wBAAO;;;;IACT;;AAWO,SAAevB,eAAeG,KAAW,EAAEC,MAAwB,EAAEsB,IAAiB;;YACrFH;;;;oBAAAA,MAAMJ,IAAAA,4BAAgB,EAAC,YAAYf;oBACzC;;wBAAMD,MAAMU,GAAG,CAACU,KAAKG;;;oBAArB;;;;;;IACF;;AAWO,SAAe5B,SAAYK,KAAW,EAAEC,MAAwB;;YAC/DmB;;;;oBAAAA,MAAMJ,IAAAA,4BAAgB,EAAC,SAASf;oBAC/B;;wBAAMD,MAAMqB,GAAG,CAACD;;;oBAAvB;;wBAAO;;;;IACT;;AAWO,SAAerB,SAAYC,KAAW,EAAEC,MAAwB,EAAEuB,KAAQ;;YACzEJ;;;;oBAAAA,MAAMJ,IAAAA,4BAAgB,EAAC,SAASf;oBACtC;;wBAAMD,MAAMU,GAAG,CAACU,KAAKI;;;oBAArB;;;;;;IACF"}
package/dist/cjs/index.d.cts ADDED
@@ -0,0 +1,19 @@
1
+ /**
2
+ * @mcp-z/oauth - Multi-account OAuth orchestration and secure token storage for MCP servers
3
+ *
4
+ * Provides account management functions, account tools generation, and secure logging utilities.
5
+ * Designed to work with any storage backend (file, Redis, DuckDB) via Keyv interface.
6
+ */
7
+ export { addAccount, getActiveAccount, getToken, removeAccount, setAccountInfo, setActiveAccount, setToken } from './account-utils.js';
8
+ export { JWTUserAuth } from './jwt-auth.js';
9
+ export { type AccountKeyParams, type AccountKeyType, createAccountKey, createServiceKey, listAccountIds, type ServiceKeyParams, type ServiceKeyType } from './key-utils.js';
10
+ export { type AccountLoopbackConfig, AccountServer, type AccountStatelessConfig, createLoopback, createStateless } from './lib/account-server/index.js';
11
+ export type { DcrClientInformation, DcrClientMetadata, DcrConfig, DcrErrorResponse, ProviderTokens } from './lib/dcr-types.js';
12
+ export type { RFC8414Metadata, RFC9728Metadata } from './lib/rfc-metadata-types.js';
13
+ export { generatePKCE, type PKCEPair } from './pkce.js';
14
+ export { sanitizeForLogging, sanitizeForLoggingFormatter } from './sanitizer.js';
15
+ export * as schemas from './schemas/index.js';
16
+ export { SessionUserAuth } from './session-auth.js';
17
+ export { getErrorTemplate, getSuccessTemplate } from './templates.js';
18
+ export type { AccountInfo, AuthEmailProvider, AuthFlowDescriptor, AuthMiddlewareWrapper, CachedToken, Credentials, JWTUserAuthConfig, Logger, McpPrompt, McpTool, OAuth2TokenStorageProvider, SessionUserAuthConfig, ToolConfig, ToolHandler, ToolModule, UserAuthProvider, } from './types.js';
19
+ export { AccountManagerError, AccountNotFoundError, AuthRequiredError, ConfigurationError, RequiresAuthenticationError } from './types.js';
package/dist/cjs/index.d.ts ADDED
@@ -0,0 +1,19 @@
1
+ /**
2
+ * @mcp-z/oauth - Multi-account OAuth orchestration and secure token storage for MCP servers
3
+ *
4
+ * Provides account management functions, account tools generation, and secure logging utilities.
5
+ * Designed to work with any storage backend (file, Redis, DuckDB) via Keyv interface.
6
+ */
7
+ export { addAccount, getActiveAccount, getToken, removeAccount, setAccountInfo, setActiveAccount, setToken } from './account-utils.js';
8
+ export { JWTUserAuth } from './jwt-auth.js';
9
+ export { type AccountKeyParams, type AccountKeyType, createAccountKey, createServiceKey, listAccountIds, type ServiceKeyParams, type ServiceKeyType } from './key-utils.js';
10
+ export { type AccountLoopbackConfig, AccountServer, type AccountStatelessConfig, createLoopback, createStateless } from './lib/account-server/index.js';
11
+ export type { DcrClientInformation, DcrClientMetadata, DcrConfig, DcrErrorResponse, ProviderTokens } from './lib/dcr-types.js';
12
+ export type { RFC8414Metadata, RFC9728Metadata } from './lib/rfc-metadata-types.js';
13
+ export { generatePKCE, type PKCEPair } from './pkce.js';
14
+ export { sanitizeForLogging, sanitizeForLoggingFormatter } from './sanitizer.js';
15
+ export * as schemas from './schemas/index.js';
16
+ export { SessionUserAuth } from './session-auth.js';
17
+ export { getErrorTemplate, getSuccessTemplate } from './templates.js';
18
+ export type { AccountInfo, AuthEmailProvider, AuthFlowDescriptor, AuthMiddlewareWrapper, CachedToken, Credentials, JWTUserAuthConfig, Logger, McpPrompt, McpTool, OAuth2TokenStorageProvider, SessionUserAuthConfig, ToolConfig, ToolHandler, ToolModule, UserAuthProvider, } from './types.js';
19
+ export { AccountManagerError, AccountNotFoundError, AuthRequiredError, ConfigurationError, RequiresAuthenticationError } from './types.js';
package/dist/cjs/index.js ADDED
@@ -0,0 +1,149 @@
1
+ /**
2
+ * @mcp-z/oauth - Multi-account OAuth orchestration and secure token storage for MCP servers
3
+ *
4
+ * Provides account management functions, account tools generation, and secure logging utilities.
5
+ * Designed to work with any storage backend (file, Redis, DuckDB) via Keyv interface.
6
+ */ // Core account management - Public API
7
+ // Internal functions - For provider implementations and testing
8
+ "use strict";
9
+ Object.defineProperty(exports, "__esModule", {
10
+ value: true
11
+ });
12
+ function _export(target, all) {
13
+ for(var name in all)Object.defineProperty(target, name, {
14
+ enumerable: true,
15
+ get: Object.getOwnPropertyDescriptor(all, name).get
16
+ });
17
+ }
18
+ _export(exports, {
19
+ get AccountManagerError () {
20
+ return _typests.AccountManagerError;
21
+ },
22
+ get AccountNotFoundError () {
23
+ return _typests.AccountNotFoundError;
24
+ },
25
+ get AccountServer () {
26
+ return _indexts.AccountServer;
27
+ },
28
+ get AuthRequiredError () {
29
+ return _typests.AuthRequiredError;
30
+ },
31
+ get ConfigurationError () {
32
+ return _typests.ConfigurationError;
33
+ },
34
+ get JWTUserAuth () {
35
+ return _jwtauthts.JWTUserAuth;
36
+ },
37
+ get RequiresAuthenticationError () {
38
+ return _typests.RequiresAuthenticationError;
39
+ },
40
+ get SessionUserAuth () {
41
+ return _sessionauthts.SessionUserAuth;
42
+ },
43
+ get addAccount () {
44
+ return _accountutilsts.addAccount;
45
+ },
46
+ get createAccountKey () {
47
+ return _keyutilsts.createAccountKey;
48
+ },
49
+ get createLoopback () {
50
+ return _indexts.createLoopback;
51
+ },
52
+ get createServiceKey () {
53
+ return _keyutilsts.createServiceKey;
54
+ },
55
+ get createStateless () {
56
+ return _indexts.createStateless;
57
+ },
58
+ get generatePKCE () {
59
+ return _pkcets.generatePKCE;
60
+ },
61
+ get getActiveAccount () {
62
+ return _accountutilsts.getActiveAccount;
63
+ },
64
+ get getErrorTemplate () {
65
+ return _templatests.getErrorTemplate;
66
+ },
67
+ get getSuccessTemplate () {
68
+ return _templatests.getSuccessTemplate;
69
+ },
70
+ get getToken () {
71
+ return _accountutilsts.getToken;
72
+ },
73
+ get listAccountIds () {
74
+ return _keyutilsts.listAccountIds;
75
+ },
76
+ get removeAccount () {
77
+ return _accountutilsts.removeAccount;
78
+ },
79
+ get sanitizeForLogging () {
80
+ return _sanitizerts.sanitizeForLogging;
81
+ },
82
+ get sanitizeForLoggingFormatter () {
83
+ return _sanitizerts.sanitizeForLoggingFormatter;
84
+ },
85
+ get schemas () {
86
+ return _indexts1;
87
+ },
88
+ get setAccountInfo () {
89
+ return _accountutilsts.setAccountInfo;
90
+ },
91
+ get setActiveAccount () {
92
+ return _accountutilsts.setActiveAccount;
93
+ },
94
+ get setToken () {
95
+ return _accountutilsts.setToken;
96
+ }
97
+ });
98
+ var _accountutilsts = require("./account-utils.js");
99
+ var _jwtauthts = require("./jwt-auth.js");
100
+ var _keyutilsts = require("./key-utils.js");
101
+ var _indexts = require("./lib/account-server/index.js");
102
+ var _pkcets = require("./pkce.js");
103
+ var _sanitizerts = require("./sanitizer.js");
104
+ var _indexts1 = /*#__PURE__*/ _interop_require_wildcard(require("./schemas/index.js"));
105
+ var _sessionauthts = require("./session-auth.js");
106
+ var _templatests = require("./templates.js");
107
+ var _typests = require("./types.js");
108
+ function _getRequireWildcardCache(nodeInterop) {
109
+ if (typeof WeakMap !== "function") return null;
110
+ var cacheBabelInterop = new WeakMap();
111
+ var cacheNodeInterop = new WeakMap();
112
+ return (_getRequireWildcardCache = function(nodeInterop) {
113
+ return nodeInterop ? cacheNodeInterop : cacheBabelInterop;
114
+ })(nodeInterop);
115
+ }
116
+ function _interop_require_wildcard(obj, nodeInterop) {
117
+ if (!nodeInterop && obj && obj.__esModule) {
118
+ return obj;
119
+ }
120
+ if (obj === null || typeof obj !== "object" && typeof obj !== "function") {
121
+ return {
122
+ default: obj
123
+ };
124
+ }
125
+ var cache = _getRequireWildcardCache(nodeInterop);
126
+ if (cache && cache.has(obj)) {
127
+ return cache.get(obj);
128
+ }
129
+ var newObj = {
130
+ __proto__: null
131
+ };
132
+ var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor;
133
+ for(var key in obj){
134
+ if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) {
135
+ var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null;
136
+ if (desc && (desc.get || desc.set)) {
137
+ Object.defineProperty(newObj, key, desc);
138
+ } else {
139
+ newObj[key] = obj[key];
140
+ }
141
+ }
142
+ }
143
+ newObj.default = obj;
144
+ if (cache) {
145
+ cache.set(obj, newObj);
146
+ }
147
+ return newObj;
148
+ }
149
+ /* CJS INTEROP */ if (exports.__esModule && exports.default) { try { Object.defineProperty(exports.default, '__esModule', { value: true }); for (var key in exports) { exports.default[key] = exports[key]; } } catch (_) {}; module.exports = exports.default; }