@nimbus-dev/sdk 1.1.2

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Nimbus Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,34 @@
+# @nimbus-dev/sdk
+
+## What this is
+
+MIT-licensed SDK for authoring Nimbus Model Context Protocol (MCP) connectors. This library provides TypeScript types, base classes, and request-routing primitives to build connectors that run on the Nimbus Gateway.
+
+## Install
+
+```bash
+npm install @nimbus-dev/sdk
+```
+
+## Quickstart
+
+```typescript
+import { McpServer } from "@nimbus-dev/sdk";
+
+const server = new McpServer("my-connector");
+
+server.registerTool("echo", "Echoes input", async (input) => {
+  return { result: input };
+});
+
+server.start();
+```
+
+## See also
+
+- [Nimbus Developer Guide](https://nimbus-agent.dev/)
+- [Model Context Protocol Specification](https://modelcontextprotocol.io/)
+
+## License
+
+MIT

package/dist/audit-logger.d.ts

@@ -0,0 +1,6 @@
+export type AuditEmit = (action: string, payload: Record<string, unknown>) => Promise<void>;
+export interface AuditLogger {
+    log(action: string, payload: Record<string, unknown>): Promise<void>;
+}
+export declare function createScopedAuditLogger(extensionId: string, emit: AuditEmit): AuditLogger;
+//# sourceMappingURL=audit-logger.d.ts.map

package/dist/audit-logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;AAE5F,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACtE;AAED,wBAAgB,uBAAuB,CAAC,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,GAAG,WAAW,CAgBzF"}

package/dist/audit-logger.js

@@ -0,0 +1,18 @@
+export function createScopedAuditLogger(extensionId, emit) {
+    if (!extensionId || extensionId.trim().length === 0) {
+        throw new Error("extensionId must be non-empty");
+    }
+    return {
+        async log(action, payload) {
+            if (!action || action.length === 0) {
+                throw new Error("action must be non-empty");
+            }
+            if (action.includes(":")) {
+                throw new Error("action must not contain a colon (scoping prefix is added automatically)");
+            }
+            const scoped = `${extensionId}:${action}`;
+            await emit(scoped, payload);
+        },
+    };
+}
+//# sourceMappingURL=audit-logger.js.map

package/dist/audit-logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAMA,MAAM,UAAU,uBAAuB,CAAC,WAAmB,EAAE,IAAe;IAC1E,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,OAAO;QACL,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO;YACvB,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAC9C,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;YAC7F,CAAC;YACD,MAAM,MAAM,GAAG,GAAG,WAAW,IAAI,MAAM,EAAE,CAAC;YAC1C,MAAM,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9B,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/contract-tests.d.ts

@@ -0,0 +1,45 @@
+import type { ExtensionManifest } from "./types";
+export declare class ExtensionContractError extends Error {
+    constructor(message: string);
+}
+/**
+ * Tool-name segments that indicate a tool fetches actual ROW / CELL / query-result
+ * data (including log EVENTS) — as opposed to schema/metadata. Used by
+ * {@link assertNoRowDataTools}.
+ *
+ * The service prefix of a tool name must be a single token (e.g. `bigquery_list`,
+ * not `big_query_list`) so that, for example, `bigquery` never splits into a
+ * spurious `query` segment.
+ */
+export declare const ROW_DATA_TOOL_SEGMENTS: ReadonlySet<string>;
+/** A registered MCP tool, reduced to the fields the no-row-data check inspects. */
+export interface RowDataToolCandidate {
+    readonly name: string;
+    readonly description?: string;
+}
+/**
+ * Tier-3 "no-row-data" contract assertion. A warehouse / logging / query connector
+ * must expose ONLY schema/metadata tools (list / get / search over datasets, tables,
+ * schemas, jobs, log groups, models, expectation suites …) and MUST NOT register any
+ * tool that pulls actual row / cell / query-result data into the local index.
+ *
+ * Enforcement is structural at the connector surface (NOT a runtime Gateway
+ * invariant): if the connector never registers a row/cell tool there is nothing to
+ * block at runtime. This assertion is the executable backstop — call it from the
+ * connector's contract test with its registered tool surface so that a future edit
+ * adding a `<svc>_run_query` / `<svc>_get_rows` / `<svc>_sample` / `<svc>_scan` tool
+ * fails CI. A connector that genuinely needs a live-gated row tool is a discrete
+ * `I17` design discussion, out of scope for the no-row-data tier.
+ *
+ * The check is name-based (tool descriptions are not scanned, to avoid false
+ * positives like "does not fetch rows"). Each tool name is split on non-alphanumeric
+ * boundaries and rejected if any segment is in {@link ROW_DATA_TOOL_SEGMENTS}.
+ *
+ * @throws {ExtensionContractError} if any tool name looks like a row/cell fetcher.
+ */
+export declare function assertNoRowDataTools(tools: ReadonlyArray<RowDataToolCandidate>, context?: string): void;
+/**
+ * Validates a {@link ExtensionManifest} for CI / `nimbus test` (no network, no Gateway).
+ */
+export declare function runContractTests(manifest: ExtensionManifest): Promise<void>;
+//# sourceMappingURL=contract-tests.d.ts.map

package/dist/contract-tests.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contract-tests.d.ts","sourceRoot":"","sources":["../src/contract-tests.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAEjD,qBAAa,sBAAuB,SAAQ,KAAK;gBACnC,OAAO,EAAE,MAAM;CAI5B;AAmGD;;;;;;;;GAQG;AACH,eAAO,MAAM,sBAAsB,EAAE,WAAW,CAAC,MAAM,CAwBrD,CAAC;AAEH,mFAAmF;AACnF,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AASD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,aAAa,CAAC,oBAAoB,CAAC,EAC1C,OAAO,SAAc,GACpB,IAAI,CAmBN;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAgBjF"}

package/dist/contract-tests.js

@@ -0,0 +1,191 @@
+import { createScopedAuditLogger } from "./audit-logger";
+import { isHitlRequest } from "./hitl-request";
+export class ExtensionContractError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "ExtensionContractError";
+    }
+}
+const PERMS = new Set(["read", "write", "delete"]);
+const HITL = new Set(["write", "delete"]);
+function isNonEmptyString(v) {
+    return typeof v === "string" && v.trim() !== "";
+}
+function validateRequiredStrings(manifest) {
+    const errors = [];
+    if (!isNonEmptyString(manifest.id)) {
+        errors.push("manifest.id is required");
+    }
+    if (!isNonEmptyString(manifest.displayName)) {
+        errors.push("manifest.displayName is required");
+    }
+    if (!isNonEmptyString(manifest.version)) {
+        errors.push("manifest.version is required");
+    }
+    if (!isNonEmptyString(manifest.description)) {
+        errors.push("manifest.description is required");
+    }
+    if (!isNonEmptyString(manifest.author)) {
+        errors.push("manifest.author is required");
+    }
+    if (!isNonEmptyString(manifest.entrypoint)) {
+        errors.push("manifest.entrypoint is required");
+    }
+    return errors;
+}
+function validateRuntime(manifest) {
+    if (manifest.runtime === "bun" || manifest.runtime === "node") {
+        return [];
+    }
+    return ['manifest.runtime must be "bun" or "node"'];
+}
+function validatePermissions(manifest) {
+    const errors = [];
+    if (!Array.isArray(manifest.permissions)) {
+        errors.push("manifest.permissions must be an array");
+        return errors;
+    }
+    for (const p of manifest.permissions) {
+        if (!PERMS.has(p)) {
+            errors.push(`invalid manifest.permissions entry: ${String(p)}`);
+        }
+    }
+    return errors;
+}
+function validateHitlRequired(manifest) {
+    const errors = [];
+    if (Array.isArray(manifest.hitlRequired)) {
+        for (const h of manifest.hitlRequired) {
+            if (!HITL.has(h)) {
+                errors.push(`invalid manifest.hitlRequired entry: ${String(h)}`);
+            }
+        }
+    }
+    else {
+        errors.push("manifest.hitlRequired must be an array");
+    }
+    return errors;
+}
+function validateMinNimbusVersion(manifest) {
+    if (!isNonEmptyString(manifest.minNimbusVersion)) {
+        return ["manifest.minNimbusVersion is required"];
+    }
+    if (!/^\d+\.\d+\.\d+/.test(manifest.minNimbusVersion.trim())) {
+        return ["manifest.minNimbusVersion must start with semver x.y.z"];
+    }
+    return [];
+}
+function assertV1AuditLoggerShape(logger, extensionId) {
+    const ret = logger.log("test.action", {});
+    if (typeof ret.then !== "function") {
+        throw new ExtensionContractError(`AuditLogger.log must return a Promise (extension ${extensionId})`);
+    }
+}
+function assertV1HitlRequestGuard() {
+    const good = { actionId: "x", summary: "y" };
+    if (!isHitlRequest(good)) {
+        throw new ExtensionContractError("isHitlRequest must accept a valid HitlRequest");
+    }
+    if (isHitlRequest({})) {
+        throw new ExtensionContractError("isHitlRequest must reject an empty object");
+    }
+    if (isHitlRequest({ actionId: "", summary: "y" })) {
+        throw new ExtensionContractError("isHitlRequest must reject empty actionId");
+    }
+}
+/**
+ * Tool-name segments that indicate a tool fetches actual ROW / CELL / query-result
+ * data (including log EVENTS) — as opposed to schema/metadata. Used by
+ * {@link assertNoRowDataTools}.
+ *
+ * The service prefix of a tool name must be a single token (e.g. `bigquery_list`,
+ * not `big_query_list`) so that, for example, `bigquery` never splits into a
+ * spurious `query` segment.
+ */
+export const ROW_DATA_TOOL_SEGMENTS = new Set([
+    "query",
+    "queries",
+    "row",
+    "rows",
+    "cell",
+    "cells",
+    "record",
+    "records",
+    "event",
+    "events",
+    "result",
+    "results",
+    "tabledata",
+    "scan",
+    "sample",
+    "samples",
+    "select",
+    "values",
+    "preview",
+    "head",
+    "dump",
+    "export",
+    "download",
+]);
+function toolNameSegments(name) {
+    return name
+        .toLowerCase()
+        .split(/[^a-z0-9]+/)
+        .filter((s) => s.length > 0);
+}
+/**
+ * Tier-3 "no-row-data" contract assertion. A warehouse / logging / query connector
+ * must expose ONLY schema/metadata tools (list / get / search over datasets, tables,
+ * schemas, jobs, log groups, models, expectation suites …) and MUST NOT register any
+ * tool that pulls actual row / cell / query-result data into the local index.
+ *
+ * Enforcement is structural at the connector surface (NOT a runtime Gateway
+ * invariant): if the connector never registers a row/cell tool there is nothing to
+ * block at runtime. This assertion is the executable backstop — call it from the
+ * connector's contract test with its registered tool surface so that a future edit
+ * adding a `<svc>_run_query` / `<svc>_get_rows` / `<svc>_sample` / `<svc>_scan` tool
+ * fails CI. A connector that genuinely needs a live-gated row tool is a discrete
+ * `I17` design discussion, out of scope for the no-row-data tier.
+ *
+ * The check is name-based (tool descriptions are not scanned, to avoid false
+ * positives like "does not fetch rows"). Each tool name is split on non-alphanumeric
+ * boundaries and rejected if any segment is in {@link ROW_DATA_TOOL_SEGMENTS}.
+ *
+ * @throws {ExtensionContractError} if any tool name looks like a row/cell fetcher.
+ */
+export function assertNoRowDataTools(tools, context = "connector") {
+    const offenders = [];
+    for (const tool of tools) {
+        if (typeof tool?.name !== "string" || tool.name.trim() === "") {
+            continue;
+        }
+        const hit = toolNameSegments(tool.name).find((s) => ROW_DATA_TOOL_SEGMENTS.has(s));
+        if (hit !== undefined) {
+            offenders.push(`${tool.name} (row-data segment "${hit}")`);
+        }
+    }
+    if (offenders.length > 0) {
+        throw new ExtensionContractError(`no-row-data contract violated: ${context} must expose only schema/metadata tools, ` +
+            `but these look like row/cell/result fetchers: ${offenders.join(", ")}. Remove the ` +
+            `tool, or — if a live-gated row tool is genuinely required — raise it as a discrete ` +
+            `I17 design discussion (out of scope for the no-row-data tier).`);
+    }
+}
+/**
+ * Validates a {@link ExtensionManifest} for CI / `nimbus test` (no network, no Gateway).
+ */
+export async function runContractTests(manifest) {
+    const errors = [
+        ...validateRequiredStrings(manifest),
+        ...validateRuntime(manifest),
+        ...validatePermissions(manifest),
+        ...validateHitlRequired(manifest),
+        ...validateMinNimbusVersion(manifest),
+    ];
+    if (errors.length > 0) {
+        throw new ExtensionContractError(errors.join("; "));
+    }
+    assertV1HitlRequestGuard();
+    assertV1AuditLoggerShape(createScopedAuditLogger(manifest.id, async () => { }), manifest.id);
+}
+//# sourceMappingURL=contract-tests.js.map

package/dist/contract-tests.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"contract-tests.js","sourceRoot":"","sources":["../src/contract-tests.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,EAAoB,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAGjE,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAC/C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACvC,CAAC;CACF;AAED,MAAM,KAAK,GAAG,IAAI,GAAG,CAA2C,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AAC7F,MAAM,IAAI,GAAG,IAAI,GAAG,CAA4C,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AAErF,SAAS,gBAAgB,CAAC,CAAU;IAClC,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;AAClD,CAAC;AAED,SAAS,uBAAuB,CAAC,QAA2B;IAC1D,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,QAA2B;IAClD,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,IAAI,QAAQ,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;QAC9D,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,CAAC,0CAA0C,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,mBAAmB,CAAC,QAA2B;IACtD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QACrD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAClB,MAAM,CAAC,IAAI,CAAC,uCAAuC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,oBAAoB,CAAC,QAA2B;IACvD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YACtC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjB,MAAM,CAAC,IAAI,CAAC,wCAAwC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,wBAAwB,CAAC,QAA2B;IAC3D,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,uCAAuC,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;QAC7D,OAAO,CAAC,wDAAwD,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,wBAAwB,CAAC,MAAmB,EAAE,WAAmB;IACxE,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IAC1C,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACnC,MAAM,IAAI,sBAAsB,CAC9B,oDAAoD,WAAW,GAAG,CACnE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB;IAC/B,MAAM,IAAI,GAAgB,EAAE,QAAQ,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;IAC1D,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,sBAAsB,CAAC,+CAA+C,CAAC,CAAC;IACpF,CAAC;IACD,IAAI,aAAa,CAAC,EAAE,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,sBAAsB,CAAC,2CAA2C,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,aAAa,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAClD,MAAM,IAAI,sBAAsB,CAAC,0CAA0C,CAAC,CAAC;IAC/E,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAwB,IAAI,GAAG,CAAS;IACzE,OAAO;IACP,SAAS;IACT,KAAK;IACL,MAAM;IACN,MAAM;IACN,OAAO;IACP,QAAQ;IACR,SAAS;IACT,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,WAAW;IACX,MAAM;IACN,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;CACX,CAAC,CAAC;AAQH,SAAS,gBAAgB,CAAC,IAAY;IACpC,OAAO,IAAI;SACR,WAAW,EAAE;SACb,KAAK,CAAC,YAAY,CAAC;SACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,UAAU,oBAAoB,CAClC,KAA0C,EAC1C,OAAO,GAAG,WAAW;IAErB,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,OAAO,IAAI,EAAE,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC9D,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,SAAS,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,uBAAuB,GAAG,IAAI,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IACD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,sBAAsB,CAC9B,kCAAkC,OAAO,2CAA2C;YAClF,iDAAiD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe;YACpF,qFAAqF;YACrF,gEAAgE,CACnE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAA2B;IAChE,MAAM,MAAM,GAAa;QACvB,GAAG,uBAAuB,CAAC,QAAQ,CAAC;QACpC,GAAG,eAAe,CAAC,QAAQ,CAAC;QAC5B,GAAG,mBAAmB,CAAC,QAAQ,CAAC;QAChC,GAAG,oBAAoB,CAAC,QAAQ,CAAC;QACjC,GAAG,wBAAwB,CAAC,QAAQ,CAAC;KACtC,CAAC;IACF,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACtD,CAAC;IACD,wBAAwB,EAAE,CAAC;IAC3B,wBAAwB,CACtB,uBAAuB,CAAC,QAAQ,CAAC,EAAE,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC,EACpD,QAAQ,CAAC,EAAE,CACZ,CAAC;AACJ,CAAC"}

package/dist/crypto/app-store-connect-jwt.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Apple App Store Connect API authentication — a short-lived ES256 JWT.
+ *
+ * The App Store Connect API authenticates with a JWT bearer token minted from
+ * the developer's EC P-256 `.p8` private key (Apple caps the lifetime at 20
+ * min). Shared so the gateway sync and a connector's MCP server sign
+ * identically without duplicating the flow.
+ *
+ * See: https://developer.apple.com/documentation/appstoreconnectapi/generating-tokens-for-api-requests
+ */
+export interface AppStoreConnectJwtParams {
+    readonly issuerId: string;
+    readonly keyId: string;
+    /** Full `.p8` PEM text (`-----BEGIN PRIVATE KEY----- …`). */
+    readonly privateKeyPem: string;
+}
+/** Mint an ES256 JWT bearer token for the App Store Connect API. */
+export declare function signAppStoreConnectJwt(params: AppStoreConnectJwtParams, nowMs?: number): string;
+//# sourceMappingURL=app-store-connect-jwt.d.ts.map

package/dist/crypto/app-store-connect-jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"app-store-connect-jwt.d.ts","sourceRoot":"","sources":["../../src/crypto/app-store-connect-jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,6DAA6D;IAC7D,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;CAChC;AAKD,oEAAoE;AACpE,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,wBAAwB,EAChC,KAAK,GAAE,MAAmB,GACzB,MAAM,CAcR"}

package/dist/crypto/app-store-connect-jwt.js

@@ -0,0 +1,30 @@
+/**
+ * Apple App Store Connect API authentication — a short-lived ES256 JWT.
+ *
+ * The App Store Connect API authenticates with a JWT bearer token minted from
+ * the developer's EC P-256 `.p8` private key (Apple caps the lifetime at 20
+ * min). Shared so the gateway sync and a connector's MCP server sign
+ * identically without duplicating the flow.
+ *
+ * See: https://developer.apple.com/documentation/appstoreconnectapi/generating-tokens-for-api-requests
+ */
+import { signJwt } from "./jwt";
+const AUDIENCE = "appstoreconnect-v1";
+const TOKEN_TTL_SECONDS = 600;
+/** Mint an ES256 JWT bearer token for the App Store Connect API. */
+export function signAppStoreConnectJwt(params, nowMs = Date.now()) {
+    const nowSec = Math.floor(nowMs / 1000);
+    return signJwt({
+        header: { alg: "ES256", kid: params.keyId, typ: "JWT" },
+        payload: {
+            iss: params.issuerId,
+            iat: nowSec,
+            exp: nowSec + TOKEN_TTL_SECONDS,
+            aud: AUDIENCE,
+        },
+        privateKeyPem: params.privateKeyPem,
+        // ES256 = ECDSA over P-256; `ieee-p1363` gives the raw r||s JWS needs.
+        dsaEncoding: "ieee-p1363",
+    });
+}
+//# sourceMappingURL=app-store-connect-jwt.js.map

package/dist/crypto/app-store-connect-jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"app-store-connect-jwt.js","sourceRoot":"","sources":["../../src/crypto/app-store-connect-jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,OAAO,CAAC;AAShC,MAAM,QAAQ,GAAG,oBAAoB,CAAC;AACtC,MAAM,iBAAiB,GAAG,GAAG,CAAC;AAE9B,oEAAoE;AACpE,MAAM,UAAU,sBAAsB,CACpC,MAAgC,EAChC,QAAgB,IAAI,CAAC,GAAG,EAAE;IAE1B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC;IACxC,OAAO,OAAO,CAAC;QACb,MAAM,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE;QACvD,OAAO,EAAE;YACP,GAAG,EAAE,MAAM,CAAC,QAAQ;YACpB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,MAAM,GAAG,iBAAiB;YAC/B,GAAG,EAAE,QAAQ;SACd;QACD,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,uEAAuE;QACvE,WAAW,EAAE,YAAY;KAC1B,CAAC,CAAC;AACL,CAAC"}

package/dist/crypto/canonical-json.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Deterministic JSON canonicalization for extension manifests.
+ *
+ * Used as the input to Ed25519 manifest signing (T2 PR 2 / I16). The signed
+ * bytes are the manifest with the `signature` field stripped, re-serialized
+ * via the rules below. Signing and verifying both call into this module so
+ * the byte sequences match exactly.
+ *
+ * Rules:
+ * - Object keys sorted in lexicographic UTF-16 code-unit order (JS `Array.sort` default).
+ * - String VALUES Unicode-normalized to NFC so semantically-equal strings
+ *   yield identical bytes regardless of how the source editor encoded them.
+ *   Object KEYS are NOT normalized — the publisher signs them byte-for-byte
+ *   as serialized.
+ * - Integer numbers only (manifests have no floating-point fields).
+ * - No whitespace; UTF-8 encoded.
+ * - Recursion capped at MAX_DEPTH (32) — real manifests have depth ≤ 4; the
+ *   cap defends against a maliciously crafted manifest blowing the stack.
+ *
+ * Preconditions: callers pass values produced by `JSON.parse`. That domain
+ * guarantees no cycles, no undefined / function / symbol values, no NaN /
+ * Infinity. The thrown error classes below are defensive for callers that
+ * violate the precondition (e.g. constructing the input in-memory).
+ */
+export declare class NonIntegerNumberInManifest extends Error {
+    readonly name = "NonIntegerNumberInManifest";
+}
+export declare class UnsupportedManifestValueType extends Error {
+    readonly name = "UnsupportedManifestValueType";
+}
+export declare class ManifestNestedTooDeep extends Error {
+    readonly name = "ManifestNestedTooDeep";
+}
+export declare function canonicalize(value: unknown, depth?: number): string;
+export declare function canonicalizeManifest(manifest: object): Uint8Array;
+//# sourceMappingURL=canonical-json.d.ts.map

package/dist/crypto/canonical-json.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonical-json.d.ts","sourceRoot":"","sources":["../../src/crypto/canonical-json.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,qBAAa,0BAA2B,SAAQ,KAAK;IACnD,SAAkB,IAAI,gCAAgC;CACvD;AACD,qBAAa,4BAA6B,SAAQ,KAAK;IACrD,SAAkB,IAAI,kCAAkC;CACzD;AACD,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,SAAkB,IAAI,2BAA2B;CAClD;AAID,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,SAAI,GAAG,MAAM,CA6B9D;AAED,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,CAIjE"}

package/dist/crypto/canonical-json.js

@@ -0,0 +1,75 @@
+/**
+ * Deterministic JSON canonicalization for extension manifests.
+ *
+ * Used as the input to Ed25519 manifest signing (T2 PR 2 / I16). The signed
+ * bytes are the manifest with the `signature` field stripped, re-serialized
+ * via the rules below. Signing and verifying both call into this module so
+ * the byte sequences match exactly.
+ *
+ * Rules:
+ * - Object keys sorted in lexicographic UTF-16 code-unit order (JS `Array.sort` default).
+ * - String VALUES Unicode-normalized to NFC so semantically-equal strings
+ *   yield identical bytes regardless of how the source editor encoded them.
+ *   Object KEYS are NOT normalized — the publisher signs them byte-for-byte
+ *   as serialized.
+ * - Integer numbers only (manifests have no floating-point fields).
+ * - No whitespace; UTF-8 encoded.
+ * - Recursion capped at MAX_DEPTH (32) — real manifests have depth ≤ 4; the
+ *   cap defends against a maliciously crafted manifest blowing the stack.
+ *
+ * Preconditions: callers pass values produced by `JSON.parse`. That domain
+ * guarantees no cycles, no undefined / function / symbol values, no NaN /
+ * Infinity. The thrown error classes below are defensive for callers that
+ * violate the precondition (e.g. constructing the input in-memory).
+ */
+export class NonIntegerNumberInManifest extends Error {
+    name = "NonIntegerNumberInManifest";
+}
+export class UnsupportedManifestValueType extends Error {
+    name = "UnsupportedManifestValueType";
+}
+export class ManifestNestedTooDeep extends Error {
+    name = "ManifestNestedTooDeep";
+}
+const MAX_DEPTH = 32;
+export function canonicalize(value, depth = 0) {
+    if (depth > MAX_DEPTH)
+        throw new ManifestNestedTooDeep();
+    if (value === null)
+        return "null";
+    if (value === true)
+        return "true";
+    if (value === false)
+        return "false";
+    if (typeof value === "string") {
+        return JSON.stringify(value.normalize("NFC"));
+    }
+    if (typeof value === "number") {
+        if (!Number.isInteger(value))
+            throw new NonIntegerNumberInManifest();
+        return String(value);
+    }
+    if (Array.isArray(value)) {
+        return `[${value.map((v) => canonicalize(v, depth + 1)).join(",")}]`;
+    }
+    if (typeof value === "object") {
+        const obj = value;
+        const keys = Object.keys(obj).sort((a, b) => {
+            if (a < b)
+                return -1;
+            if (a > b)
+                return 1;
+            return 0;
+        });
+        return ("{" +
+            keys.map((k) => `${JSON.stringify(k)}:${canonicalize(obj[k], depth + 1)}`).join(",") +
+            "}");
+    }
+    throw new UnsupportedManifestValueType();
+}
+export function canonicalizeManifest(manifest) {
+    const clone = { ...manifest };
+    delete clone["signature"];
+    return new TextEncoder().encode(canonicalize(clone));
+}
+//# sourceMappingURL=canonical-json.js.map

package/dist/crypto/canonical-json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonical-json.js","sourceRoot":"","sources":["../../src/crypto/canonical-json.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IACjC,IAAI,GAAG,4BAA4B,CAAC;CACvD;AACD,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IACnC,IAAI,GAAG,8BAA8B,CAAC;CACzD;AACD,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAC5B,IAAI,GAAG,uBAAuB,CAAC;CAClD;AAED,MAAM,SAAS,GAAG,EAAE,CAAC;AAErB,MAAM,UAAU,YAAY,CAAC,KAAc,EAAE,KAAK,GAAG,CAAC;IACpD,IAAI,KAAK,GAAG,SAAS;QAAE,MAAM,IAAI,qBAAqB,EAAE,CAAC;IACzD,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAClC,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAClC,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,OAAO,CAAC;IACpC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,MAAM,IAAI,0BAA0B,EAAE,CAAC;QACrE,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IACvE,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,KAAgC,CAAC;QAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YAC1C,IAAI,CAAC,GAAG,CAAC;gBAAE,OAAO,CAAC,CAAC,CAAC;YACrB,IAAI,CAAC,GAAG,CAAC;gBAAE,OAAO,CAAC,CAAC;YACpB,OAAO,CAAC,CAAC;QACX,CAAC,CAAC,CAAC;QACH,OAAO,CACL,GAAG;YACH,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;YACpF,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,4BAA4B,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,QAAgB;IACnD,MAAM,KAAK,GAA4B,EAAE,GAAI,QAAoC,EAAE,CAAC;IACpF,OAAO,KAAK,CAAC,WAAW,CAAC,CAAC;IAC1B,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;AACvD,CAAC"}

package/dist/crypto/jwt.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Compact JWS (JWT) signing primitive shared by connector auth flows.
+ *
+ * A first-party connector that authenticates with a signed JWT must sign in
+ * TWO places that cannot import each other across the package boundary — the
+ * gateway-side sync handler and the connector's own MCP server. Hosting the
+ * signer here (the SDK, which both may import) keeps a single source of truth.
+ *
+ * Uses `node:crypto` only — no runtime dependency, so the SDK stays dep-free.
+ */
+/** base64url-encode the JSON serialization of `value` (a JWT header/payload). */
+export declare function base64UrlJson(value: unknown): string;
+export interface SignJwtOptions {
+    readonly header: Record<string, unknown>;
+    readonly payload: Record<string, unknown>;
+    /** Full PEM text of the signing private key (`-----BEGIN PRIVATE KEY----- …`). */
+    readonly privateKeyPem: string;
+    /**
+     * ECDSA (e.g. ES256) requires `"ieee-p1363"` — the raw `r||s` encoding JWS
+     * mandates. Omit for RSA (e.g. RS256), which uses PKCS#1 v1.5 / DER.
+     */
+    readonly dsaEncoding?: "ieee-p1363" | "der";
+}
+/**
+ * Sign a compact JWS — `base64url(header).base64url(payload).base64url(sig)` —
+ * over SHA-256. The digest name is passed explicitly ("sha256") rather than
+ * `null` so the signer works on Bun's BoringSSL, which has no default digest.
+ */
+export declare function signJwt(opts: SignJwtOptions): string;
+//# sourceMappingURL=jwt.d.ts.map

package/dist/crypto/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/crypto/jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,iFAAiF;AACjF,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAEpD;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC1C,kFAAkF;IAClF,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B;;;OAGG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,YAAY,GAAG,KAAK,CAAC;CAC7C;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,MAAM,CASpD"}

package/dist/crypto/jwt.js

@@ -0,0 +1,30 @@
+/**
+ * Compact JWS (JWT) signing primitive shared by connector auth flows.
+ *
+ * A first-party connector that authenticates with a signed JWT must sign in
+ * TWO places that cannot import each other across the package boundary — the
+ * gateway-side sync handler and the connector's own MCP server. Hosting the
+ * signer here (the SDK, which both may import) keeps a single source of truth.
+ *
+ * Uses `node:crypto` only — no runtime dependency, so the SDK stays dep-free.
+ */
+import crypto from "node:crypto";
+/** base64url-encode the JSON serialization of `value` (a JWT header/payload). */
+export function base64UrlJson(value) {
+    return Buffer.from(JSON.stringify(value), "utf8").toString("base64url");
+}
+/**
+ * Sign a compact JWS — `base64url(header).base64url(payload).base64url(sig)` —
+ * over SHA-256. The digest name is passed explicitly ("sha256") rather than
+ * `null` so the signer works on Bun's BoringSSL, which has no default digest.
+ */
+export function signJwt(opts) {
+    const signingInput = `${base64UrlJson(opts.header)}.${base64UrlJson(opts.payload)}`;
+    const data = Buffer.from(signingInput, "utf8");
+    const key = crypto.createPrivateKey(opts.privateKeyPem);
+    const signature = opts.dsaEncoding === undefined
+        ? crypto.sign("sha256", data, key)
+        : crypto.sign("sha256", data, { key, dsaEncoding: opts.dsaEncoding });
+    return `${signingInput}.${signature.toString("base64url")}`;
+}
+//# sourceMappingURL=jwt.js.map

package/dist/crypto/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../src/crypto/jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,iFAAiF;AACjF,MAAM,UAAU,aAAa,CAAC,KAAc;IAC1C,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC1E,CAAC;AAcD;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,IAAoB;IAC1C,MAAM,YAAY,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;IACpF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAC/C,MAAM,GAAG,GAAG,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACxD,MAAM,SAAS,GACb,IAAI,CAAC,WAAW,KAAK,SAAS;QAC5B,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC;QAClC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IAC1E,OAAO,GAAG,YAAY,IAAI,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;AAC9D,CAAC"}

package/dist/crypto/service-account-token.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Google service-account OAuth2 access tokens via the JWT-bearer grant.
+ *
+ * Google Cloud REST APIs (App Distribution, BigQuery, …) accept a short-lived
+ * OAuth2 access token. This mints one from a service-account key (the JSON the
+ * developer downloads) by signing an RS256 JWT assertion and exchanging it at
+ * the token endpoint — no `googleapis` dependency. Shared so the gateway sync
+ * and a connector's MCP server sign identically without duplicating the flow.
+ *
+ * See: https://developers.google.com/identity/protocols/oauth2/service-account
+ */
+export interface GoogleServiceAccount {
+    readonly clientEmail: string;
+    readonly privateKey: string;
+    readonly tokenUri: string;
+}
+/**
+ * Parse a service-account key JSON string into the fields the JWT-bearer flow
+ * needs. Returns null on malformed JSON or a missing `client_email` /
+ * `private_key`; `token_uri` defaults to Google's endpoint when absent.
+ */
+export declare function parseServiceAccountJson(json: string): GoogleServiceAccount | null;
+/**
+ * Sign an RS256 JWT assertion for the JWT-bearer grant. `nowMs` is injectable
+ * so tests can assert deterministic `iat`/`exp`; `scope` defaults to
+ * `cloud-platform`.
+ */
+export declare function signServiceAccountAssertion(sa: GoogleServiceAccount, nowMs?: number, scope?: string): string;
+export type FetchLike = (input: string | URL, init?: RequestInit) => Promise<Response>;
+/**
+ * Exchange a service-account assertion for an OAuth2 access token. `fetchFn` and
+ * `nowMs` are injectable for tests; the live path uses the global `fetch`.
+ * Returns null when the token endpoint declines the assertion.
+ */
+export declare function mintGoogleAccessToken(sa: GoogleServiceAccount, fetchFn?: FetchLike, nowMs?: number, scope?: string): Promise<string | null>;
+//# sourceMappingURL=service-account-token.d.ts.map

package/dist/crypto/service-account-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service-account-token.d.ts","sourceRoot":"","sources":["../../src/crypto/service-account-token.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAUH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAMD;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI,CAqBjF;AAED;;;;GAIG;AACH,wBAAgB,2BAA2B,CACzC,EAAE,EAAE,oBAAoB,EACxB,KAAK,GAAE,MAAmB,EAC1B,KAAK,GAAE,MAA6B,GACnC,MAAM,CAaR;AAED,MAAM,MAAM,SAAS,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;AAEvF;;;;GAIG;AACH,wBAAsB,qBAAqB,CACzC,EAAE,EAAE,oBAAoB,EACxB,OAAO,GAAE,SAAyC,EAClD,KAAK,GAAE,MAAmB,EAC1B,KAAK,GAAE,MAA6B,GACnC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAqBxB"}