npm - @nevermined-io/payments - Versions diffs - 1.8.0 → 1.9.0 - Mend

@nevermined-io/payments 1.8.0 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/README.md +2 -1
package/dist/mcp/core/auth.d.ts +2 -2
package/dist/mcp/core/auth.d.ts.map +1 -1
package/dist/mcp/core/auth.js +29 -18
package/dist/mcp/core/auth.js.map +1 -1
package/dist/mcp/core/paywall.d.ts.map +1 -1
package/dist/mcp/core/paywall.js +10 -6
package/dist/mcp/core/paywall.js.map +1 -1
package/dist/mcp/core/server-manager.d.ts.map +1 -1
package/dist/mcp/core/server-manager.js +6 -4
package/dist/mcp/core/server-manager.js.map +1 -1
package/dist/mcp/http/client-registration.d.ts.map +1 -1
package/dist/mcp/http/client-registration.js +4 -2
package/dist/mcp/http/client-registration.js.map +1 -1
package/dist/mcp/http/oauth-metadata.d.ts.map +1 -1
package/dist/mcp/http/oauth-metadata.js +2 -1
package/dist/mcp/http/oauth-metadata.js.map +1 -1
package/dist/mcp/index.d.ts +12 -5
package/dist/mcp/index.d.ts.map +1 -1
package/dist/mcp/index.js +46 -23
package/dist/mcp/index.js.map +1 -1
package/dist/mcp/types/http.types.d.ts +2 -2
package/dist/mcp/types/http.types.d.ts.map +1 -1
package/dist/mcp/types/http.types.js.map +1 -1
package/dist/mcp/types/paywall.types.d.ts +6 -2
package/dist/mcp/types/paywall.types.d.ts.map +1 -1
package/dist/mcp/types/paywall.types.js.map +1 -1
package/dist/mcp/types/server.types.d.ts +4 -2
package/dist/mcp/types/server.types.d.ts.map +1 -1
package/dist/mcp/types/server.types.js.map +1 -1
package/dist/payments.d.ts.map +1 -1
package/package.json +1 -1

package/dist/mcp/http/client-registration.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"client-registration.js","sourceRoot":"","sources":["../../../src/mcp/http/client-registration.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAOpC;;GAEG;AACH,MAAM,cAAc,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAA;AAE7F;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAIhD,YAAY,SAAiB,EAAE,OAAe,EAAE,UAAU,GAAG,GAAG;QAC9D,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAA;QACrC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,SAAS;YACrB,iBAAiB,EAAE,IAAI,CAAC,OAAO;SAChC,CAAA;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B,CAAC,IAAa;IACvD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,GAAG,GAAG,IAA+B,CAAA;IAC3C,OAAO,CAAC,CAAC,CACP,GAAG,CAAC,aAAa;QACjB,GAAG,CAAC,WAAW;QACf,GAAG,CAAC,0BAA0B;QAC9B,GAAG,CAAC,cAAc;QAClB,GAAG,CAAC,WAAW,CAChB,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iCAAiC,CAAC,OAAkC;IAClF,0DAA0D;IAC1D,IACE,CAAC,OAAO,CAAC,aAAa;QACtB,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACrC,OAAO,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,EAClC,CAAC;QACD,MAAM,IAAI,uBAAuB,CAC/B,iBAAiB,EACjB,yDAAyD,CAC1D,CAAA;IACH,CAAC;IAED,4CAA4C;IAC5C,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QACd,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,uBAAuB,CAAC,sBAAsB,EAAE,yBAAyB,GAAG,EAAE,CAAC,CAAA;QAC3F,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,CAAC,oBAAoB,EAAE,eAAe,EAAE,oBAAoB,CAAC,CAAA;IACrF,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACzC,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,2BAA2B,SAAS,EAAE,CACvC,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,MAAM,kBAAkB,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC5C,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,KAAK,MAAM,YAAY,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAClD,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,8BAA8B,YAAY,EAAE,CAC7C,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,qBAAqB,EAAE,oBAAoB,CAAC,CAAA;IAC9E,IACE,OAAO,CAAC,0BAA0B;QAClC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,0BAA0B,CAAC,EAC9D,CAAC;QACD,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,2CAA2C,OAAO,CAAC,0BAA0B,EAAE,CAChF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB;IAC3B,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;AAC9C,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,OAAkC,EAClC,MAAmB;IAEnB,uBAAuB;IACvB,iCAAiC,CAAC,OAAO,CAAC,CAAA;IAE1C,~~4DAA4D~~;~~IAC5D~~,MAAM,QAAQ,GAAG,~~MAAM~~,CAAC,~~OAAO~~,CAAA;~~IAC/B~~,MAAM,QAAQ,GAAG,~~IAAI~~,CAAC,~~KAAK~~,~~CAAC~~,IAAI,CAAC,~~GAAG~~,~~EAAE~~,~~GAAG~~,~~IAAI~~,CAAC,CAAA;~~IAE9C~~,gDAAgD;IAChD,MAAM,UAAU,GAAG,OAAO,CAAC,0BAA0B,IAAI,MAAM,CAAA;IAC/D,MAAM,WAAW,GAAG,UAAU,KAAK,qBAAqB,IAAI,UAAU,KAAK,oBAAoB,CAAA;IAE/F,iBAAiB;IACjB,MAAM,QAAQ,GAA+B;QAC3C,SAAS,EAAE,QAAQ;QACnB,mBAAmB,EAAE,QAAQ;QAC7B,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,YAAY;QAChD,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QACnE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,CAAC,oBAAoB,CAAC;QAC1D,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC;QAClD,0BAA0B,EAAE,UAAU;KACvC,CAAA;IAED,mCAAmC;IACnC,IAAI,WAAW,EAAE,CAAC;QAChB,QAAQ,CAAC,aAAa,GAAG,oBAAoB,EAAE,CAAA;QAC/C,QAAQ,CAAC,wBAAwB,GAAG,CAAC,CAAA,CAAC,wBAAwB;IAChE,CAAC;IAED,kCAAkC;IAClC,IAAI,OAAO,CAAC,UAAU;QAAE,QAAQ,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;IAChE,IAAI,OAAO,CAAC,QAAQ;QAAE,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAA;IAC1D,IAAI,OAAO,CAAC,QAAQ;QAAE,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE1D,OAAO,QAAQ,CAAA;AACjB,CAAC","sourcesContent":["/*\n OAuth Dynamic Client Registration handler (RFC 7591).\n * Handles client registration requests for MCP OAuth flows.\n /\nimport { randomBytes } from 'crypto'\nimport type {\n OAuthConfig,\n ClientRegistrationRequest,\n ClientRegistrationResponse,\n} from '../types/http.types.js'\n\n/\n Default scopes for client registration.\n /\nconst DEFAULT_SCOPES = ['openid', 'profile', 'credits', 'mcp:read', 'mcp:write', 'mcp:tools']\n\n/\n Validation error for client registration.\n /\nexport class ClientRegistrationError extends Error {\n public readonly errorCode: string\n public readonly statusCode: number\n\n constructor(errorCode: string, message: string, statusCode = 400) {\n super(message)\n this.name = 'ClientRegistrationError'\n this.errorCode = errorCode\n this.statusCode = statusCode\n }\n\n /\n Get the error response body.\n /\n toJSON(): { error: string; error_description: string } {\n return {\n error: this.errorCode,\n error_description: this.message,\n }\n }\n}\n\n/\n Check if a request body is an OAuth Dynamic Client Registration request.\n \n @param body - The request body to check\n * @returns True if the body looks like a client registration request\n /\nexport function isClientRegistrationRequest(body: unknown): body is ClientRegistrationRequest {\n if (!body \|\| typeof body !== 'object') return false\n\n const obj = body as Record<string, unknown>\n return !!(\n obj.redirect_uris \|\|\n obj.grant_types \|\|\n obj.token_endpoint_auth_method \|\|\n obj.response_types \|\|\n obj.client_name\n )\n}\n\n/\n Validate a client registration request.\n \n @param request - The client registration request\n * @throws ClientRegistrationError if validation fails\n /\nexport function validateClientRegistrationRequest(request: ClientRegistrationRequest): void {\n // redirect_uris is required and must be a non-empty array\n if (\n !request.redirect_uris \|\|\n !Array.isArray(request.redirect_uris) \|\|\n request.redirect_uris.length === 0\n ) {\n throw new ClientRegistrationError(\n 'invalid_request',\n 'redirect_uris is required and must be a non-empty array',\n )\n }\n\n // Validate each redirect_uri is a valid URL\n for (const uri of request.redirect_uris) {\n try {\n new URL(uri)\n } catch {\n throw new ClientRegistrationError('invalid_redirect_uri', `Invalid redirect_uri: ${uri}`)\n }\n }\n\n // Validate grant_types if provided\n const validGrantTypes = ['authorization_code', 'refresh_token', 'client_credentials']\n if (request.grant_types) {\n for (const grantType of request.grant_types) {\n if (!validGrantTypes.includes(grantType)) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported grant_type: ${grantType}`,\n )\n }\n }\n }\n\n // Validate response_types if provided\n const validResponseTypes = ['code', 'token']\n if (request.response_types) {\n for (const responseType of request.response_types) {\n if (!validResponseTypes.includes(responseType)) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported response_type: ${responseType}`,\n )\n }\n }\n }\n\n // Validate token_endpoint_auth_method if provided\n const validAuthMethods = ['none', 'client_secret_basic', 'client_secret_post']\n if (\n request.token_endpoint_auth_method &&\n !validAuthMethods.includes(request.token_endpoint_auth_method)\n ) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported token_endpoint_auth_method: ${request.token_endpoint_auth_method}`,\n )\n }\n}\n\n/\n Generate a cryptographically secure client secret.\n \n @returns A base64url-encoded random string\n /\nfunction generateClientSecret(): string {\n return randomBytes(32).toString('base64url')\n}\n\n/\n Process a client registration request and generate a response.\n \n @param request - The validated client registration request\n * @param config - OAuth configuration\n * @returns Client registration response\n \n @example\n * ```typescript\n * const response = await processClientRegistration(\n * { redirect_uris: ['http://localhost:3000/callback'], client_name: 'My App' },\n * { agentId: 'agent_123', baseUrl: 'http://localhost:5001', environment: 'staging_sandbox' }\n * )\n * ```\n */\nexport async function processClientRegistration(\n request: ClientRegistrationRequest,\n config: OAuthConfig,\n): Promise<ClientRegistrationResponse> {\n // Validate the request\n validateClientRegistrationRequest(request)\n\n // ~~Use~~ agentId as ~~client_id~~ (~~consistent~~ for this ~~MCP~~ server)\n ~~const~~ ~~clientId~~ = ~~config.agentId~~\n const issuedAt = Math.floor(Date.now() / 1000)\n\n // Determine auth method and if secret is needed\n const authMethod = request.token_endpoint_auth_method \|\| 'none'\n const needsSecret = authMethod === 'client_secret_basic' \|\| authMethod === 'client_secret_post'\n\n // Build response\n const response: ClientRegistrationResponse = {\n client_id: clientId,\n client_id_issued_at: issuedAt,\n client_name: request.client_name \|\| 'MCP Client',\n redirect_uris: request.redirect_uris,\n scope: request.scope \|\| (config.scopes \|\| DEFAULT_SCOPES).join(' '),\n grant_types: request.grant_types \|\| ['authorization_code'],\n response_types: request.response_types \|\| ['code'],\n token_endpoint_auth_method: authMethod,\n }\n\n // Generate client_secret if needed\n if (needsSecret) {\n response.client_secret = generateClientSecret()\n response.client_secret_expires_at = 0 // 0 means never expires\n }\n\n // Add optional fields if provided\n if (request.client_uri) response.client_uri = request.client_uri\n if (request.logo_uri) response.logo_uri = request.logo_uri\n if (request.contacts) response.contacts = request.contacts\n\n return response\n}\n"]}
1	+ {"version":3,"file":"client-registration.js","sourceRoot":"","sources":["../../../src/mcp/http/client-registration.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAA;AAOpC;;GAEG;AACH,MAAM,cAAc,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAA;AAE7F;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAIhD,YAAY,SAAiB,EAAE,OAAe,EAAE,UAAU,GAAG,GAAG;QAC9D,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAA;QACrC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,SAAS;YACrB,iBAAiB,EAAE,IAAI,CAAC,OAAO;SAChC,CAAA;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B,CAAC,IAAa;IACvD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,GAAG,GAAG,IAA+B,CAAA;IAC3C,OAAO,CAAC,CAAC,CACP,GAAG,CAAC,aAAa;QACjB,GAAG,CAAC,WAAW;QACf,GAAG,CAAC,0BAA0B;QAC9B,GAAG,CAAC,cAAc;QAClB,GAAG,CAAC,WAAW,CAChB,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iCAAiC,CAAC,OAAkC;IAClF,0DAA0D;IAC1D,IACE,CAAC,OAAO,CAAC,aAAa;QACtB,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACrC,OAAO,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,EAClC,CAAC;QACD,MAAM,IAAI,uBAAuB,CAC/B,iBAAiB,EACjB,yDAAyD,CAC1D,CAAA;IACH,CAAC;IAED,4CAA4C;IAC5C,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QACd,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,uBAAuB,CAAC,sBAAsB,EAAE,yBAAyB,GAAG,EAAE,CAAC,CAAA;QAC3F,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,CAAC,oBAAoB,EAAE,eAAe,EAAE,oBAAoB,CAAC,CAAA;IACrF,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACzC,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,2BAA2B,SAAS,EAAE,CACvC,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,MAAM,kBAAkB,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC5C,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,KAAK,MAAM,YAAY,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAClD,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,8BAA8B,YAAY,EAAE,CAC7C,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,qBAAqB,EAAE,oBAAoB,CAAC,CAAA;IAC9E,IACE,OAAO,CAAC,0BAA0B;QAClC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,0BAA0B,CAAC,EAC9D,CAAC;QACD,MAAM,IAAI,uBAAuB,CAC/B,yBAAyB,EACzB,2CAA2C,OAAO,CAAC,0BAA0B,EAAE,CAChF,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB;IAC3B,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;AAC9C,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,OAAkC,EAClC,MAAmB;IAEnB,uBAAuB;IACvB,iCAAiC,CAAC,OAAO,CAAC,CAAA;IAE1C,4EAA4E;IAC5E,2EAA2E;IAC3E,8DAA8D;IAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,IAAI,kBAAkB,QAAQ,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAA;IAEjG,gDAAgD;IAChD,MAAM,UAAU,GAAG,OAAO,CAAC,0BAA0B,IAAI,MAAM,CAAA;IAC/D,MAAM,WAAW,GAAG,UAAU,KAAK,qBAAqB,IAAI,UAAU,KAAK,oBAAoB,CAAA;IAE/F,iBAAiB;IACjB,MAAM,QAAQ,GAA+B;QAC3C,SAAS,EAAE,QAAQ;QACnB,mBAAmB,EAAE,QAAQ;QAC7B,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,YAAY;QAChD,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QACnE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,CAAC,oBAAoB,CAAC;QAC1D,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC;QAClD,0BAA0B,EAAE,UAAU;KACvC,CAAA;IAED,mCAAmC;IACnC,IAAI,WAAW,EAAE,CAAC;QAChB,QAAQ,CAAC,aAAa,GAAG,oBAAoB,EAAE,CAAA;QAC/C,QAAQ,CAAC,wBAAwB,GAAG,CAAC,CAAA,CAAC,wBAAwB;IAChE,CAAC;IAED,kCAAkC;IAClC,IAAI,OAAO,CAAC,UAAU;QAAE,QAAQ,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;IAChE,IAAI,OAAO,CAAC,QAAQ;QAAE,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAA;IAC1D,IAAI,OAAO,CAAC,QAAQ;QAAE,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE1D,OAAO,QAAQ,CAAA;AACjB,CAAC","sourcesContent":["/*\n OAuth Dynamic Client Registration handler (RFC 7591).\n * Handles client registration requests for MCP OAuth flows.\n /\nimport { randomBytes } from 'crypto'\nimport type {\n OAuthConfig,\n ClientRegistrationRequest,\n ClientRegistrationResponse,\n} from '../types/http.types.js'\n\n/\n Default scopes for client registration.\n /\nconst DEFAULT_SCOPES = ['openid', 'profile', 'credits', 'mcp:read', 'mcp:write', 'mcp:tools']\n\n/\n Validation error for client registration.\n /\nexport class ClientRegistrationError extends Error {\n public readonly errorCode: string\n public readonly statusCode: number\n\n constructor(errorCode: string, message: string, statusCode = 400) {\n super(message)\n this.name = 'ClientRegistrationError'\n this.errorCode = errorCode\n this.statusCode = statusCode\n }\n\n /\n Get the error response body.\n /\n toJSON(): { error: string; error_description: string } {\n return {\n error: this.errorCode,\n error_description: this.message,\n }\n }\n}\n\n/\n Check if a request body is an OAuth Dynamic Client Registration request.\n \n @param body - The request body to check\n * @returns True if the body looks like a client registration request\n /\nexport function isClientRegistrationRequest(body: unknown): body is ClientRegistrationRequest {\n if (!body \|\| typeof body !== 'object') return false\n\n const obj = body as Record<string, unknown>\n return !!(\n obj.redirect_uris \|\|\n obj.grant_types \|\|\n obj.token_endpoint_auth_method \|\|\n obj.response_types \|\|\n obj.client_name\n )\n}\n\n/\n Validate a client registration request.\n \n @param request - The client registration request\n * @throws ClientRegistrationError if validation fails\n /\nexport function validateClientRegistrationRequest(request: ClientRegistrationRequest): void {\n // redirect_uris is required and must be a non-empty array\n if (\n !request.redirect_uris \|\|\n !Array.isArray(request.redirect_uris) \|\|\n request.redirect_uris.length === 0\n ) {\n throw new ClientRegistrationError(\n 'invalid_request',\n 'redirect_uris is required and must be a non-empty array',\n )\n }\n\n // Validate each redirect_uri is a valid URL\n for (const uri of request.redirect_uris) {\n try {\n new URL(uri)\n } catch {\n throw new ClientRegistrationError('invalid_redirect_uri', `Invalid redirect_uri: ${uri}`)\n }\n }\n\n // Validate grant_types if provided\n const validGrantTypes = ['authorization_code', 'refresh_token', 'client_credentials']\n if (request.grant_types) {\n for (const grantType of request.grant_types) {\n if (!validGrantTypes.includes(grantType)) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported grant_type: ${grantType}`,\n )\n }\n }\n }\n\n // Validate response_types if provided\n const validResponseTypes = ['code', 'token']\n if (request.response_types) {\n for (const responseType of request.response_types) {\n if (!validResponseTypes.includes(responseType)) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported response_type: ${responseType}`,\n )\n }\n }\n }\n\n // Validate token_endpoint_auth_method if provided\n const validAuthMethods = ['none', 'client_secret_basic', 'client_secret_post']\n if (\n request.token_endpoint_auth_method &&\n !validAuthMethods.includes(request.token_endpoint_auth_method)\n ) {\n throw new ClientRegistrationError(\n 'invalid_client_metadata',\n `Unsupported token_endpoint_auth_method: ${request.token_endpoint_auth_method}`,\n )\n }\n}\n\n/\n Generate a cryptographically secure client secret.\n \n @returns A base64url-encoded random string\n /\nfunction generateClientSecret(): string {\n return randomBytes(32).toString('base64url')\n}\n\n/\n Process a client registration request and generate a response.\n \n @param request - The validated client registration request\n * @param config - OAuth configuration\n * @returns Client registration response\n \n @example\n * ```typescript\n * const response = await processClientRegistration(\n * { redirect_uris: ['http://localhost:3000/callback'], client_name: 'My App' },\n * { agentId: 'agent_123', baseUrl: 'http://localhost:5001', environment: 'staging_sandbox' }\n * )\n * ```\n */\nexport async function processClientRegistration(\n request: ClientRegistrationRequest,\n config: OAuthConfig,\n): Promise<ClientRegistrationResponse> {\n // Validate the request\n validateClientRegistrationRequest(request)\n\n // client_id = the configured agentId when present (stable for this server);\n // agentId is optional under the plan-centric model, so when it's absent we\n // issue a generated client_id for OAuth dynamic registration.\n const issuedAt = Math.floor(Date.now() / 1000)\n const clientId = config.agentId ?? `nvm-mcp-client-${issuedAt}-${randomBytes(8).toString('hex')}`\n\n // Determine auth method and if secret is needed\n const authMethod = request.token_endpoint_auth_method \|\| 'none'\n const needsSecret = authMethod === 'client_secret_basic' \|\| authMethod === 'client_secret_post'\n\n // Build response\n const response: ClientRegistrationResponse = {\n client_id: clientId,\n client_id_issued_at: issuedAt,\n client_name: request.client_name \|\| 'MCP Client',\n redirect_uris: request.redirect_uris,\n scope: request.scope \|\| (config.scopes \|\| DEFAULT_SCOPES).join(' '),\n grant_types: request.grant_types \|\| ['authorization_code'],\n response_types: request.response_types \|\| ['code'],\n token_endpoint_auth_method: authMethod,\n }\n\n // Generate client_secret if needed\n if (needsSecret) {\n response.client_secret = generateClientSecret()\n response.client_secret_expires_at = 0 // 0 means never expires\n }\n\n // Add optional fields if provided\n if (request.client_uri) response.client_uri = request.client_uri\n if (request.logo_uri) response.logo_uri = request.logo_uri\n if (request.contacts) response.contacts = request.contacts\n\n return response\n}\n"]}

package/dist/mcp/http/oauth-metadata.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oauth-metadata.d.ts","sourceRoot":"","sources":["../../../src/mcp/http/oauth-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAgB,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAC1E,OAAO,KAAK,EACV,SAAS,EACT,WAAW,EACX,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAC3B,iBAAiB,EAClB,MAAM,wBAAwB,CAAA;AAiD/B;;;;;;GAMG;AACH,wBAAgB,YAAY,CAC1B,WAAW,EAAE,eAAe,EAC5B,SAAS,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GAC7B,SAAS,CAGX;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,WAAW,GAAG,yBAAyB,CAY7F;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,iCAAiC,CAC/C,MAAM,EAAE,WAAW,GAClB,4BAA4B,CAiB9B;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,WAAW,GAAG,2BAA2B,CAiBjG;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,WAAW,GAAG,iBAAiB,CAqB7E;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,WAAW,EACnB,OAAO,CAAC,EAAE;IACR,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,GACA;IACD,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IACjC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC1B,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,SAAS,EAAE,MAAM,EAAE,CAAA;IACnB,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB,~~CA6BA~~"}
1	+ {"version":3,"file":"oauth-metadata.d.ts","sourceRoot":"","sources":["../../../src/mcp/http/oauth-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAgB,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAC1E,OAAO,KAAK,EACV,SAAS,EACT,WAAW,EACX,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAC3B,iBAAiB,EAClB,MAAM,wBAAwB,CAAA;AAiD/B;;;;;;GAMG;AACH,wBAAgB,YAAY,CAC1B,WAAW,EAAE,eAAe,EAC5B,SAAS,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,GAC7B,SAAS,CAGX;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,8BAA8B,CAAC,MAAM,EAAE,WAAW,GAAG,yBAAyB,CAY7F;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,iCAAiC,CAC/C,MAAM,EAAE,WAAW,GAClB,4BAA4B,CAiB9B;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,WAAW,GAAG,2BAA2B,CAiBjG;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,WAAW,GAAG,iBAAiB,CAqB7E;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,WAAW,EACnB,OAAO,CAAC,EAAE;IACR,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,GACA;IACD,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IACjC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC1B,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,SAAS,EAAE,MAAM,EAAE,CAAA;IACnB,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB,CA8BA"}

package/dist/mcp/http/oauth-metadata.js CHANGED Viewed

@@ -218,7 +218,8 @@ export function buildServerInfoResponse(config, options) {
             token_endpoint: oauthUrls.tokenUri,
             jwks_uri: oauthUrls.jwksUri,
             registration_endpoint: `${config.baseUrl}/register`,
-            client_id: config.agentId,
+            // agentId is optional under the plan-centric model; omit client_id when absent.
+            ...(config.agentId ? { client_id: config.agentId } : {}),
             scopes: scopes,
         },
         tools: config.tools || [],

package/dist/mcp/http/oauth-metadata.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oauth-metadata.js","sourceRoot":"","sources":["../../../src/mcp/http/oauth-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,YAAY,EAAwB,MAAM,uBAAuB,CAAA;AAU1E;;;;;;;;GAQG;AACH,SAAS,cAAc,CAAC,WAAmB,EAAE,UAAkB;IAC7D,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAC/C,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAE7C,OAAO;QACL,MAAM,EAAE,QAAQ;QAChB,gBAAgB,EAAE,GAAG,QAAQ,kBAAkB;QAC/C,QAAQ,EAAE,GAAG,OAAO,cAAc;QAClC,OAAO,EAAE,GAAG,OAAO,wBAAwB;QAC3C,WAAW,EAAE,GAAG,OAAO,iBAAiB;KACzC,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,0BAA0B,CAAC,WAA4B;IAC9D,MAAM,SAAS,GAAG,YAAY,CAAC,WAAW,CAAC,IAAI,YAAY,CAAC,OAAO,CAAA;IACnE,OAAO,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,CAAA;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,cAAc,GAAsB;IACxC,QAAQ;IACR,SAAS;IACT,SAAS;IACT,UAAU;IACV,WAAW;IACX,WAAW;CACZ,CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAU,YAAY,CAC1B,WAA4B,EAC5B,SAA8B;IAE9B,MAAM,QAAQ,GAAG,0BAA0B,CAAC,WAAW,CAAC,CAAA;IACxD,OAAO,EAAE,GAAG,QAAQ,EAAE,GAAG,SAAS,EAAE,CAAA;AACtC,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,8BAA8B,CAAC,MAAmB;IAChE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,2EAA2E;IAC3E,KAAK,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IAEvD,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,qBAAqB,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;QACvC,gBAAgB,EAAE,MAAM;QACxB,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,sBAAsB,EAAE,GAAG,MAAM,CAAC,OAAO,GAAG;KAC7C,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,iCAAiC,CAC/C,MAAmB;IAEnB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,2EAA2E;IAC3E,KAAK,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IAEvD,OAAO;QACL,QAAQ,EAAE,GAAG,MAAM,CAAC,OAAO,MAAM;QACjC,qBAAqB,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;QACvC,gBAAgB,EAAE,MAAM;QACxB,eAAe,EAAE,MAAM;QACvB,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,sBAAsB,EAAE,GAAG,MAAM,CAAC,OAAO,GAAG;QAC5C,gBAAgB,EAAE;YAChB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;YACzB,gBAAgB,EAAE,MAAM,CAAC,eAAe,IAAI,YAAY;SACzD;KACF,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,gCAAgC,CAAC,MAAmB;IAClE,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IAEnD,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;QAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;QAClC,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;QACnD,QAAQ,EAAE,SAAS,CAAC,OAAO;QAC3B,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAC1C,gBAAgB,EAAE,MAAM;QACxB,qCAAqC,EAAE,CAAC,oBAAoB,CAAC;QAC7D,uBAAuB,EAAE,CAAC,QAAQ,CAAC;KACpC,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAmB;IACxD,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;IAE5E,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;QAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;QAClC,QAAQ,EAAE,SAAS,CAAC,OAAO;QAC3B,iBAAiB,EAAE,SAAS,CAAC,WAAW;QACxC,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;QACnD,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAC1C,qCAAqC,EAAE,CAAC,MAAM,EAAE,oBAAoB,CAAC;QACrE,uBAAuB,EAAE,CAAC,QAAQ,CAAC;QACnC,qCAAqC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;QACzD,gBAAgB,EAAE,SAAS;QAC3B,gBAAgB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC;KACvE,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,MAAmB,EACnB,OAGC;IAWD,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IAEnD,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,UAAU,IAAI,YAAY;QACvC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,OAAO;QACpC,WAAW,EACT,OAAO,EAAE,WAAW,IAAI,kEAAkE;QAC5F,SAAS,EAAE;YACT,GAAG,EAAE,GAAG,MAAM,CAAC,OAAO,MAAM;YAC5B,MAAM,EAAE,GAAG,MAAM,CAAC,OAAO,SAAS;YAClC,QAAQ,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;SACvC;QACD,KAAK,EAAE;YACL,6BAA6B,EAAE,GAAG,MAAM,CAAC,OAAO,yCAAyC;YACzF,2BAA2B,EAAE,GAAG,MAAM,CAAC,OAAO,uCAAuC;YACrF,oBAAoB,EAAE,GAAG,MAAM,CAAC,OAAO,mCAAmC;YAC1E,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;YAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;YAClC,QAAQ,EAAE,SAAS,CAAC,OAAO;YAC3B,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;YACnD,SAAS,EAAE,MAAM,CAAC,OAAO;YACzB,MAAM,EAAE,MAAM;SACf;QACD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;QACjC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE;KAC9B,CAAA;AACH,CAAC","sourcesContent":["/*\n Pure functions to generate OAuth 2.1 metadata responses.\n * These generators produce the JSON payloads for OAuth discovery endpoints\n * without any framework dependencies, making them reusable across different HTTP servers.\n /\nimport { Environments, type EnvironmentName } from '../../environments.js'\nimport type {\n OAuthUrls,\n OAuthConfig,\n ProtectedResourceMetadata,\n McpProtectedResourceMetadata,\n AuthorizationServerMetadata,\n OidcConfiguration,\n} from '../types/http.types.js'\n\n/\n Build OAuth URLs from frontend and backend URLs.\n * - issuer and authorizationUri use the frontend (user-facing)\n * - tokenUri, jwksUri, userinfoUri use the backend (API)\n \n @param frontendUrl - The frontend URL (e.g., https://nevermined.app)\n * @param backendUrl - The backend URL (e.g., https://api.sandbox.nevermined.app)\n * @returns OAuth URLs configuration\n /\nfunction buildOAuthUrls(frontendUrl: string, backendUrl: string): OAuthUrls {\n // Remove trailing slashes\n const frontend = frontendUrl.replace(/\\/$/, '')\n const backend = backendUrl.replace(/\\/$/, '')\n\n return {\n issuer: frontend,\n authorizationUri: `${frontend}/oauth/authorize`,\n tokenUri: `${backend}/oauth/token`,\n jwksUri: `${backend}/.well-known/jwks.json`,\n userinfoUri: `${backend}/oauth/userinfo`,\n }\n}\n\n/\n Get OAuth URLs for an environment.\n * Uses frontend and backend URLs from Environments configuration.\n \n @param environment - The Nevermined environment name\n * @returns OAuth URLs configuration\n /\nfunction getOAuthUrlsForEnvironment(environment: EnvironmentName): OAuthUrls {\n const envConfig = Environments[environment] \|\| Environments.sandbox\n return buildOAuthUrls(envConfig.frontend, envConfig.backend)\n}\n\n/\n Default scopes supported by Nevermined MCP servers.\n /\nconst DEFAULT_SCOPES: readonly string[] = [\n 'openid',\n 'profile',\n 'credits',\n 'mcp:read',\n 'mcp:write',\n 'mcp:tools',\n]\n\n/\n Get OAuth URLs for a given environment with optional overrides.\n \n @param environment - The Nevermined environment name\n * @param overrides - Optional partial overrides for specific URLs\n * @returns Complete OAuth URLs configuration\n /\nexport function getOAuthUrls(\n environment: EnvironmentName,\n overrides?: Partial<OAuthUrls>,\n): OAuthUrls {\n const baseUrls = getOAuthUrlsForEnvironment(environment)\n return { ...baseUrls, ...overrides }\n}\n\n/\n Build Protected Resource Metadata (RFC 9728).\n * This metadata tells OAuth clients about the protected resource.\n \n @param config - OAuth configuration\n * @returns Protected Resource Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildProtectedResourceMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * // Returns: { resource: 'http://localhost:5001', authorization_servers: [...], ... }\n * ```\n /\nexport function buildProtectedResourceMetadata(config: OAuthConfig): ProtectedResourceMetadata {\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n // oauthUrls calculated but not used in this metadata (kept for future use)\n void getOAuthUrls(config.environment, config.oauthUrls)\n\n return {\n resource: config.baseUrl,\n authorization_servers: [config.baseUrl],\n scopes_supported: scopes,\n bearer_methods_supported: ['header'],\n resource_documentation: `${config.baseUrl}/`,\n }\n}\n\n/\n Build MCP-specific Protected Resource Metadata.\n * Extends the base metadata with MCP capabilities information.\n \n @param config - OAuth configuration\n * @returns MCP Protected Resource Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildMcpProtectedResourceMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox',\n * tools: ['hello_world', 'weather']\n * })\n * ```\n /\nexport function buildMcpProtectedResourceMetadata(\n config: OAuthConfig,\n): McpProtectedResourceMetadata {\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n // oauthUrls calculated but not used in this metadata (kept for future use)\n void getOAuthUrls(config.environment, config.oauthUrls)\n\n return {\n resource: `${config.baseUrl}/mcp`,\n authorization_servers: [config.baseUrl],\n scopes_supported: scopes,\n scopes_required: scopes,\n bearer_methods_supported: ['header'],\n resource_documentation: `${config.baseUrl}/`,\n mcp_capabilities: {\n tools: config.tools \|\| [],\n protocol_version: config.protocolVersion \|\| '2024-11-05',\n },\n }\n}\n\n/\n Build OAuth Authorization Server Metadata (RFC 8414).\n * This metadata describes the OAuth authorization server configuration.\n \n @param config - OAuth configuration\n * @returns Authorization Server Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildAuthorizationServerMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * ```\n /\nexport function buildAuthorizationServerMetadata(config: OAuthConfig): AuthorizationServerMetadata {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n\n return {\n issuer: oauthUrls.issuer,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n registration_endpoint: `${config.baseUrl}/register`,\n jwks_uri: oauthUrls.jwksUri,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n code_challenge_methods_supported: ['S256'],\n scopes_supported: scopes,\n token_endpoint_auth_methods_supported: ['client_secret_post'],\n subject_types_supported: ['public'],\n }\n}\n\n/\n Build OpenID Connect Discovery Metadata.\n * Provides OIDC-compatible configuration for clients that expect OpenID Connect.\n \n @param config - OAuth configuration\n * @returns OIDC Configuration response object\n \n @example\n * ```typescript\n * const metadata = buildOidcConfiguration({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * ```\n /\nexport function buildOidcConfiguration(config: OAuthConfig): OidcConfiguration {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n const allScopes = scopes.includes('openid') ? scopes : ['openid', ...scopes]\n\n return {\n issuer: oauthUrls.issuer,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n jwks_uri: oauthUrls.jwksUri,\n userinfo_endpoint: oauthUrls.userinfoUri,\n registration_endpoint: `${config.baseUrl}/register`,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n code_challenge_methods_supported: ['S256'],\n token_endpoint_auth_methods_supported: ['none', 'client_secret_post'],\n subject_types_supported: ['public'],\n id_token_signing_alg_values_supported: ['RS256', 'HS256'],\n scopes_supported: allScopes,\n claims_supported: ['sub', 'iss', 'aud', 'exp', 'iat', 'name', 'email'],\n }\n}\n\n/\n Build server info response for the root endpoint.\n \n @param config - OAuth configuration\n * @param options - Additional options for the server info\n * @returns Server info response object\n */\nexport function buildServerInfoResponse(\n config: OAuthConfig,\n options?: {\n version?: string\n description?: string\n },\n): {\n name: string\n version: string\n description: string\n endpoints: Record<string, string>\n oauth: Record<string, any>\n tools: string[]\n resources: string[]\n prompts: string[]\n} {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n\n return {\n name: config.serverName \|\| 'MCP Server',\n version: options?.version \|\| '1.0.0',\n description:\n options?.description \|\| 'MCP server with Nevermined OAuth integration via Streamable HTTP',\n endpoints: {\n mcp: `${config.baseUrl}/mcp`,\n health: `${config.baseUrl}/health`,\n register: `${config.baseUrl}/register`,\n },\n oauth: {\n authorization_server_metadata: `${config.baseUrl}/.well-known/oauth-authorization-server`,\n protected_resource_metadata: `${config.baseUrl}/.well-known/oauth-protected-resource`,\n openid_configuration: `${config.baseUrl}/.well-known/openid-configuration`,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n jwks_uri: oauthUrls.jwksUri,\n registration_endpoint: `${config.baseUrl}/register`,\n client_id: config.agentId,\n scopes: scopes,\n },\n tools: config.tools \|\| [],\n resources: config.resources \|\| [],\n prompts: config.prompts \|\| [],\n }\n}\n"]}
1	+ {"version":3,"file":"oauth-metadata.js","sourceRoot":"","sources":["../../../src/mcp/http/oauth-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,YAAY,EAAwB,MAAM,uBAAuB,CAAA;AAU1E;;;;;;;;GAQG;AACH,SAAS,cAAc,CAAC,WAAmB,EAAE,UAAkB;IAC7D,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAC/C,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAE7C,OAAO;QACL,MAAM,EAAE,QAAQ;QAChB,gBAAgB,EAAE,GAAG,QAAQ,kBAAkB;QAC/C,QAAQ,EAAE,GAAG,OAAO,cAAc;QAClC,OAAO,EAAE,GAAG,OAAO,wBAAwB;QAC3C,WAAW,EAAE,GAAG,OAAO,iBAAiB;KACzC,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,0BAA0B,CAAC,WAA4B;IAC9D,MAAM,SAAS,GAAG,YAAY,CAAC,WAAW,CAAC,IAAI,YAAY,CAAC,OAAO,CAAA;IACnE,OAAO,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,CAAA;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,cAAc,GAAsB;IACxC,QAAQ;IACR,SAAS;IACT,SAAS;IACT,UAAU;IACV,WAAW;IACX,WAAW;CACZ,CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAU,YAAY,CAC1B,WAA4B,EAC5B,SAA8B;IAE9B,MAAM,QAAQ,GAAG,0BAA0B,CAAC,WAAW,CAAC,CAAA;IACxD,OAAO,EAAE,GAAG,QAAQ,EAAE,GAAG,SAAS,EAAE,CAAA;AACtC,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,8BAA8B,CAAC,MAAmB;IAChE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,2EAA2E;IAC3E,KAAK,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IAEvD,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,qBAAqB,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;QACvC,gBAAgB,EAAE,MAAM;QACxB,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,sBAAsB,EAAE,GAAG,MAAM,CAAC,OAAO,GAAG;KAC7C,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,iCAAiC,CAC/C,MAAmB;IAEnB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,2EAA2E;IAC3E,KAAK,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IAEvD,OAAO;QACL,QAAQ,EAAE,GAAG,MAAM,CAAC,OAAO,MAAM;QACjC,qBAAqB,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;QACvC,gBAAgB,EAAE,MAAM;QACxB,eAAe,EAAE,MAAM;QACvB,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,sBAAsB,EAAE,GAAG,MAAM,CAAC,OAAO,GAAG;QAC5C,gBAAgB,EAAE;YAChB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;YACzB,gBAAgB,EAAE,MAAM,CAAC,eAAe,IAAI,YAAY;SACzD;KACF,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,gCAAgC,CAAC,MAAmB;IAClE,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IAEnD,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;QAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;QAClC,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;QACnD,QAAQ,EAAE,SAAS,CAAC,OAAO;QAC3B,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAC1C,gBAAgB,EAAE,MAAM;QACxB,qCAAqC,EAAE,CAAC,oBAAoB,CAAC;QAC7D,uBAAuB,EAAE,CAAC,QAAQ,CAAC;KACpC,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAmB;IACxD,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IACnD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;IAE5E,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;QAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;QAClC,QAAQ,EAAE,SAAS,CAAC,OAAO;QAC3B,iBAAiB,EAAE,SAAS,CAAC,WAAW;QACxC,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;QACnD,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gCAAgC,EAAE,CAAC,MAAM,CAAC;QAC1C,qCAAqC,EAAE,CAAC,MAAM,EAAE,oBAAoB,CAAC;QACrE,uBAAuB,EAAE,CAAC,QAAQ,CAAC;QACnC,qCAAqC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;QACzD,gBAAgB,EAAE,SAAS;QAC3B,gBAAgB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC;KACvE,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CACrC,MAAmB,EACnB,OAGC;IAWD,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;IACpE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,cAAc,CAAC,CAAA;IAEnD,OAAO;QACL,IAAI,EAAE,MAAM,CAAC,UAAU,IAAI,YAAY;QACvC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,OAAO;QACpC,WAAW,EACT,OAAO,EAAE,WAAW,IAAI,kEAAkE;QAC5F,SAAS,EAAE;YACT,GAAG,EAAE,GAAG,MAAM,CAAC,OAAO,MAAM;YAC5B,MAAM,EAAE,GAAG,MAAM,CAAC,OAAO,SAAS;YAClC,QAAQ,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;SACvC;QACD,KAAK,EAAE;YACL,6BAA6B,EAAE,GAAG,MAAM,CAAC,OAAO,yCAAyC;YACzF,2BAA2B,EAAE,GAAG,MAAM,CAAC,OAAO,uCAAuC;YACrF,oBAAoB,EAAE,GAAG,MAAM,CAAC,OAAO,mCAAmC;YAC1E,sBAAsB,EAAE,SAAS,CAAC,gBAAgB;YAClD,cAAc,EAAE,SAAS,CAAC,QAAQ;YAClC,QAAQ,EAAE,SAAS,CAAC,OAAO;YAC3B,qBAAqB,EAAE,GAAG,MAAM,CAAC,OAAO,WAAW;YACnD,gFAAgF;YAChF,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,MAAM,EAAE,MAAM;SACf;QACD,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE;QACjC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE;KAC9B,CAAA;AACH,CAAC","sourcesContent":["/*\n Pure functions to generate OAuth 2.1 metadata responses.\n * These generators produce the JSON payloads for OAuth discovery endpoints\n * without any framework dependencies, making them reusable across different HTTP servers.\n /\nimport { Environments, type EnvironmentName } from '../../environments.js'\nimport type {\n OAuthUrls,\n OAuthConfig,\n ProtectedResourceMetadata,\n McpProtectedResourceMetadata,\n AuthorizationServerMetadata,\n OidcConfiguration,\n} from '../types/http.types.js'\n\n/\n Build OAuth URLs from frontend and backend URLs.\n * - issuer and authorizationUri use the frontend (user-facing)\n * - tokenUri, jwksUri, userinfoUri use the backend (API)\n \n @param frontendUrl - The frontend URL (e.g., https://nevermined.app)\n * @param backendUrl - The backend URL (e.g., https://api.sandbox.nevermined.app)\n * @returns OAuth URLs configuration\n /\nfunction buildOAuthUrls(frontendUrl: string, backendUrl: string): OAuthUrls {\n // Remove trailing slashes\n const frontend = frontendUrl.replace(/\\/$/, '')\n const backend = backendUrl.replace(/\\/$/, '')\n\n return {\n issuer: frontend,\n authorizationUri: `${frontend}/oauth/authorize`,\n tokenUri: `${backend}/oauth/token`,\n jwksUri: `${backend}/.well-known/jwks.json`,\n userinfoUri: `${backend}/oauth/userinfo`,\n }\n}\n\n/\n Get OAuth URLs for an environment.\n * Uses frontend and backend URLs from Environments configuration.\n \n @param environment - The Nevermined environment name\n * @returns OAuth URLs configuration\n /\nfunction getOAuthUrlsForEnvironment(environment: EnvironmentName): OAuthUrls {\n const envConfig = Environments[environment] \|\| Environments.sandbox\n return buildOAuthUrls(envConfig.frontend, envConfig.backend)\n}\n\n/\n Default scopes supported by Nevermined MCP servers.\n /\nconst DEFAULT_SCOPES: readonly string[] = [\n 'openid',\n 'profile',\n 'credits',\n 'mcp:read',\n 'mcp:write',\n 'mcp:tools',\n]\n\n/\n Get OAuth URLs for a given environment with optional overrides.\n \n @param environment - The Nevermined environment name\n * @param overrides - Optional partial overrides for specific URLs\n * @returns Complete OAuth URLs configuration\n /\nexport function getOAuthUrls(\n environment: EnvironmentName,\n overrides?: Partial<OAuthUrls>,\n): OAuthUrls {\n const baseUrls = getOAuthUrlsForEnvironment(environment)\n return { ...baseUrls, ...overrides }\n}\n\n/\n Build Protected Resource Metadata (RFC 9728).\n * This metadata tells OAuth clients about the protected resource.\n \n @param config - OAuth configuration\n * @returns Protected Resource Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildProtectedResourceMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * // Returns: { resource: 'http://localhost:5001', authorization_servers: [...], ... }\n * ```\n /\nexport function buildProtectedResourceMetadata(config: OAuthConfig): ProtectedResourceMetadata {\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n // oauthUrls calculated but not used in this metadata (kept for future use)\n void getOAuthUrls(config.environment, config.oauthUrls)\n\n return {\n resource: config.baseUrl,\n authorization_servers: [config.baseUrl],\n scopes_supported: scopes,\n bearer_methods_supported: ['header'],\n resource_documentation: `${config.baseUrl}/`,\n }\n}\n\n/\n Build MCP-specific Protected Resource Metadata.\n * Extends the base metadata with MCP capabilities information.\n \n @param config - OAuth configuration\n * @returns MCP Protected Resource Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildMcpProtectedResourceMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox',\n * tools: ['hello_world', 'weather']\n * })\n * ```\n /\nexport function buildMcpProtectedResourceMetadata(\n config: OAuthConfig,\n): McpProtectedResourceMetadata {\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n // oauthUrls calculated but not used in this metadata (kept for future use)\n void getOAuthUrls(config.environment, config.oauthUrls)\n\n return {\n resource: `${config.baseUrl}/mcp`,\n authorization_servers: [config.baseUrl],\n scopes_supported: scopes,\n scopes_required: scopes,\n bearer_methods_supported: ['header'],\n resource_documentation: `${config.baseUrl}/`,\n mcp_capabilities: {\n tools: config.tools \|\| [],\n protocol_version: config.protocolVersion \|\| '2024-11-05',\n },\n }\n}\n\n/\n Build OAuth Authorization Server Metadata (RFC 8414).\n * This metadata describes the OAuth authorization server configuration.\n \n @param config - OAuth configuration\n * @returns Authorization Server Metadata response object\n \n @example\n * ```typescript\n * const metadata = buildAuthorizationServerMetadata({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * ```\n /\nexport function buildAuthorizationServerMetadata(config: OAuthConfig): AuthorizationServerMetadata {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n\n return {\n issuer: oauthUrls.issuer,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n registration_endpoint: `${config.baseUrl}/register`,\n jwks_uri: oauthUrls.jwksUri,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n code_challenge_methods_supported: ['S256'],\n scopes_supported: scopes,\n token_endpoint_auth_methods_supported: ['client_secret_post'],\n subject_types_supported: ['public'],\n }\n}\n\n/\n Build OpenID Connect Discovery Metadata.\n * Provides OIDC-compatible configuration for clients that expect OpenID Connect.\n \n @param config - OAuth configuration\n * @returns OIDC Configuration response object\n \n @example\n * ```typescript\n * const metadata = buildOidcConfiguration({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * environment: 'staging_sandbox'\n * })\n * ```\n /\nexport function buildOidcConfiguration(config: OAuthConfig): OidcConfiguration {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n const allScopes = scopes.includes('openid') ? scopes : ['openid', ...scopes]\n\n return {\n issuer: oauthUrls.issuer,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n jwks_uri: oauthUrls.jwksUri,\n userinfo_endpoint: oauthUrls.userinfoUri,\n registration_endpoint: `${config.baseUrl}/register`,\n response_types_supported: ['code'],\n grant_types_supported: ['authorization_code', 'refresh_token'],\n code_challenge_methods_supported: ['S256'],\n token_endpoint_auth_methods_supported: ['none', 'client_secret_post'],\n subject_types_supported: ['public'],\n id_token_signing_alg_values_supported: ['RS256', 'HS256'],\n scopes_supported: allScopes,\n claims_supported: ['sub', 'iss', 'aud', 'exp', 'iat', 'name', 'email'],\n }\n}\n\n/\n Build server info response for the root endpoint.\n \n @param config - OAuth configuration\n * @param options - Additional options for the server info\n * @returns Server info response object\n */\nexport function buildServerInfoResponse(\n config: OAuthConfig,\n options?: {\n version?: string\n description?: string\n },\n): {\n name: string\n version: string\n description: string\n endpoints: Record<string, string>\n oauth: Record<string, any>\n tools: string[]\n resources: string[]\n prompts: string[]\n} {\n const oauthUrls = getOAuthUrls(config.environment, config.oauthUrls)\n const scopes = config.scopes \|\| [...DEFAULT_SCOPES]\n\n return {\n name: config.serverName \|\| 'MCP Server',\n version: options?.version \|\| '1.0.0',\n description:\n options?.description \|\| 'MCP server with Nevermined OAuth integration via Streamable HTTP',\n endpoints: {\n mcp: `${config.baseUrl}/mcp`,\n health: `${config.baseUrl}/health`,\n register: `${config.baseUrl}/register`,\n },\n oauth: {\n authorization_server_metadata: `${config.baseUrl}/.well-known/oauth-authorization-server`,\n protected_resource_metadata: `${config.baseUrl}/.well-known/oauth-protected-resource`,\n openid_configuration: `${config.baseUrl}/.well-known/openid-configuration`,\n authorization_endpoint: oauthUrls.authorizationUri,\n token_endpoint: oauthUrls.tokenUri,\n jwks_uri: oauthUrls.jwksUri,\n registration_endpoint: `${config.baseUrl}/register`,\n // agentId is optional under the plan-centric model; omit client_id when absent.\n ...(config.agentId ? { client_id: config.agentId } : {}),\n scopes: scopes,\n },\n tools: config.tools \|\| [],\n resources: config.resources \|\| [],\n prompts: config.prompts \|\| [],\n }\n}\n"]}

package/dist/mcp/index.d.ts CHANGED Viewed

@@ -17,7 +17,8 @@
  *
  * // Configure MCP integration
  * payments.mcp.configure({
- *   agentId: process.env.NVM_AGENT_ID!,
+ *   planId: process.env.NVM_PLAN_ID!, // required
+ *   agentId: process.env.NVM_AGENT_ID, // optional
  *   serverName: 'my-mcp-server'
  * })
  *
@@ -33,7 +34,8 @@
  * // Start a managed server with all OAuth endpoints
  * const { baseUrl, stop } = await payments.mcp.startServer({
  *   port: 5001,
- *   agentId: process.env.NVM_AGENT_ID!,
+ *   planId: process.env.NVM_PLAN_ID!, // required
+ *   agentId: process.env.NVM_AGENT_ID, // optional
  *   serverName: 'my-mcp-server',
  *   tools: ['hello_world']
  * })
@@ -48,7 +50,8 @@
  * // Create OAuth router
  * const router = payments.mcp.createRouter({
  *   baseUrl: 'http://localhost:5001',
- *   agentId: 'agent_123',
+ *   planId: 'plan_123', // required
+ *   agentId: 'agent_123', // optional
  *   serverName: 'my-mcp-server'
  * })
  *
@@ -85,7 +88,9 @@ export interface ExtendedMcpConfig extends McpConfig {
 export interface CreateRouterOptions {
     /** Base URL of the MCP server */
     baseUrl: string;
-    /** Agent ID (client_id) */
+    /** Payment plan ID — configures the paywall plan for this server (falls back to configure()) */
+    planId?: string;
+    /** Agent ID (optional; OAuth client_id / informational only) */
     agentId?: string;
     /** Server name */
     serverName?: string;
@@ -114,7 +119,9 @@ export interface StartServerOptions {
     host?: string;
     /** Base URL (defaults to http://localhost:\{port\}) */
     baseUrl?: string;
-    /** Agent ID (uses configured agentId if not provided) */
+    /** Payment plan ID — configures the paywall plan for this server (falls back to configure()) */
+    planId?: string;
+    /** Agent ID (optional; OAuth client_id / informational only) */
     agentId?: string;
     /** Server name */
     serverName?: string;

package/dist/mcp/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/mcp/index.ts"],"names":[],"mappings":"AAAA~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyDG~~;AACH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;~~AAOzD~~,OAAO,KAAK,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EAChB,MAAM,yBAAyB,CAAA;AAChC,OAAO,KAAK,EAEV,WAAW,EACX,eAAe,EACf,aAAa,EACb,cAAc,EACd,SAAS,EACV,MAAM,0BAA0B,CAAA;AACjC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAG7D,YAAY,EACV,cAAc,EACd,aAAa,EACb,cAAc,EACd,SAAS,EACT,cAAc,EACd,UAAU,GACX,MAAM,0BAA0B,CAAA;AAEjC,YAAY,EACV,SAAS,EACT,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAC3B,iBAAiB,EACjB,yBAAyB,EACzB,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,uBAAuB,CAAA;AAG9B,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAA;AAGvF,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EACf,UAAU,EACV,WAAW,EACX,eAAe,EACf,aAAa,GACd,MAAM,yBAAyB,CAAA;AAGhC,OAAO,EACL,YAAY,EACZ,8BAA8B,EAC9B,iCAAiC,EACjC,gCAAgC,EAChC,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,kBAAkB,EAClB,YAAY,EACZ,uBAAuB,GACxB,MAAM,iBAAiB,CAAA;AAExB;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,eAAe,CAAA;IAC7B,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,0BAA0B;IAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,iCAAiC;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,~~2BAA2B~~;~~IAC3B~~,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iCAAiC;IACjC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,0BAA0B;IAC1B,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,yBAAyB;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,qBAAqB;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,sBAAsB;IACtB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,~~yDAAyD~~;~~IACzD~~,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iCAAiC;IACjC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,0BAA0B;IAC1B,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,yBAAyB;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,qBAAqB;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,kCAAkC;IAClC,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,IAAI,CAAA;IAC5C,uBAAuB;IACvB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,KAAK,IAAI,CAAA;CACrE;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,eAAe,EAAE,QAAQ;~~yBA4B~~/B,iBAAiB,KAAG,IAAI;;~~SAgB~~/B,KAAK,iBACf,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,WAC1E,WAAW,GAAG,aAAa,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;SACxB,KAAK,iBACf,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAClF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;kBAElC,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,cAAc,KACrB,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,WACd,eAAe,GACvB,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;;~~qBA4BhE~~;QACtB,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;QAC/D,gBAAgB,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;QAClF,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;KAClE;qBAEgB,KAAK,cACV,MAAM,UACJ,GAAG,WACF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACzE,IAAI,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;+BAMtC,MAAM,YACF,GAAG,UACL,GAAG,WACF,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,cAAc,KACrB,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACb,IAAI,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAAC;uBASnC,KAAK,cACZ,MAAM,UACJ,GAAG,WACF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACzE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;;~~8BApDb~~,GAAG,WAAW;~~QAAC~~,MAAM,CAAC,EAAE,MAAM,CAAA;~~KAAC~~,sBAAe,MAAM;~~4BA8E5D~~,mBAAmB;~~yBAiDtB~~,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE;~~2BA+CnD~~,kBAAkB,KAAG,OAAO,CAAC,gBAAgB,CAAC;~~qBAoC5D~~,iBAAiB;mBA6CjB,IAAI,cAClB,MAAM,UACJ,aAAa,WACZ,WAAW,CAAC,IAAI,CAAC,YAChB,sBAAsB,KAC/B,IAAI;6BAeC,MAAM,iBACG,MAAM,UACb,iBAAiB,WAChB,eAAe,YACd,sBAAsB,KAC/B,IAAI;qBAciB,IAAI,cACpB,MAAM,UACJ,eAAe,WACd,aAAa,CAAC,IAAI,CAAC,YAClB,sBAAsB,KAC/B,IAAI;~~oBA6BsB~~,eAAe,KAAG,OAAO,CAAC,eAAe,CAAC;gBAQhD,OAAO,CAAC,IAAI,CAAC;EA4BrC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/mcp/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4DG;AACH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAQzD,OAAO,KAAK,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EAChB,MAAM,yBAAyB,CAAA;AAChC,OAAO,KAAK,EAEV,WAAW,EACX,eAAe,EACf,aAAa,EACb,cAAc,EACd,SAAS,EACV,MAAM,0BAA0B,CAAA;AACjC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAG7D,YAAY,EACV,cAAc,EACd,aAAa,EACb,cAAc,EACd,SAAS,EACT,cAAc,EACd,UAAU,GACX,MAAM,0BAA0B,CAAA;AAEjC,YAAY,EACV,SAAS,EACT,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAC3B,iBAAiB,EACjB,yBAAyB,EACzB,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,uBAAuB,CAAA;AAG9B,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAA;AAGvF,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EACf,UAAU,EACV,WAAW,EACX,eAAe,EACf,aAAa,GACd,MAAM,yBAAyB,CAAA;AAGhC,OAAO,EACL,YAAY,EACZ,8BAA8B,EAC9B,iCAAiC,EACjC,gCAAgC,EAChC,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,kBAAkB,EAClB,YAAY,EACZ,uBAAuB,GACxB,MAAM,iBAAiB,CAAA;AAExB;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,SAAS;IAClD,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,eAAe,CAAA;IAC7B,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,0BAA0B;IAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,iCAAiC;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,gGAAgG;IAChG,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,gEAAgE;IAChE,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iCAAiC;IACjC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,0BAA0B;IAC1B,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,yBAAyB;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,qBAAqB;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,sBAAsB;IACtB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gGAAgG;IAChG,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,gEAAgE;IAChE,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,iCAAiC;IACjC,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,0BAA0B;IAC1B,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,yBAAyB;IACzB,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,qBAAqB;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,kCAAkC;IAClC,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,IAAI,CAAA;IAC5C,uBAAuB;IACvB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,KAAK,IAAI,CAAA;CACrE;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,eAAe,EAAE,QAAQ;yBA6B/B,iBAAiB,KAAG,IAAI;;SAuB/B,KAAK,iBACf,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,WAC1E,WAAW,GAAG,aAAa,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;SACxB,KAAK,iBACf,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAClF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;kBAElC,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,cAAc,KACrB,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,WACd,eAAe,GACvB,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;;qBAwChE;QACtB,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;QAC/D,gBAAgB,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;QAClF,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,KAAK,IAAI,CAAA;KAClE;qBAEgB,KAAK,cACV,MAAM,UACJ,GAAG,WACF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACzE,IAAI,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC;+BAMtC,MAAM,YACF,GAAG,UACL,GAAG,WACF,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,EACX,OAAO,CAAC,EAAE,cAAc,KACrB,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACb,IAAI,CAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAAC;uBASnC,KAAK,cACZ,MAAM,UACJ,GAAG,WACF,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,cAAc,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,YACzE,IAAI,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAAC;;8BA1Db,GAAG,WAAW;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,sBAAe,MAAM;4BAiH9D,mBAAmB;yBA4CtB,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE;2BA0CnD,kBAAkB,KAAG,OAAO,CAAC,gBAAgB,CAAC;qBA+B5D,iBAAiB;mBA6CjB,IAAI,cAClB,MAAM,UACJ,aAAa,WACZ,WAAW,CAAC,IAAI,CAAC,YAChB,sBAAsB,KAC/B,IAAI;6BAeC,MAAM,iBACG,MAAM,UACb,iBAAiB,WAChB,eAAe,YACd,sBAAsB,KAC/B,IAAI;qBAciB,IAAI,cACpB,MAAM,UACJ,eAAe,WACd,aAAa,CAAC,IAAI,CAAC,YAClB,sBAAsB,KAC/B,IAAI;oBA8BsB,eAAe,KAAG,OAAO,CAAC,eAAe,CAAC;gBAQhD,OAAO,CAAC,IAAI,CAAC;EA4BrC"}

package/dist/mcp/index.js CHANGED Viewed

@@ -4,6 +4,7 @@ import { PaywallDecorator } from './core/paywall.js';
 import { PaywallAuthenticator } from './core/auth.js';
 import { CreditsContextProvider } from './core/credits-context.js';
 import { createServerManager } from './core/server-manager.js';
+import { ERROR_CODES, createRpcError } from './utils/errors.js';
 // Re-export utilities
 export { buildExtraFromHttpHeaders, buildExtraFromHttpRequest } from './utils/extra.js';
 // Re-export HTTP module components for advanced usage
@@ -22,7 +23,7 @@ export function buildMcpIntegration(paymentsService) {
     const paywallDecorator = new PaywallDecorator(paymentsService, authenticator, creditsContext);
     // Extended configuration storage
     let extendedConfig = {
-        agentId: '',
+        planId: '',
         serverName: 'mcp-server',
     };
     /**
@@ -34,8 +35,9 @@ export function buildMcpIntegration(paymentsService) {
      * @example
      * ```typescript
      * payments.mcp.configure({
-     *   agentId: 'agent_123',
+     *   planId: 'plan_123', // required
      *   serverName: 'my-mcp-server',
+     *   agentId: 'agent_123', // optional
      *   baseUrl: 'http://localhost:5001',
      *   environment: 'staging_sandbox',
      *   tools: ['hello_world', 'weather']
@@ -49,12 +51,19 @@ export function buildMcpIntegration(paymentsService) {
         };
         // Also configure the paywall decorator
         paywallDecorator.configure({
+            planId: options.planId,
             agentId: options.agentId,
             serverName: options.serverName,
         });
     }
     function withPaywall(handler, options) {
         const opts = options ?? { kind: 'tool', name: 'unnamed' };
+        // Fail fast at registration time: a planId must be resolvable from the
+        // per-tool option or the server-level config. Otherwise a misconfiguration
+        // would only surface on the first tool call.
+        if (!opts.planId && !extendedConfig.planId) {
+            throw createRpcError(ERROR_CODES.Misconfiguration, 'Server misconfiguration: missing planId');
+        }
         return paywallDecorator.protect(handler, opts);
     }
     /**
@@ -66,9 +75,9 @@ export function buildMcpIntegration(paymentsService) {
      */
     async function authenticateMeta(extra, options = {}, method) {
         const cfg = extendedConfig;
-        const agentId = cfg.agentId || '';
+        const agentId = cfg.agentId || undefined;
         const serverName = cfg.serverName || 'mcp-server';
-        return authenticator.authenticateMeta(extra, { planId: options?.planId }, agentId, serverName, method);
+        return authenticator.authenticateMeta(extra, { planId: options?.planId ?? cfg.planId }, agentId, serverName, method);
     }
     /**
      * Attach paywall protection to an MCP server.
@@ -97,6 +106,28 @@ export function buildMcpIntegration(paymentsService) {
             },
         };
     }
+    /**
+     * Resolve the effective agentId/serverName/environment for an OAuth transport
+     * from per-call options layered over the server-level config, and configure
+     * the paywall so tools protected via withPaywall settle on the resolved plan
+     * (per-call option wins over a prior configure()). Shared by
+     * createRouter/createApp/startServer.
+     *
+     * agentId is optional under the plan-centric model (informational/OAuth
+     * client_id only); the OAuth router omits client_id when it's absent. planId
+     * is the paywall's concern — the OAuth transports below do not consume it.
+     */
+    function resolveTransportConfig(options) {
+        const agentId = options.agentId || extendedConfig.agentId;
+        const serverName = options.serverName || extendedConfig.serverName || 'mcp-server';
+        configure({
+            planId: options.planId ?? extendedConfig.planId,
+            agentId,
+            serverName,
+        });
+        const environment = extendedConfig.environment || paymentsService.environmentName || 'staging_sandbox';
+        return { agentId, serverName, environment };
+    }
     /**
      * Create an Express router with OAuth 2.1 endpoints.
      * Use this when you already have an Express app and want to add OAuth support.
@@ -108,6 +139,7 @@ export function buildMcpIntegration(paymentsService) {
      * ```typescript
      * const router = payments.mcp.createRouter({
      *   baseUrl: 'http://localhost:5001',
+     *   planId: 'plan_123', // required
      *   serverName: 'my-mcp-server',
      *   tools: ['hello_world']
      * })
@@ -116,17 +148,13 @@ export function buildMcpIntegration(paymentsService) {
      * ```
      */
     function createRouter(options) {
-        const agentId = options.agentId || extendedConfig.agentId;
-        if (!agentId) {
-            throw new Error('agentId is required. Either pass it in options or call configure() first.');
-        }
-        const environment = extendedConfig.environment || paymentsService.environmentName || 'staging_sandbox';
+        const { agentId, serverName, environment } = resolveTransportConfig(options);
         return createOAuthRouter({
             payments: paymentsService,
             baseUrl: options.baseUrl,
             agentId,
             environment,
-            serverName: options.serverName || extendedConfig.serverName || 'mcp-server',
+            serverName,
             tools: options.tools || extendedConfig.tools || [],
             scopes: extendedConfig.scopes,
             enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,
@@ -151,6 +179,7 @@ export function buildMcpIntegration(paymentsService) {
      * ```typescript
      * const app = payments.mcp.createApp({
      *   baseUrl: 'http://localhost:5001',
+     *   planId: 'plan_123', // required
      *   serverName: 'my-mcp-server'
      * })
      *
@@ -161,17 +190,13 @@ export function buildMcpIntegration(paymentsService) {
      * ```
      */
     function createApp(options) {
-        const agentId = options.agentId || extendedConfig.agentId;
-        if (!agentId) {
-            throw new Error('agentId is required. Either pass it in options or call configure() first.');
-        }
-        const environment = extendedConfig.environment || paymentsService.environmentName || 'staging_sandbox';
+        const { agentId, serverName, environment } = resolveTransportConfig(options);
         return createMcpApp({
             payments: paymentsService,
             baseUrl: options.baseUrl,
             agentId,
             environment,
-            serverName: options.serverName || extendedConfig.serverName || 'mcp-server',
+            serverName,
             tools: options.tools || extendedConfig.tools || [],
             scopes: extendedConfig.scopes,
             enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,
@@ -193,6 +218,7 @@ export function buildMcpIntegration(paymentsService) {
      * ```typescript
      * const { baseUrl, stop } = await payments.mcp.startServer({
      *   port: 5001,
+     *   planId: process.env.NVM_PLAN_ID!, // required
      *   serverName: 'my-mcp-server',
      *   tools: ['hello_world', 'weather']
      * })
@@ -204,12 +230,8 @@ export function buildMcpIntegration(paymentsService) {
      * ```
      */
     async function startServer(options) {
-        const agentId = options.agentId || extendedConfig.agentId;
-        if (!agentId) {
-            throw new Error('agentId is required. Either pass it in options or call configure() first.');
-        }
+        const { agentId, serverName, environment } = resolveTransportConfig(options);
         const baseUrl = options.baseUrl || `http://localhost:${options.port}`;
-        const environment = extendedConfig.environment || paymentsService.environmentName || 'staging_sandbox';
         return startManagedServer({
             payments: paymentsService,
             port: options.port,
@@ -217,7 +239,7 @@ export function buildMcpIntegration(paymentsService) {
             baseUrl,
             agentId,
             environment,
-            serverName: options.serverName || extendedConfig.serverName || 'mcp-server',
+            serverName,
             tools: options.tools || extendedConfig.tools || [],
             scopes: extendedConfig.scopes,
             enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,
@@ -320,7 +342,8 @@ export function buildMcpIntegration(paymentsService) {
      * // Then start the server
      * const { info, stop } = await payments.mcp.start({
      *   port: 5001,
-     *   agentId: 'did:nv:...',
+     *   planId: 'plan_123', // required
+     *   agentId: 'did:nv:...', // optional
      *   serverName: 'my-mcp-server'
      * })
      *

package/dist/mcp/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/mcp/index.ts"],"names":[],"mappings":"AA4DA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAA;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAA;AAClE,OAAO,EAAoB,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AA+ChF,sBAAsB;AACtB,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAA;AAmBvF,sDAAsD;AACtD,OAAO,EACL,YAAY,EACZ,8BAA8B,EAC9B,iCAAiC,EACjC,gCAAgC,EAChC,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,kBAAkB,EAClB,YAAY,EACZ,uBAAuB,GACxB,MAAM,iBAAiB,CAAA;AA4ExB;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,eAAyB;IAC3D,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,CAAA;IAC/D,MAAM,cAAc,GAAG,IAAI,sBAAsB,EAAE,CAAA;IACnD,MAAM,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,eAAe,EAAE,aAAa,EAAE,cAAc,CAAC,CAAA;IAE7F,iCAAiC;IACjC,IAAI,cAAc,GAAsB;QACtC,OAAO,EAAE,EAAE;QACX,UAAU,EAAE,YAAY;KACzB,CAAA;IAED;;;;;;;;;;;;;;;;OAgBG;IACH,SAAS,SAAS,CAAC,OAA0B;QAC3C,cAAc,GAAG;YACf,GAAG,cAAc;YACjB,GAAG,OAAO;SACX,CAAA;QACD,uCAAuC;QACvC,gBAAgB,CAAC,SAAS,CAAC;YACzB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAA;IACJ,CAAC;IAsBD,SAAS,WAAW,CAAC,OAAY,EAAE,OAAuD;QACxF,MAAM,IAAI,GACP,OAAsC,IAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAU,CAAA;QACvF,OAAQ,gBAAgB,CAAC,OAAe,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IACzD,CAAC;IAED;;;;;;OAMG;IACH,KAAK,UAAU,gBAAgB,CAAC,KAAU,EAAE,UAA6B,EAAE,EAAE,MAAc;QACzF,MAAM,GAAG,GAAG,cAAc,CAAA;QAC1B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAA;QACjC,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,YAAY,CAAA;QACjD,OAAO,aAAa,CAAC,gBAAgB,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;IACxG,CAAC;IAED;;;;;;OAMG;IACH,SAAS,MAAM,CAAC,MAIf;QACC,OAAO;YACL,YAAY,CACV,IAAY,EACZ,MAAW,EACX,OAAmF,EACnF,OAA4C;gBAE5C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC,CAAA;gBACzF,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACrD,CAAC;YACD,gBAAgB,CACd,IAAY,EACZ,QAAa,EACb,MAAW,EACX,OAKuB,EACvB,OAAgD;gBAEhD,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE;oBAC5C,IAAI,EAAE,UAAU;oBAChB,IAAI;oBACJ,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;iBACnB,CAAC,CAAA;gBACF,MAAM,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACnE,CAAC;YACD,cAAc,CACZ,IAAY,EACZ,MAAW,EACX,OAAmF,EACnF,OAA8C;gBAE9C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC,CAAA;gBAC3F,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACvD,CAAC;SACF,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAS,YAAY,CAAC,OAA4B;QAChD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAA;QACzD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAA;QAC9F,CAAC;QAED,MAAM,WAAW,GACf,cAAc,CAAC,WAAW,IAAK,eAAuB,CAAC,eAAe,IAAI,iBAAiB,CAAA;QAE7F,OAAO,iBAAiB,CAAC;YACvB,QAAQ,EAAE,eAAe;YACzB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,cAAc,CAAC,UAAU,IAAI,YAAY;YAC3E,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,SAAS,SAAS,CAAC,OAAoE;QACrF,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAA;QACzD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAA;QAC9F,CAAC;QAED,MAAM,WAAW,GACf,cAAc,CAAC,WAAW,IAAK,eAAuB,CAAC,eAAe,IAAI,iBAAiB,CAAA;QAE7F,OAAO,YAAY,CAAC;YAClB,QAAQ,EAAE,eAAe;YACzB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,cAAc,CAAC,UAAU,IAAI,YAAY;YAC3E,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,KAAK,UAAU,WAAW,CAAC,OAA2B;QACpD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAA;QACzD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAA;QAC9F,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,oBAAoB,OAAO,CAAC,IAAI,EAAE,CAAA;QACrE,MAAM,WAAW,GACf,cAAc,CAAC,WAAW,IAAK,eAAuB,CAAC,eAAe,IAAI,iBAAiB,CAAA;QAE7F,OAAO,kBAAkB,CAAC;YACxB,QAAQ,EAAE,eAAe;YACzB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,OAAO;YACP,OAAO;YACP,WAAW;YACX,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,cAAc,CAAC,UAAU,IAAI,YAAY;YAC3E,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,SAAS,SAAS;QAChB,OAAO,EAAE,GAAG,cAAc,EAAE,CAAA;IAC9B,CAAC;IAED,gFAAgF;IAChF,+EAA+E;IAC/E,gFAAgF;IAEhF,oCAAoC;IACpC,IAAI,aAAa,GAA4B,IAAI,CAAA;IAEjD;;OAEG;IACH,SAAS,gBAAgB;QACvB,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAA;QACtD,CAAC;QACD,OAAO,aAAa,CAAA;IACtB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,SAAS,YAAY,CACnB,IAAY,EACZ,MAAqB,EACrB,OAA0B,EAC1B,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACjE,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,gBAAgB,CACvB,IAAY,EACZ,aAAqB,EACrB,MAAyB,EACzB,OAAwB,EACxB,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,gBAAgB,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACpF,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,cAAc,CACrB,IAAY,EACZ,MAAuB,EACvB,OAA4B,EAC5B,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACnE,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,KAAK,UAAU,KAAK,CAAC,MAAuB;QAC1C,OAAO,gBAAgB,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,UAAU,IAAI;QACjB,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,aAAa,CAAC,IAAI,EAAE,CAAA;QAC5B,CAAC;IACH,CAAC;IAED,OAAO;QACL,4CAA4C;QAC5C,SAAS;QACT,WAAW;QACX,MAAM;QACN,gBAAgB;QAEhB,0CAA0C;QAC1C,YAAY;QACZ,SAAS;QACT,WAAW;QAEX,YAAY;QACZ,SAAS;QAET,8CAA8C;QAC9C,YAAY;QACZ,gBAAgB;QAChB,cAAc;QACd,KAAK;QACL,IAAI;KACL,CAAA;AACH,CAAC","sourcesContent":["/*\n MCP (Model Context Protocol) integration module for Nevermined Payments.\n \n This module provides everything needed to build monetizable MCP servers:\n * - Paywall protection for tools, resources, and prompts\n * - OAuth 2.1 discovery and client registration endpoints\n * - Managed HTTP server or router for existing Express apps\n \n @example Basic usage with withPaywall\n * ```typescript\n * import { Payments } from '@nevermined-io/payments'\n \n const payments = Payments.getInstance({\n * nvmApiKey: process.env.NVM_API_KEY!,\n * environment: 'staging_sandbox'\n * })\n \n // Configure MCP integration\n * payments.mcp.configure({\n * agentId: process.env.NVM_AGENT_ID!,\n * serverName: 'my-mcp-server'\n * })\n \n // Protect a tool handler\n * const protectedHandler = payments.mcp.withPaywall(\n * myToolHandler,\n * { kind: 'tool', name: 'my_tool', credits: 1n }\n * )\n * ```\n \n @example Complete server with OAuth\n * ```typescript\n * // Start a managed server with all OAuth endpoints\n * const { baseUrl, stop } = await payments.mcp.startServer({\n * port: 5001,\n * agentId: process.env.NVM_AGENT_ID!,\n * serverName: 'my-mcp-server',\n * tools: ['hello_world']\n * })\n * ```\n \n @example Using router with existing Express app\n * ```typescript\n * import express from 'express'\n \n const app = express()\n \n // Create OAuth router\n * const router = payments.mcp.createRouter({\n * baseUrl: 'http://localhost:5001',\n * agentId: 'agent_123',\n * serverName: 'my-mcp-server'\n * })\n \n app.use(router)\n * app.listen(5001)\n * ```\n /\nimport type { Payments } from '../payments.js'\nimport type { EnvironmentName } from '../environments.js'\nimport { createOAuthRouter } from './http/oauth-router.js'\nimport { createMcpApp, startManagedServer } from './http/managed-server.js'\nimport { PaywallDecorator } from './core/paywall.js'\nimport { PaywallAuthenticator } from './core/auth.js'\nimport { CreditsContextProvider } from './core/credits-context.js'\nimport { McpServerManager, createServerManager } from './core/server-manager.js'\nimport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n} from './types/server.types.js'\nimport type {\n PaywallOptions,\n ToolOptions,\n ResourceOptions,\n PromptOptions,\n PaywallContext,\n McpConfig,\n} from './types/paywall.types.js'\nimport type { HttpServerResult } from './types/http.types.js'\n\n// Re-export types\nexport type {\n CreditsContext,\n CreditsOption,\n PaywallOptions,\n McpConfig,\n PaywallContext,\n AuthResult,\n} from './types/paywall.types.js'\n\nexport type {\n OAuthUrls,\n OAuthConfig,\n HttpRouterConfig,\n HttpServerConfig,\n HttpServerResult,\n ProtectedResourceMetadata,\n McpProtectedResourceMetadata,\n AuthorizationServerMetadata,\n OidcConfiguration,\n ClientRegistrationRequest,\n ClientRegistrationResponse,\n ServerInfoResponse,\n} from './types/http.types.js'\n\n// Re-export utilities\nexport { buildExtraFromHttpHeaders, buildExtraFromHttpRequest } from './utils/extra.js'\n\n// Re-export simplified API types\nexport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n ServerInfo,\n ToolContext,\n ResourceContext,\n PromptContext,\n} from './types/server.types.js'\n\n// Re-export HTTP module components for advanced usage\nexport {\n getOAuthUrls,\n buildProtectedResourceMetadata,\n buildMcpProtectedResourceMetadata,\n buildAuthorizationServerMetadata,\n buildOidcConfiguration,\n buildServerInfoResponse,\n createOAuthRouter,\n createCorsMiddleware,\n createJsonMiddleware,\n createRequireAuthMiddleware,\n createHttpLoggingMiddleware,\n startManagedServer,\n createMcpApp,\n ClientRegistrationError,\n} from './http/index.js'\n\n/\n Extended MCP configuration including HTTP server options.\n /\nexport interface ExtendedMcpConfig extends McpConfig {\n /* Base URL for the server (required for HTTP features) /\n baseUrl?: string\n /* Nevermined environment /\n environment?: EnvironmentName\n /* Tools exposed by this server /\n tools?: string[]\n /* Custom OAuth scopes /\n scopes?: string[]\n}\n\n/\n Options for creating the OAuth router.\n /\nexport interface CreateRouterOptions {\n /* Base URL of the MCP server /\n baseUrl: string\n /* Agent ID (client_id) /\n agentId?: string\n /* Server name /\n serverName?: string\n /* Tools exposed by this server /\n tools?: string[]\n /* Enable OAuth discovery endpoints /\n enableOAuthDiscovery?: boolean\n /* Enable client registration /\n enableClientRegistration?: boolean\n /* Enable health check /\n enableHealthCheck?: boolean\n /* Enable server info /\n enableServerInfo?: boolean\n /* Server version /\n version?: string\n /* Server description /\n description?: string\n}\n\n/\n Options for starting the managed server.\n /\nexport interface StartServerOptions {\n /* Port to listen on /\n port: number\n /* Host to bind to /\n host?: string\n /* Base URL (defaults to http://localhost:\\{port\\}) /\n baseUrl?: string\n /* Agent ID (uses configured agentId if not provided) /\n agentId?: string\n /* Server name /\n serverName?: string\n /* Tools exposed by this server /\n tools?: string[]\n /* Enable OAuth discovery endpoints /\n enableOAuthDiscovery?: boolean\n /* Enable client registration /\n enableClientRegistration?: boolean\n /* Enable health check /\n enableHealthCheck?: boolean\n /* Enable server info /\n enableServerInfo?: boolean\n /* Server version /\n version?: string\n /* Server description /\n description?: string\n /* Callback when server starts /\n onStart?: (result: HttpServerResult) => void\n /* Logging callback /\n onLog?: (message: string, level?: 'info' \| 'warn' \| 'error') => void\n}\n\n/\n Build MCP integration with modular architecture.\n * This function creates the complete MCP API surface including\n * paywall protection, OAuth endpoints, and HTTP server management.\n \n @param paymentsService - The Payments instance\n * @returns MCP integration API\n /\nexport function buildMcpIntegration(paymentsService: Payments) {\n const authenticator = new PaywallAuthenticator(paymentsService)\n const creditsContext = new CreditsContextProvider()\n const paywallDecorator = new PaywallDecorator(paymentsService, authenticator, creditsContext)\n\n // Extended configuration storage\n let extendedConfig: ExtendedMcpConfig = {\n agentId: '',\n serverName: 'mcp-server',\n }\n\n /\n Configure the MCP integration.\n * This sets up the agent ID, server name, and optional HTTP settings.\n \n @param options - Configuration options\n \n @example\n * ```typescript\n * payments.mcp.configure({\n * agentId: 'agent_123',\n * serverName: 'my-mcp-server',\n * baseUrl: 'http://localhost:5001',\n * environment: 'staging_sandbox',\n * tools: ['hello_world', 'weather']\n * })\n * ```\n /\n function configure(options: ExtendedMcpConfig): void {\n extendedConfig = {\n ...extendedConfig,\n ...options,\n }\n // Also configure the paywall decorator\n paywallDecorator.configure({\n agentId: options.agentId,\n serverName: options.serverName,\n })\n }\n\n /\n Wrap a handler with paywall protection.\n * The wrapped handler will validate authentication and burn credits.\n /\n function withPaywall<TArgs = any>(\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options: ToolOptions \| PromptOptions,\n ): (args: TArgs, extra?: any) => Promise<any>\n function withPaywall<TArgs = any>(\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n ): (args: TArgs, extra?: any) => Promise<any>\n function withPaywall(\n handler: (\n uri: URL,\n variables: Record<string, string \| string[]>,\n extra?: any,\n context?: PaywallContext,\n ) => Promise<any> \| any,\n options: ResourceOptions,\n ): (uri: URL, variables: Record<string, string \| string[]>, extra?: any) => Promise<any>\n function withPaywall(handler: any, options?: ToolOptions \| PromptOptions \| ResourceOptions): any {\n const opts =\n (options as PaywallOptions \| undefined) ?? ({ kind: 'tool', name: 'unnamed' } as any)\n return (paywallDecorator.protect as any)(handler, opts)\n }\n\n /\n Authenticate meta MCP operations (initialize, tools/list, etc.).\n \n @param extra - The extra parameter from MCP\n * @param method - The MCP method being called\n * @returns Authentication result\n /\n async function authenticateMeta(extra: any, options: {planId?: string} = {}, method: string) {\n const cfg = extendedConfig\n const agentId = cfg.agentId \|\| ''\n const serverName = cfg.serverName \|\| 'mcp-server'\n return authenticator.authenticateMeta(extra, { planId: options?.planId }, agentId, serverName, method)\n }\n\n /\n Attach paywall protection to an MCP server.\n * Returns a registrar with protected register methods.\n \n @param server - The MCP server instance\n * @returns Protected registrar\n /\n function attach(server: {\n registerTool: (name: string, config: any, handler: any) => void\n registerResource: (name: string, template: any, config: any, handler: any) => void\n registerPrompt: (name: string, config: any, handler: any) => void\n }) {\n return {\n registerTool<TArgs = any>(\n name: string,\n config: any,\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options?: Omit<ToolOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, { kind: 'tool', name, ...(options \|\| {}) })\n server.registerTool(name, config, protectedHandler)\n },\n registerResource(\n name: string,\n template: any,\n config: any,\n handler: (\n uri: URL,\n variables: Record<string, string \| string[]>,\n extra?: any,\n context?: PaywallContext,\n ) => Promise<any> \| any,\n options?: Omit<ResourceOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, {\n kind: 'resource',\n name,\n ...(options \|\| {}),\n })\n server.registerResource(name, template, config, protectedHandler)\n },\n registerPrompt<TArgs = any>(\n name: string,\n config: any,\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options?: Omit<PromptOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, { kind: 'prompt', name, ...(options \|\| {}) })\n server.registerPrompt(name, config, protectedHandler)\n },\n }\n }\n\n /\n Create an Express router with OAuth 2.1 endpoints.\n * Use this when you already have an Express app and want to add OAuth support.\n \n @param options - Router configuration\n * @returns Express Router\n \n @example\n * ```typescript\n * const router = payments.mcp.createRouter({\n * baseUrl: 'http://localhost:5001',\n * serverName: 'my-mcp-server',\n * tools: ['hello_world']\n * })\n \n app.use(router)\n * ```\n /\n function createRouter(options: CreateRouterOptions) {\n const agentId = options.agentId \|\| extendedConfig.agentId\n if (!agentId) {\n throw new Error('agentId is required. Either pass it in options or call configure() first.')\n }\n\n const environment =\n extendedConfig.environment \|\| (paymentsService as any).environmentName \|\| 'staging_sandbox'\n\n return createOAuthRouter({\n payments: paymentsService,\n baseUrl: options.baseUrl,\n agentId,\n environment,\n serverName: options.serverName \|\| extendedConfig.serverName \|\| 'mcp-server',\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n })\n }\n\n /\n Create an Express app pre-configured with OAuth discovery endpoints.\n * Use this when you want more control over the app before starting.\n \n Note: Authentication is handled by withPaywall() on each tool,\n * not by HTTP middleware.\n \n @param options - App configuration\n * @returns Configured Express app with OAuth endpoints\n \n @example\n * ```typescript\n * const app = payments.mcp.createApp({\n * baseUrl: 'http://localhost:5001',\n * serverName: 'my-mcp-server'\n * })\n \n // Add your MCP handler - auth via withPaywall() on each tool\n * app.post('/mcp', mcpHandler)\n \n app.listen(5001)\n * ```\n /\n function createApp(options: Omit<CreateRouterOptions, 'agentId'> & { agentId?: string }) {\n const agentId = options.agentId \|\| extendedConfig.agentId\n if (!agentId) {\n throw new Error('agentId is required. Either pass it in options or call configure() first.')\n }\n\n const environment =\n extendedConfig.environment \|\| (paymentsService as any).environmentName \|\| 'staging_sandbox'\n\n return createMcpApp({\n payments: paymentsService,\n baseUrl: options.baseUrl,\n agentId,\n environment,\n serverName: options.serverName \|\| extendedConfig.serverName \|\| 'mcp-server',\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n })\n }\n\n /\n Start a managed HTTP server with OAuth 2.1 support.\n * This creates a complete Express server with all OAuth endpoints pre-configured.\n \n @param options - Server configuration\n * @returns Server result with control methods\n \n @example\n * ```typescript\n * const { baseUrl, stop } = await payments.mcp.startServer({\n * port: 5001,\n * serverName: 'my-mcp-server',\n * tools: ['hello_world', 'weather']\n * })\n \n console.log(`Server running at ${baseUrl}`)\n \n // Later: gracefully stop\n * await stop()\n * ```\n /\n async function startServer(options: StartServerOptions): Promise<HttpServerResult> {\n const agentId = options.agentId \|\| extendedConfig.agentId\n if (!agentId) {\n throw new Error('agentId is required. Either pass it in options or call configure() first.')\n }\n\n const baseUrl = options.baseUrl \|\| `http://localhost:${options.port}`\n const environment =\n extendedConfig.environment \|\| (paymentsService as any).environmentName \|\| 'staging_sandbox'\n\n return startManagedServer({\n payments: paymentsService,\n port: options.port,\n host: options.host,\n baseUrl,\n agentId,\n environment,\n serverName: options.serverName \|\| extendedConfig.serverName \|\| 'mcp-server',\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n onStart: options.onStart,\n onLog: options.onLog,\n })\n }\n\n /\n Get the current configuration.\n \n @returns Current MCP configuration\n /\n function getConfig(): ExtendedMcpConfig {\n return { ...extendedConfig }\n }\n\n // =============================================================================\n // SIMPLIFIED API - High-level API that hides McpServer, Transport, and Express\n // =============================================================================\n\n // Server manager for simplified API\n let serverManager: McpServerManager \| null = null\n\n /\n Get or create the server manager.\n /\n function getServerManager(): McpServerManager {\n if (!serverManager) {\n serverManager = createServerManager(paymentsService)\n }\n return serverManager\n }\n\n /\n Register a tool with the simplified API.\n * Must be called before start().\n \n @param name - Tool name\n * @param config - Tool configuration\n * @param handler - Tool handler function\n * @param options - Registration options (credits, etc.)\n \n @example\n * ```typescript\n * payments.mcp.registerTool(\n * 'hello_world',\n * {\n * description: 'Returns a hello world message',\n * inputSchema: { name: { type: 'string' } }\n * },\n * async (args: { name: string }, context?: ToolContext) => ({\n * content: [{ type: 'text', text: `Hello, ${args.name}!` }]\n * }),\n * { credits: 1, onRedeemError: 'ignore' }\n * )\n * ```\n /\n function registerTool<Args = any>(\n name: string,\n config: McpToolConfig,\n handler: ToolHandler<Args>,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerTool(name, config, handler, options)\n }\n\n /\n Register a resource with the simplified API.\n * Must be called before start().\n \n @param name - Resource name\n * @param uriOrTemplate - Resource URI (string) or template\n * @param config - Resource metadata configuration\n * @param handler - Resource handler function\n * @param options - Registration options (credits, etc.)\n /\n function registerResource(\n name: string,\n uriOrTemplate: string,\n config: McpResourceConfig,\n handler: ResourceHandler,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerResource(name, uriOrTemplate, config, handler, options)\n }\n\n /\n Register a prompt with the simplified API.\n * Must be called before start().\n * Matches the signature of MCP SDK registerPrompt.\n \n @param name - Prompt name\n * @param config - Prompt configuration\n * @param handler - Prompt handler function\n * @param options - Registration options (credits, etc.)\n /\n function registerPrompt<Args = any>(\n name: string,\n config: McpPromptConfig,\n handler: PromptHandler<Args>,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerPrompt(name, config, handler, options)\n }\n\n /\n Start the MCP server with the simplified API.\n * This creates and starts everything: McpServer, Express, OAuth endpoints, etc.\n \n @param config - Server configuration\n * @returns Server result with stop() method\n \n @example\n * ```typescript\n * // Register tools first\n * payments.mcp.registerTool('hello', { description: '...' }, handler)\n \n // Then start the server\n * const { info, stop } = await payments.mcp.start({\n * port: 5001,\n * agentId: 'did:nv:...',\n * serverName: 'my-mcp-server'\n * })\n \n console.log(`Server running at ${info.baseUrl}`)\n \n // Later: stop gracefully\n * await stop()\n * ```\n /\n async function start(config: McpServerConfig): Promise<McpServerResult> {\n return getServerManager().start(config)\n }\n\n /\n Stop the MCP server.\n * This is a convenience method - you can also use the stop() from start()'s result.\n */\n async function stop(): Promise<void> {\n if (serverManager) {\n await serverManager.stop()\n }\n }\n\n return {\n // Core paywall functionality (advanced API)\n configure,\n withPaywall,\n attach,\n authenticateMeta,\n\n // HTTP/OAuth functionality (advanced API)\n createRouter,\n createApp,\n startServer,\n\n // Utilities\n getConfig,\n\n // Simplified API (recommended for most users)\n registerTool,\n registerResource,\n registerPrompt,\n start,\n stop,\n }\n}\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/mcp/index.ts"],"names":[],"mappings":"AA+DA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAA;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAA;AAClE,OAAO,EAAoB,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AA+C/D,sBAAsB;AACtB,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAA;AAmBvF,sDAAsD;AACtD,OAAO,EACL,YAAY,EACZ,8BAA8B,EAC9B,iCAAiC,EACjC,gCAAgC,EAChC,sBAAsB,EACtB,uBAAuB,EACvB,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,kBAAkB,EAClB,YAAY,EACZ,uBAAuB,GACxB,MAAM,iBAAiB,CAAA;AAgFxB;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,eAAyB;IAC3D,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,CAAA;IAC/D,MAAM,cAAc,GAAG,IAAI,sBAAsB,EAAE,CAAA;IACnD,MAAM,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,eAAe,EAAE,aAAa,EAAE,cAAc,CAAC,CAAA;IAE7F,iCAAiC;IACjC,IAAI,cAAc,GAAsB;QACtC,MAAM,EAAE,EAAE;QACV,UAAU,EAAE,YAAY;KACzB,CAAA;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAS,SAAS,CAAC,OAA0B;QAC3C,cAAc,GAAG;YACf,GAAG,cAAc;YACjB,GAAG,OAAO;SACX,CAAA;QACD,uCAAuC;QACvC,gBAAgB,CAAC,SAAS,CAAC;YACzB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAA;IACJ,CAAC;IA4BD,SAAS,WAAW,CAAC,OAAY,EAAE,OAAuD;QACxF,MAAM,IAAI,GACP,OAAsC,IAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAU,CAAA;QACvF,uEAAuE;QACvE,2EAA2E;QAC3E,6CAA6C;QAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;YAC3C,MAAM,cAAc,CAAC,WAAW,CAAC,gBAAgB,EAAE,yCAAyC,CAAC,CAAA;QAC/F,CAAC;QACD,OAAQ,gBAAgB,CAAC,OAAe,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IACzD,CAAC;IAED;;;;;;OAMG;IACH,KAAK,UAAU,gBAAgB,CAAC,KAAU,EAAE,UAA+B,EAAE,EAAE,MAAc;QAC3F,MAAM,GAAG,GAAG,cAAc,CAAA;QAC1B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,IAAI,SAAS,CAAA;QACxC,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,YAAY,CAAA;QACjD,OAAO,aAAa,CAAC,gBAAgB,CACnC,KAAK,EACL,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,EACzC,OAAO,EACP,UAAU,EACV,MAAM,CACP,CAAA;IACH,CAAC;IAED;;;;;;OAMG;IACH,SAAS,MAAM,CAAC,MAIf;QACC,OAAO;YACL,YAAY,CACV,IAAY,EACZ,MAAW,EACX,OAAmF,EACnF,OAA4C;gBAE5C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC,CAAA;gBACzF,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACrD,CAAC;YACD,gBAAgB,CACd,IAAY,EACZ,QAAa,EACb,MAAW,EACX,OAKuB,EACvB,OAAgD;gBAEhD,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE;oBAC5C,IAAI,EAAE,UAAU;oBAChB,IAAI;oBACJ,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;iBACnB,CAAC,CAAA;gBACF,MAAM,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACnE,CAAC;YACD,cAAc,CACZ,IAAY,EACZ,MAAW,EACX,OAAmF,EACnF,OAA8C;gBAE9C,MAAM,gBAAgB,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC,CAAA;gBAC3F,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAA;YACvD,CAAC;SACF,CAAA;IACH,CAAC;IAED;;;;;;;;;;OAUG;IACH,SAAS,sBAAsB,CAAC,OAI/B;QACC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAA;QACzD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,cAAc,CAAC,UAAU,IAAI,YAAY,CAAA;QAClF,SAAS,CAAC;YACR,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,cAAc,CAAC,MAAM;YAC/C,OAAO;YACP,UAAU;SACX,CAAC,CAAA;QACF,MAAM,WAAW,GACf,cAAc,CAAC,WAAW,IAAK,eAAuB,CAAC,eAAe,IAAI,iBAAiB,CAAA;QAC7F,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,CAAA;IAC7C,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,SAAS,YAAY,CAAC,OAA4B;QAChD,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAE5E,OAAO,iBAAiB,CAAC;YACvB,QAAQ,EAAE,eAAe;YACzB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,UAAU;YACV,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,SAAS,SAAS,CAAC,OAAoE;QACrF,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAE5E,OAAO,YAAY,CAAC;YAClB,QAAQ,EAAE,eAAe;YACzB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,UAAU;YACV,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,KAAK,UAAU,WAAW,CAAC,OAA2B;QACpD,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAE5E,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,oBAAoB,OAAO,CAAC,IAAI,EAAE,CAAA;QAErE,OAAO,kBAAkB,CAAC;YACxB,QAAQ,EAAE,eAAe;YACzB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,OAAO;YACP,OAAO;YACP,WAAW;YACX,UAAU;YACV,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,KAAK,IAAI,EAAE;YAClD,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,oBAAoB,EAAE,OAAO,CAAC,oBAAoB,IAAI,IAAI;YAC1D,wBAAwB,EAAE,OAAO,CAAC,wBAAwB,IAAI,IAAI;YAClE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,IAAI;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,SAAS,SAAS;QAChB,OAAO,EAAE,GAAG,cAAc,EAAE,CAAA;IAC9B,CAAC;IAED,gFAAgF;IAChF,+EAA+E;IAC/E,gFAAgF;IAEhF,oCAAoC;IACpC,IAAI,aAAa,GAA4B,IAAI,CAAA;IAEjD;;OAEG;IACH,SAAS,gBAAgB;QACvB,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,aAAa,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAA;QACtD,CAAC;QACD,OAAO,aAAa,CAAA;IACtB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,SAAS,YAAY,CACnB,IAAY,EACZ,MAAqB,EACrB,OAA0B,EAC1B,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACjE,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,gBAAgB,CACvB,IAAY,EACZ,aAAqB,EACrB,MAAyB,EACzB,OAAwB,EACxB,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,gBAAgB,CAAC,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACpF,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,cAAc,CACrB,IAAY,EACZ,MAAuB,EACvB,OAA4B,EAC5B,OAAgC;QAEhC,gBAAgB,EAAE,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACnE,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACH,KAAK,UAAU,KAAK,CAAC,MAAuB;QAC1C,OAAO,gBAAgB,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,UAAU,IAAI;QACjB,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,aAAa,CAAC,IAAI,EAAE,CAAA;QAC5B,CAAC;IACH,CAAC;IAED,OAAO;QACL,4CAA4C;QAC5C,SAAS;QACT,WAAW;QACX,MAAM;QACN,gBAAgB;QAEhB,0CAA0C;QAC1C,YAAY;QACZ,SAAS;QACT,WAAW;QAEX,YAAY;QACZ,SAAS;QAET,8CAA8C;QAC9C,YAAY;QACZ,gBAAgB;QAChB,cAAc;QACd,KAAK;QACL,IAAI;KACL,CAAA;AACH,CAAC","sourcesContent":["/*\n MCP (Model Context Protocol) integration module for Nevermined Payments.\n \n This module provides everything needed to build monetizable MCP servers:\n * - Paywall protection for tools, resources, and prompts\n * - OAuth 2.1 discovery and client registration endpoints\n * - Managed HTTP server or router for existing Express apps\n \n @example Basic usage with withPaywall\n * ```typescript\n * import { Payments } from '@nevermined-io/payments'\n \n const payments = Payments.getInstance({\n * nvmApiKey: process.env.NVM_API_KEY!,\n * environment: 'staging_sandbox'\n * })\n \n // Configure MCP integration\n * payments.mcp.configure({\n * planId: process.env.NVM_PLAN_ID!, // required\n * agentId: process.env.NVM_AGENT_ID, // optional\n * serverName: 'my-mcp-server'\n * })\n \n // Protect a tool handler\n * const protectedHandler = payments.mcp.withPaywall(\n * myToolHandler,\n * { kind: 'tool', name: 'my_tool', credits: 1n }\n * )\n * ```\n \n @example Complete server with OAuth\n * ```typescript\n * // Start a managed server with all OAuth endpoints\n * const { baseUrl, stop } = await payments.mcp.startServer({\n * port: 5001,\n * planId: process.env.NVM_PLAN_ID!, // required\n * agentId: process.env.NVM_AGENT_ID, // optional\n * serverName: 'my-mcp-server',\n * tools: ['hello_world']\n * })\n * ```\n \n @example Using router with existing Express app\n * ```typescript\n * import express from 'express'\n \n const app = express()\n \n // Create OAuth router\n * const router = payments.mcp.createRouter({\n * baseUrl: 'http://localhost:5001',\n * planId: 'plan_123', // required\n * agentId: 'agent_123', // optional\n * serverName: 'my-mcp-server'\n * })\n \n app.use(router)\n * app.listen(5001)\n * ```\n /\nimport type { Payments } from '../payments.js'\nimport type { EnvironmentName } from '../environments.js'\nimport { createOAuthRouter } from './http/oauth-router.js'\nimport { createMcpApp, startManagedServer } from './http/managed-server.js'\nimport { PaywallDecorator } from './core/paywall.js'\nimport { PaywallAuthenticator } from './core/auth.js'\nimport { CreditsContextProvider } from './core/credits-context.js'\nimport { McpServerManager, createServerManager } from './core/server-manager.js'\nimport { ERROR_CODES, createRpcError } from './utils/errors.js'\nimport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n} from './types/server.types.js'\nimport type {\n PaywallOptions,\n ToolOptions,\n ResourceOptions,\n PromptOptions,\n PaywallContext,\n McpConfig,\n} from './types/paywall.types.js'\nimport type { HttpServerResult } from './types/http.types.js'\n\n// Re-export types\nexport type {\n CreditsContext,\n CreditsOption,\n PaywallOptions,\n McpConfig,\n PaywallContext,\n AuthResult,\n} from './types/paywall.types.js'\n\nexport type {\n OAuthUrls,\n OAuthConfig,\n HttpRouterConfig,\n HttpServerConfig,\n HttpServerResult,\n ProtectedResourceMetadata,\n McpProtectedResourceMetadata,\n AuthorizationServerMetadata,\n OidcConfiguration,\n ClientRegistrationRequest,\n ClientRegistrationResponse,\n ServerInfoResponse,\n} from './types/http.types.js'\n\n// Re-export utilities\nexport { buildExtraFromHttpHeaders, buildExtraFromHttpRequest } from './utils/extra.js'\n\n// Re-export simplified API types\nexport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n ServerInfo,\n ToolContext,\n ResourceContext,\n PromptContext,\n} from './types/server.types.js'\n\n// Re-export HTTP module components for advanced usage\nexport {\n getOAuthUrls,\n buildProtectedResourceMetadata,\n buildMcpProtectedResourceMetadata,\n buildAuthorizationServerMetadata,\n buildOidcConfiguration,\n buildServerInfoResponse,\n createOAuthRouter,\n createCorsMiddleware,\n createJsonMiddleware,\n createRequireAuthMiddleware,\n createHttpLoggingMiddleware,\n startManagedServer,\n createMcpApp,\n ClientRegistrationError,\n} from './http/index.js'\n\n/\n Extended MCP configuration including HTTP server options.\n /\nexport interface ExtendedMcpConfig extends McpConfig {\n /* Base URL for the server (required for HTTP features) /\n baseUrl?: string\n /* Nevermined environment /\n environment?: EnvironmentName\n /* Tools exposed by this server /\n tools?: string[]\n /* Custom OAuth scopes /\n scopes?: string[]\n}\n\n/\n Options for creating the OAuth router.\n /\nexport interface CreateRouterOptions {\n /* Base URL of the MCP server /\n baseUrl: string\n /* Payment plan ID — configures the paywall plan for this server (falls back to configure()) /\n planId?: string\n /* Agent ID (optional; OAuth client_id / informational only) /\n agentId?: string\n /* Server name /\n serverName?: string\n /* Tools exposed by this server /\n tools?: string[]\n /* Enable OAuth discovery endpoints /\n enableOAuthDiscovery?: boolean\n /* Enable client registration /\n enableClientRegistration?: boolean\n /* Enable health check /\n enableHealthCheck?: boolean\n /* Enable server info /\n enableServerInfo?: boolean\n /* Server version /\n version?: string\n /* Server description /\n description?: string\n}\n\n/\n Options for starting the managed server.\n /\nexport interface StartServerOptions {\n /* Port to listen on /\n port: number\n /* Host to bind to /\n host?: string\n /* Base URL (defaults to http://localhost:\\{port\\}) /\n baseUrl?: string\n /* Payment plan ID — configures the paywall plan for this server (falls back to configure()) /\n planId?: string\n /* Agent ID (optional; OAuth client_id / informational only) /\n agentId?: string\n /* Server name /\n serverName?: string\n /* Tools exposed by this server /\n tools?: string[]\n /* Enable OAuth discovery endpoints /\n enableOAuthDiscovery?: boolean\n /* Enable client registration /\n enableClientRegistration?: boolean\n /* Enable health check /\n enableHealthCheck?: boolean\n /* Enable server info /\n enableServerInfo?: boolean\n /* Server version /\n version?: string\n /* Server description /\n description?: string\n /* Callback when server starts /\n onStart?: (result: HttpServerResult) => void\n /* Logging callback /\n onLog?: (message: string, level?: 'info' \| 'warn' \| 'error') => void\n}\n\n/\n Build MCP integration with modular architecture.\n * This function creates the complete MCP API surface including\n * paywall protection, OAuth endpoints, and HTTP server management.\n \n @param paymentsService - The Payments instance\n * @returns MCP integration API\n /\nexport function buildMcpIntegration(paymentsService: Payments) {\n const authenticator = new PaywallAuthenticator(paymentsService)\n const creditsContext = new CreditsContextProvider()\n const paywallDecorator = new PaywallDecorator(paymentsService, authenticator, creditsContext)\n\n // Extended configuration storage\n let extendedConfig: ExtendedMcpConfig = {\n planId: '',\n serverName: 'mcp-server',\n }\n\n /\n Configure the MCP integration.\n * This sets up the agent ID, server name, and optional HTTP settings.\n \n @param options - Configuration options\n \n @example\n * ```typescript\n * payments.mcp.configure({\n * planId: 'plan_123', // required\n * serverName: 'my-mcp-server',\n * agentId: 'agent_123', // optional\n * baseUrl: 'http://localhost:5001',\n * environment: 'staging_sandbox',\n * tools: ['hello_world', 'weather']\n * })\n * ```\n /\n function configure(options: ExtendedMcpConfig): void {\n extendedConfig = {\n ...extendedConfig,\n ...options,\n }\n // Also configure the paywall decorator\n paywallDecorator.configure({\n planId: options.planId,\n agentId: options.agentId,\n serverName: options.serverName,\n })\n }\n\n /\n Wrap a handler with paywall protection.\n * The wrapped handler will validate authentication and burn credits.\n \n A `planId` must already be resolvable (per-tool `options.planId` or a\n * server-level one set via `configure()`/`start()`); otherwise this throws\n * at registration time. So register paywalled handlers after the plan is\n * configured — e.g. `configure({ planId })` (or `start({ planId })`, which\n * configures first) before `withPaywall()`/`attach`.\n /\n function withPaywall<TArgs = any>(\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options: ToolOptions \| PromptOptions,\n ): (args: TArgs, extra?: any) => Promise<any>\n function withPaywall<TArgs = any>(\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n ): (args: TArgs, extra?: any) => Promise<any>\n function withPaywall(\n handler: (\n uri: URL,\n variables: Record<string, string \| string[]>,\n extra?: any,\n context?: PaywallContext,\n ) => Promise<any> \| any,\n options: ResourceOptions,\n ): (uri: URL, variables: Record<string, string \| string[]>, extra?: any) => Promise<any>\n function withPaywall(handler: any, options?: ToolOptions \| PromptOptions \| ResourceOptions): any {\n const opts =\n (options as PaywallOptions \| undefined) ?? ({ kind: 'tool', name: 'unnamed' } as any)\n // Fail fast at registration time: a planId must be resolvable from the\n // per-tool option or the server-level config. Otherwise a misconfiguration\n // would only surface on the first tool call.\n if (!opts.planId && !extendedConfig.planId) {\n throw createRpcError(ERROR_CODES.Misconfiguration, 'Server misconfiguration: missing planId')\n }\n return (paywallDecorator.protect as any)(handler, opts)\n }\n\n /\n Authenticate meta MCP operations (initialize, tools/list, etc.).\n \n @param extra - The extra parameter from MCP\n * @param method - The MCP method being called\n * @returns Authentication result\n /\n async function authenticateMeta(extra: any, options: { planId?: string } = {}, method: string) {\n const cfg = extendedConfig\n const agentId = cfg.agentId \|\| undefined\n const serverName = cfg.serverName \|\| 'mcp-server'\n return authenticator.authenticateMeta(\n extra,\n { planId: options?.planId ?? cfg.planId },\n agentId,\n serverName,\n method,\n )\n }\n\n /\n Attach paywall protection to an MCP server.\n * Returns a registrar with protected register methods.\n \n @param server - The MCP server instance\n * @returns Protected registrar\n /\n function attach(server: {\n registerTool: (name: string, config: any, handler: any) => void\n registerResource: (name: string, template: any, config: any, handler: any) => void\n registerPrompt: (name: string, config: any, handler: any) => void\n }) {\n return {\n registerTool<TArgs = any>(\n name: string,\n config: any,\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options?: Omit<ToolOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, { kind: 'tool', name, ...(options \|\| {}) })\n server.registerTool(name, config, protectedHandler)\n },\n registerResource(\n name: string,\n template: any,\n config: any,\n handler: (\n uri: URL,\n variables: Record<string, string \| string[]>,\n extra?: any,\n context?: PaywallContext,\n ) => Promise<any> \| any,\n options?: Omit<ResourceOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, {\n kind: 'resource',\n name,\n ...(options \|\| {}),\n })\n server.registerResource(name, template, config, protectedHandler)\n },\n registerPrompt<TArgs = any>(\n name: string,\n config: any,\n handler: (args: TArgs, extra?: any, context?: PaywallContext) => Promise<any> \| any,\n options?: Omit<PromptOptions, 'kind' \| 'name'>,\n ) {\n const protectedHandler = withPaywall(handler, { kind: 'prompt', name, ...(options \|\| {}) })\n server.registerPrompt(name, config, protectedHandler)\n },\n }\n }\n\n /\n Resolve the effective agentId/serverName/environment for an OAuth transport\n * from per-call options layered over the server-level config, and configure\n * the paywall so tools protected via withPaywall settle on the resolved plan\n * (per-call option wins over a prior configure()). Shared by\n * createRouter/createApp/startServer.\n \n agentId is optional under the plan-centric model (informational/OAuth\n * client_id only); the OAuth router omits client_id when it's absent. planId\n * is the paywall's concern — the OAuth transports below do not consume it.\n /\n function resolveTransportConfig(options: {\n planId?: string\n agentId?: string\n serverName?: string\n }): { agentId?: string; serverName: string; environment: EnvironmentName } {\n const agentId = options.agentId \|\| extendedConfig.agentId\n const serverName = options.serverName \|\| extendedConfig.serverName \|\| 'mcp-server'\n configure({\n planId: options.planId ?? extendedConfig.planId,\n agentId,\n serverName,\n })\n const environment: EnvironmentName =\n extendedConfig.environment \|\| (paymentsService as any).environmentName \|\| 'staging_sandbox'\n return { agentId, serverName, environment }\n }\n\n /\n Create an Express router with OAuth 2.1 endpoints.\n * Use this when you already have an Express app and want to add OAuth support.\n \n @param options - Router configuration\n * @returns Express Router\n \n @example\n * ```typescript\n * const router = payments.mcp.createRouter({\n * baseUrl: 'http://localhost:5001',\n * planId: 'plan_123', // required\n * serverName: 'my-mcp-server',\n * tools: ['hello_world']\n * })\n \n app.use(router)\n * ```\n /\n function createRouter(options: CreateRouterOptions) {\n const { agentId, serverName, environment } = resolveTransportConfig(options)\n\n return createOAuthRouter({\n payments: paymentsService,\n baseUrl: options.baseUrl,\n agentId,\n environment,\n serverName,\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n })\n }\n\n /\n Create an Express app pre-configured with OAuth discovery endpoints.\n * Use this when you want more control over the app before starting.\n \n Note: Authentication is handled by withPaywall() on each tool,\n * not by HTTP middleware.\n \n @param options - App configuration\n * @returns Configured Express app with OAuth endpoints\n \n @example\n * ```typescript\n * const app = payments.mcp.createApp({\n * baseUrl: 'http://localhost:5001',\n * planId: 'plan_123', // required\n * serverName: 'my-mcp-server'\n * })\n \n // Add your MCP handler - auth via withPaywall() on each tool\n * app.post('/mcp', mcpHandler)\n \n app.listen(5001)\n * ```\n /\n function createApp(options: Omit<CreateRouterOptions, 'agentId'> & { agentId?: string }) {\n const { agentId, serverName, environment } = resolveTransportConfig(options)\n\n return createMcpApp({\n payments: paymentsService,\n baseUrl: options.baseUrl,\n agentId,\n environment,\n serverName,\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n })\n }\n\n /\n Start a managed HTTP server with OAuth 2.1 support.\n * This creates a complete Express server with all OAuth endpoints pre-configured.\n \n @param options - Server configuration\n * @returns Server result with control methods\n \n @example\n * ```typescript\n * const { baseUrl, stop } = await payments.mcp.startServer({\n * port: 5001,\n * planId: process.env.NVM_PLAN_ID!, // required\n * serverName: 'my-mcp-server',\n * tools: ['hello_world', 'weather']\n * })\n \n console.log(`Server running at ${baseUrl}`)\n \n // Later: gracefully stop\n * await stop()\n * ```\n /\n async function startServer(options: StartServerOptions): Promise<HttpServerResult> {\n const { agentId, serverName, environment } = resolveTransportConfig(options)\n\n const baseUrl = options.baseUrl \|\| `http://localhost:${options.port}`\n\n return startManagedServer({\n payments: paymentsService,\n port: options.port,\n host: options.host,\n baseUrl,\n agentId,\n environment,\n serverName,\n tools: options.tools \|\| extendedConfig.tools \|\| [],\n scopes: extendedConfig.scopes,\n enableOAuthDiscovery: options.enableOAuthDiscovery ?? true,\n enableClientRegistration: options.enableClientRegistration ?? true,\n enableHealthCheck: options.enableHealthCheck ?? true,\n enableServerInfo: options.enableServerInfo ?? true,\n version: options.version,\n description: options.description,\n onStart: options.onStart,\n onLog: options.onLog,\n })\n }\n\n /\n Get the current configuration.\n \n @returns Current MCP configuration\n /\n function getConfig(): ExtendedMcpConfig {\n return { ...extendedConfig }\n }\n\n // =============================================================================\n // SIMPLIFIED API - High-level API that hides McpServer, Transport, and Express\n // =============================================================================\n\n // Server manager for simplified API\n let serverManager: McpServerManager \| null = null\n\n /\n Get or create the server manager.\n /\n function getServerManager(): McpServerManager {\n if (!serverManager) {\n serverManager = createServerManager(paymentsService)\n }\n return serverManager\n }\n\n /\n Register a tool with the simplified API.\n * Must be called before start().\n \n @param name - Tool name\n * @param config - Tool configuration\n * @param handler - Tool handler function\n * @param options - Registration options (credits, etc.)\n \n @example\n * ```typescript\n * payments.mcp.registerTool(\n * 'hello_world',\n * {\n * description: 'Returns a hello world message',\n * inputSchema: { name: { type: 'string' } }\n * },\n * async (args: { name: string }, context?: ToolContext) => ({\n * content: [{ type: 'text', text: `Hello, ${args.name}!` }]\n * }),\n * { credits: 1, onRedeemError: 'ignore' }\n * )\n * ```\n /\n function registerTool<Args = any>(\n name: string,\n config: McpToolConfig,\n handler: ToolHandler<Args>,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerTool(name, config, handler, options)\n }\n\n /\n Register a resource with the simplified API.\n * Must be called before start().\n \n @param name - Resource name\n * @param uriOrTemplate - Resource URI (string) or template\n * @param config - Resource metadata configuration\n * @param handler - Resource handler function\n * @param options - Registration options (credits, etc.)\n /\n function registerResource(\n name: string,\n uriOrTemplate: string,\n config: McpResourceConfig,\n handler: ResourceHandler,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerResource(name, uriOrTemplate, config, handler, options)\n }\n\n /\n Register a prompt with the simplified API.\n * Must be called before start().\n * Matches the signature of MCP SDK registerPrompt.\n \n @param name - Prompt name\n * @param config - Prompt configuration\n * @param handler - Prompt handler function\n * @param options - Registration options (credits, etc.)\n /\n function registerPrompt<Args = any>(\n name: string,\n config: McpPromptConfig,\n handler: PromptHandler<Args>,\n options?: McpRegistrationOptions,\n ): void {\n getServerManager().registerPrompt(name, config, handler, options)\n }\n\n /\n Start the MCP server with the simplified API.\n * This creates and starts everything: McpServer, Express, OAuth endpoints, etc.\n \n @param config - Server configuration\n * @returns Server result with stop() method\n \n @example\n * ```typescript\n * // Register tools first\n * payments.mcp.registerTool('hello', { description: '...' }, handler)\n \n // Then start the server\n * const { info, stop } = await payments.mcp.start({\n * port: 5001,\n * planId: 'plan_123', // required\n * agentId: 'did:nv:...', // optional\n * serverName: 'my-mcp-server'\n * })\n \n console.log(`Server running at ${info.baseUrl}`)\n \n // Later: stop gracefully\n * await stop()\n * ```\n /\n async function start(config: McpServerConfig): Promise<McpServerResult> {\n return getServerManager().start(config)\n }\n\n /\n Stop the MCP server.\n * This is a convenience method - you can also use the stop() from start()'s result.\n */\n async function stop(): Promise<void> {\n if (serverManager) {\n await serverManager.stop()\n }\n }\n\n return {\n // Core paywall functionality (advanced API)\n configure,\n withPaywall,\n attach,\n authenticateMeta,\n\n // HTTP/OAuth functionality (advanced API)\n createRouter,\n createApp,\n startServer,\n\n // Utilities\n getConfig,\n\n // Simplified API (recommended for most users)\n registerTool,\n registerResource,\n registerPrompt,\n start,\n stop,\n }\n}\n"]}

package/dist/mcp/types/http.types.d.ts CHANGED Viewed

@@ -30,8 +30,8 @@ export type OAuthScope = (typeof DEFAULT_OAUTH_SCOPES)[number];
 export interface OAuthConfig {
     /** Base URL of the MCP server (e.g., http://localhost:5001) */
     baseUrl: string;
-    /** Agent ID (client_id) for OAuth flows */
-    agentId: string;
+    /** Agent ID (client_id) for OAuth flows — optional, informational only */
+    agentId?: string;
     /** Nevermined environment to derive OAuth URLs */
     environment: EnvironmentName;
     /** Custom OAuth URLs (overrides environment defaults) */

package/dist/mcp/types/http.types.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"http.types.d.ts","sourceRoot":"","sources":["../../../src/mcp/types/http.types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,2DAA2D;IAC3D,MAAM,EAAE,MAAM,CAAA;IACd,uCAAuC;IACvC,gBAAgB,EAAE,MAAM,CAAA;IACxB,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,oCAAoC;IACpC,OAAO,EAAE,MAAM,CAAA;IACf,2CAA2C;IAC3C,WAAW,EAAE,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,eAAO,MAAM,oBAAoB,iFAOvB,CAAA;AAEV,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA;AAE9D;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAA;IACf,~~2CAA2C~~;~~IAC3C~~,OAAO,EAAE,MAAM,CAAA;~~IACf~~,kDAAkD;IAClD,WAAW,EAAE,eAAe,CAAA;IAC5B,yDAAyD;IACzD,SAAS,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;IAC9B,sCAAsC;IACtC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,mCAAmC;IACnC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,gDAAgD;IAChD,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,oDAAoD;IACpD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,2BAA2B;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,wDAAwD;IACxD,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,qDAAqD;IACrD,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,6CAA6C;IAC7C,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,sCAAsC;IACtC,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,yCAAyC;IACzC,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,gBAAgB;IACxD,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,2CAA2C;IAC3C,IAAI,CAAC,EAAE,MAAM,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,0CAA0C;IAC1C,MAAM,EAAE,OAAO,MAAM,EAAE,MAAM,CAAA;IAC7B,uCAAuC;IACvC,GAAG,EAAE,OAAO,SAAS,EAAE,WAAW,CAAA;IAClC,iCAAiC;IACjC,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACzB,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAA;IACf,0CAA0C;IAC1C,IAAI,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAA;IAChB,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,wBAAwB,EAAE,MAAM,EAAE,CAAA;IAClC,sBAAsB,CAAC,EAAE,MAAM,CAAA;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,yBAAyB;IAC7E,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B,gBAAgB,CAAC,EAAE;QACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;QAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;KAC1B,CAAA;CACF;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAA;IACd,sBAAsB,EAAE,MAAM,CAAA;IAC9B,cAAc,EAAE,MAAM,CAAA;IACtB,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,wBAAwB,EAAE,MAAM,EAAE,CAAA;IAClC,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,gCAAgC,EAAE,MAAM,EAAE,CAAA;IAC1C,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qCAAqC,EAAE,MAAM,EAAE,CAAA;IAC/C,uBAAuB,EAAE,MAAM,EAAE,CAAA;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,2BAA2B;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAA;IAChD,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAA;IACnC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAA;IACnC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE;QACT,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,QAAQ,CAAC,EAAE,MAAM,CAAA;KAClB,CAAA;IACD,KAAK,CAAC,EAAE;QACN,6BAA6B,EAAE,MAAM,CAAA;QACrC,2BAA2B,EAAE,MAAM,CAAA;QACnC,oBAAoB,EAAE,MAAM,CAAA;QAC5B,sBAAsB,EAAE,MAAM,CAAA;QAC9B,cAAc,EAAE,MAAM,CAAA;QACtB,QAAQ,EAAE,MAAM,CAAA;QAChB,qBAAqB,CAAC,EAAE,MAAM,CAAA;QAC9B,SAAS,EAAE,MAAM,CAAA;QACjB,MAAM,EAAE,MAAM,EAAE,CAAA;KACjB,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB"}
1	+ {"version":3,"file":"http.types.d.ts","sourceRoot":"","sources":["../../../src/mcp/types/http.types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAE5D;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,2DAA2D;IAC3D,MAAM,EAAE,MAAM,CAAA;IACd,uCAAuC;IACvC,gBAAgB,EAAE,MAAM,CAAA;IACxB,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,oCAAoC;IACpC,OAAO,EAAE,MAAM,CAAA;IACf,2CAA2C;IAC3C,WAAW,EAAE,MAAM,CAAA;CACpB;AAED;;GAEG;AACH,eAAO,MAAM,oBAAoB,iFAOvB,CAAA;AAEV,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA;AAE9D;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAA;IACf,0EAA0E;IAC1E,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kDAAkD;IAClD,WAAW,EAAE,eAAe,CAAA;IAC5B,yDAAyD;IACzD,SAAS,CAAC,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;IAC9B,sCAAsC;IACtC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,mCAAmC;IACnC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,gDAAgD;IAChD,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,oDAAoD;IACpD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,2BAA2B;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,wDAAwD;IACxD,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,qDAAqD;IACrD,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,6CAA6C;IAC7C,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,sCAAsC;IACtC,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,yCAAyC;IACzC,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,gBAAiB,SAAQ,gBAAgB;IACxD,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAA;IACZ,2CAA2C;IAC3C,IAAI,CAAC,EAAE,MAAM,CAAA;CACd;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,0CAA0C;IAC1C,MAAM,EAAE,OAAO,MAAM,EAAE,MAAM,CAAA;IAC7B,uCAAuC;IACvC,GAAG,EAAE,OAAO,SAAS,EAAE,WAAW,CAAA;IAClC,iCAAiC;IACjC,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IACzB,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAA;IACf,0CAA0C;IAC1C,IAAI,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAA;IAChB,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,wBAAwB,EAAE,MAAM,EAAE,CAAA;IAClC,sBAAsB,CAAC,EAAE,MAAM,CAAA;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,yBAAyB;IAC7E,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B,gBAAgB,CAAC,EAAE;QACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;QAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;KAC1B,CAAA;CACF;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,MAAM,EAAE,MAAM,CAAA;IACd,sBAAsB,EAAE,MAAM,CAAA;IAC9B,cAAc,EAAE,MAAM,CAAA;IACtB,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,wBAAwB,EAAE,MAAM,EAAE,CAAA;IAClC,qBAAqB,EAAE,MAAM,EAAE,CAAA;IAC/B,gCAAgC,EAAE,MAAM,EAAE,CAAA;IAC1C,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,qCAAqC,EAAE,MAAM,EAAE,CAAA;IAC/C,uBAAuB,EAAE,MAAM,EAAE,CAAA;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,2BAA2B;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAA;IAChD,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAA;IACnC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,0BAA0B,CAAC,EAAE,MAAM,CAAA;IACnC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE;QACT,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,QAAQ,CAAC,EAAE,MAAM,CAAA;KAClB,CAAA;IACD,KAAK,CAAC,EAAE;QACN,6BAA6B,EAAE,MAAM,CAAA;QACrC,2BAA2B,EAAE,MAAM,CAAA;QACnC,oBAAoB,EAAE,MAAM,CAAA;QAC5B,sBAAsB,EAAE,MAAM,CAAA;QAC9B,cAAc,EAAE,MAAM,CAAA;QACtB,QAAQ,EAAE,MAAM,CAAA;QAChB,qBAAqB,CAAC,EAAE,MAAM,CAAA;QAC9B,SAAS,EAAE,MAAM,CAAA;QACjB,MAAM,EAAE,MAAM,EAAE,CAAA;KACjB,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB"}

package/dist/mcp/types/http.types.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"http.types.js","sourceRoot":"","sources":["../../../src/mcp/types/http.types.ts"],"names":[],"mappings":"AAuBA;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,QAAQ;IACR,SAAS;IACT,SAAS;IACT,UAAU;IACV,WAAW;IACX,WAAW;CACH,CAAA","sourcesContent":["/*\n Type definitions for MCP HTTP server and OAuth 2.1 integration.\n * These types configure the automatic OAuth endpoints and HTTP server functionality.\n /\nimport type { EnvironmentName } from '../../environments.js'\n\n/\n OAuth URLs configuration for Nevermined authorization server.\n * These URLs are used to build the OAuth discovery metadata.\n /\nexport interface OAuthUrls {\n /* The issuer identifier (e.g., https://nevermined.app) /\n issuer: string\n /* OAuth authorization endpoint URL /\n authorizationUri: string\n /* OAuth token endpoint URL /\n tokenUri: string\n /* JSON Web Key Set endpoint URL /\n jwksUri: string\n /* OpenID Connect userinfo endpoint URL /\n userinfoUri: string\n}\n\n/\n Scopes supported by the MCP OAuth integration.\n /\nexport const DEFAULT_OAUTH_SCOPES = [\n 'openid',\n 'profile',\n 'credits',\n 'mcp:read',\n 'mcp:write',\n 'mcp:tools',\n] as const\n\nexport type OAuthScope = (typeof DEFAULT_OAUTH_SCOPES)[number]\n\n/\n Configuration for OAuth endpoints and metadata.\n /\nexport interface OAuthConfig {\n /* Base URL of the MCP server (e.g., http://localhost:5001) /\n baseUrl: string\n /* Agent ID (client_id) for OAuth flows /\n agentId: string\n /* Nevermined environment to derive OAuth URLs /\n environment: EnvironmentName\n /* Custom OAuth URLs (overrides environment defaults) /\n oauthUrls?: Partial<OAuthUrls>\n /* Scopes supported by this server /\n scopes?: string[]\n /* Server name for MCP protocol /\n serverName?: string\n /* List of tool names exposed by this server /\n tools?: string[]\n /* List of resource names exposed by this server /\n resources?: string[]\n /* List of prompt names exposed by this server /\n prompts?: string[]\n /* MCP protocol version /\n protocolVersion?: string\n}\n\n/\n Configuration for the HTTP router.\n /\nexport interface HttpRouterConfig extends OAuthConfig {\n /* Enable OAuth discovery endpoints (/.well-known/) /\n enableOAuthDiscovery?: boolean\n /** Enable dynamic client registration (/register) /\n enableClientRegistration?: boolean\n /* Enable health check endpoint (/health) /\n enableHealthCheck?: boolean\n /* Enable server info endpoint (/) /\n enableServerInfo?: boolean\n /* Custom CORS origins (default: '') /\n corsOrigins?: string \| string[]\n}\n\n/*\n Configuration for the managed HTTP server.\n /\nexport interface HttpServerConfig extends HttpRouterConfig {\n /* Port to listen on /\n port: number\n /* Host to bind to (default: '0.0.0.0') /\n host?: string\n}\n\n/\n Result returned when starting the managed HTTP server.\n /\nexport interface HttpServerResult {\n /* The underlying HTTP server instance /\n server: import('http').Server\n /* The Express application instance /\n app: import('express').Application\n /* Stop the server gracefully /\n stop: () => Promise<void>\n /* The base URL of the running server /\n baseUrl: string\n /* The port the server is listening on /\n port: number\n}\n\n/\n OAuth Protected Resource Metadata response (RFC 9728).\n /\nexport interface ProtectedResourceMetadata {\n resource: string\n authorization_servers: string[]\n scopes_supported: string[]\n bearer_methods_supported: string[]\n resource_documentation?: string\n}\n\n/\n MCP-specific Protected Resource Metadata.\n /\nexport interface McpProtectedResourceMetadata extends ProtectedResourceMetadata {\n scopes_required?: string[]\n mcp_capabilities?: {\n tools?: string[]\n protocol_version?: string\n }\n}\n\n/\n OAuth Authorization Server Metadata response (RFC 8414).\n /\nexport interface AuthorizationServerMetadata {\n issuer: string\n authorization_endpoint: string\n token_endpoint: string\n registration_endpoint?: string\n jwks_uri: string\n response_types_supported: string[]\n grant_types_supported: string[]\n code_challenge_methods_supported: string[]\n scopes_supported: string[]\n token_endpoint_auth_methods_supported: string[]\n subject_types_supported: string[]\n}\n\n/\n OpenID Connect Discovery Metadata.\n /\nexport interface OidcConfiguration extends AuthorizationServerMetadata {\n userinfo_endpoint?: string\n id_token_signing_alg_values_supported?: string[]\n claims_supported?: string[]\n}\n\n/\n OAuth Dynamic Client Registration request (RFC 7591).\n /\nexport interface ClientRegistrationRequest {\n redirect_uris: string[]\n client_name?: string\n client_uri?: string\n logo_uri?: string\n scope?: string\n grant_types?: string[]\n response_types?: string[]\n token_endpoint_auth_method?: string\n contacts?: string[]\n}\n\n/\n OAuth Dynamic Client Registration response (RFC 7591).\n /\nexport interface ClientRegistrationResponse {\n client_id: string\n client_id_issued_at: number\n client_name?: string\n redirect_uris: string[]\n scope?: string\n grant_types?: string[]\n response_types?: string[]\n token_endpoint_auth_method?: string\n client_secret?: string\n client_secret_expires_at?: number\n client_uri?: string\n logo_uri?: string\n contacts?: string[]\n}\n\n/\n Server info response for the root endpoint.\n */\nexport interface ServerInfoResponse {\n name: string\n version: string\n description?: string\n endpoints: {\n mcp: string\n health?: string\n register?: string\n }\n oauth?: {\n authorization_server_metadata: string\n protected_resource_metadata: string\n openid_configuration: string\n authorization_endpoint: string\n token_endpoint: string\n jwks_uri: string\n registration_endpoint?: string\n client_id: string\n scopes: string[]\n }\n tools?: string[]\n resources?: string[]\n prompts?: string[]\n}\n"]}
1	+ {"version":3,"file":"http.types.js","sourceRoot":"","sources":["../../../src/mcp/types/http.types.ts"],"names":[],"mappings":"AAuBA;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,QAAQ;IACR,SAAS;IACT,SAAS;IACT,UAAU;IACV,WAAW;IACX,WAAW;CACH,CAAA","sourcesContent":["/*\n Type definitions for MCP HTTP server and OAuth 2.1 integration.\n * These types configure the automatic OAuth endpoints and HTTP server functionality.\n /\nimport type { EnvironmentName } from '../../environments.js'\n\n/\n OAuth URLs configuration for Nevermined authorization server.\n * These URLs are used to build the OAuth discovery metadata.\n /\nexport interface OAuthUrls {\n /* The issuer identifier (e.g., https://nevermined.app) /\n issuer: string\n /* OAuth authorization endpoint URL /\n authorizationUri: string\n /* OAuth token endpoint URL /\n tokenUri: string\n /* JSON Web Key Set endpoint URL /\n jwksUri: string\n /* OpenID Connect userinfo endpoint URL /\n userinfoUri: string\n}\n\n/\n Scopes supported by the MCP OAuth integration.\n /\nexport const DEFAULT_OAUTH_SCOPES = [\n 'openid',\n 'profile',\n 'credits',\n 'mcp:read',\n 'mcp:write',\n 'mcp:tools',\n] as const\n\nexport type OAuthScope = (typeof DEFAULT_OAUTH_SCOPES)[number]\n\n/\n Configuration for OAuth endpoints and metadata.\n /\nexport interface OAuthConfig {\n /* Base URL of the MCP server (e.g., http://localhost:5001) /\n baseUrl: string\n /* Agent ID (client_id) for OAuth flows — optional, informational only /\n agentId?: string\n /* Nevermined environment to derive OAuth URLs /\n environment: EnvironmentName\n /* Custom OAuth URLs (overrides environment defaults) /\n oauthUrls?: Partial<OAuthUrls>\n /* Scopes supported by this server /\n scopes?: string[]\n /* Server name for MCP protocol /\n serverName?: string\n /* List of tool names exposed by this server /\n tools?: string[]\n /* List of resource names exposed by this server /\n resources?: string[]\n /* List of prompt names exposed by this server /\n prompts?: string[]\n /* MCP protocol version /\n protocolVersion?: string\n}\n\n/\n Configuration for the HTTP router.\n /\nexport interface HttpRouterConfig extends OAuthConfig {\n /* Enable OAuth discovery endpoints (/.well-known/) /\n enableOAuthDiscovery?: boolean\n /** Enable dynamic client registration (/register) /\n enableClientRegistration?: boolean\n /* Enable health check endpoint (/health) /\n enableHealthCheck?: boolean\n /* Enable server info endpoint (/) /\n enableServerInfo?: boolean\n /* Custom CORS origins (default: '') /\n corsOrigins?: string \| string[]\n}\n\n/*\n Configuration for the managed HTTP server.\n /\nexport interface HttpServerConfig extends HttpRouterConfig {\n /* Port to listen on /\n port: number\n /* Host to bind to (default: '0.0.0.0') /\n host?: string\n}\n\n/\n Result returned when starting the managed HTTP server.\n /\nexport interface HttpServerResult {\n /* The underlying HTTP server instance /\n server: import('http').Server\n /* The Express application instance /\n app: import('express').Application\n /* Stop the server gracefully /\n stop: () => Promise<void>\n /* The base URL of the running server /\n baseUrl: string\n /* The port the server is listening on /\n port: number\n}\n\n/\n OAuth Protected Resource Metadata response (RFC 9728).\n /\nexport interface ProtectedResourceMetadata {\n resource: string\n authorization_servers: string[]\n scopes_supported: string[]\n bearer_methods_supported: string[]\n resource_documentation?: string\n}\n\n/\n MCP-specific Protected Resource Metadata.\n /\nexport interface McpProtectedResourceMetadata extends ProtectedResourceMetadata {\n scopes_required?: string[]\n mcp_capabilities?: {\n tools?: string[]\n protocol_version?: string\n }\n}\n\n/\n OAuth Authorization Server Metadata response (RFC 8414).\n /\nexport interface AuthorizationServerMetadata {\n issuer: string\n authorization_endpoint: string\n token_endpoint: string\n registration_endpoint?: string\n jwks_uri: string\n response_types_supported: string[]\n grant_types_supported: string[]\n code_challenge_methods_supported: string[]\n scopes_supported: string[]\n token_endpoint_auth_methods_supported: string[]\n subject_types_supported: string[]\n}\n\n/\n OpenID Connect Discovery Metadata.\n /\nexport interface OidcConfiguration extends AuthorizationServerMetadata {\n userinfo_endpoint?: string\n id_token_signing_alg_values_supported?: string[]\n claims_supported?: string[]\n}\n\n/\n OAuth Dynamic Client Registration request (RFC 7591).\n /\nexport interface ClientRegistrationRequest {\n redirect_uris: string[]\n client_name?: string\n client_uri?: string\n logo_uri?: string\n scope?: string\n grant_types?: string[]\n response_types?: string[]\n token_endpoint_auth_method?: string\n contacts?: string[]\n}\n\n/\n OAuth Dynamic Client Registration response (RFC 7591).\n /\nexport interface ClientRegistrationResponse {\n client_id: string\n client_id_issued_at: number\n client_name?: string\n redirect_uris: string[]\n scope?: string\n grant_types?: string[]\n response_types?: string[]\n token_endpoint_auth_method?: string\n client_secret?: string\n client_secret_expires_at?: number\n client_uri?: string\n logo_uri?: string\n contacts?: string[]\n}\n\n/\n Server info response for the root endpoint.\n */\nexport interface ServerInfoResponse {\n name: string\n version: string\n description?: string\n endpoints: {\n mcp: string\n health?: string\n register?: string\n }\n oauth?: {\n authorization_server_metadata: string\n protected_resource_metadata: string\n openid_configuration: string\n authorization_endpoint: string\n token_endpoint: string\n jwks_uri: string\n registration_endpoint?: string\n client_id: string\n scopes: string[]\n }\n tools?: string[]\n resources?: string[]\n prompts?: string[]\n}\n"]}