@nuvlore/extension-access-jira 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/package.json +4 -19
  2. package/vendor/extension-sso/LICENSE +0 -202
  3. package/vendor/extension-sso/README.md +0 -35
  4. package/vendor/extension-sso/commands/okta-login.md +0 -10
  5. package/vendor/extension-sso/package.json +0 -52
  6. package/vendor/extension-sso/skills/workday-okta-auth/SKILL.md +0 -20
  7. package/vendor/extension-sso/src/autoAuth.mjs +0 -25
  8. package/vendor/extension-sso/src/browserLogin.mjs +0 -1
  9. package/vendor/extension-sso/src/chromeCookies.mjs +0 -1
  10. package/vendor/extension-sso/src/cookieJar.mjs +0 -1
  11. package/vendor/extension-sso/src/extensionAccess.mjs +0 -173
  12. package/vendor/extension-sso/src/htmlSessionExtract.mjs +0 -1
  13. package/vendor/extension-sso/src/oktaAppAccess.mjs +0 -133
  14. package/vendor/extension-sso/src/oktaAppCatalog.mjs +0 -118
  15. package/vendor/extension-sso/src/oktaAppRead.mjs +0 -119
  16. package/vendor/extension-sso/src/oktaConfig.mjs +0 -12
  17. package/vendor/extension-sso/src/oktaSession.mjs +0 -32
  18. package/vendor/extension-sso/src/serviceOperations.mjs +0 -407
  19. package/vendor/extension-sso/src/serviceReadSearch.mjs +0 -395
  20. package/vendor/extension-sso/src/serviceReads.mjs +0 -109
  21. package/vendor/extension-sso/src/serviceRegistry.mjs +0 -497
  22. package/vendor/extension-sso/src/sessionAuth.mjs +0 -339
  23. package/vendor/extension-sso/src/sessionManager.mjs +0 -212
  24. package/vendor/extension-sso/src/sessionValidate.mjs +0 -74
  25. package/vendor/extension-sso/src/ssoConfig.mjs +0 -31
  26. package/vendor/extension-sso/src/ssoHttpRead.mjs +0 -292
  27. package/vendor/extension-sso/tools/extension-access-tools.shared.mjs +0 -16
  28. package/vendor/extension-sso/tools/okta-app-tools.shared.mjs +0 -5
  29. package/vendor/extension-sso/tools/okta-tools.shared.mjs +0 -18
  30. package/vendor/extension-sso/tools/workday_extension_read.mjs +0 -51
  31. package/vendor/extension-sso/tools/workday_extension_read_access.mjs +0 -65
  32. package/vendor/extension-sso/tools/workday_list_extension_access.mjs +0 -39
  33. package/vendor/extension-sso/tools/workday_list_okta_apps.mjs +0 -18
  34. package/vendor/extension-sso/tools/workday_list_service_operations.mjs +0 -41
  35. package/vendor/extension-sso/tools/workday_list_service_read_search_capabilities.mjs +0 -34
  36. package/vendor/extension-sso/tools/workday_list_services.mjs +0 -31
  37. package/vendor/extension-sso/tools/workday_okta_app_probe_all.mjs +0 -24
  38. package/vendor/extension-sso/tools/workday_okta_app_read.mjs +0 -30
  39. package/vendor/extension-sso/tools/workday_okta_app_read_access.mjs +0 -25
  40. package/vendor/extension-sso/tools/workday_okta_auth_header.mjs +0 -58
  41. package/vendor/extension-sso/tools/workday_okta_login.mjs +0 -65
  42. package/vendor/extension-sso/tools/workday_okta_open_app.mjs +0 -63
  43. package/vendor/extension-sso/tools/workday_okta_open_service.mjs +0 -63
  44. package/vendor/extension-sso/tools/workday_okta_status.mjs +0 -35
  45. package/vendor/extension-sso/tools/workday_service_auth.mjs +0 -65
  46. package/vendor/extension-sso/tools/workday_service_operation_read.mjs +0 -51
  47. package/vendor/extension-sso/tools/workday_service_read.mjs +0 -56
  48. package/vendor/extension-sso/tools/workday_service_search.mjs +0 -62
  49. package/vendor/extension-sso/tools/workday_sso_cookie_header.mjs +0 -59
  50. package/vendor/extension-sso/vendor/extension-browser-sso/LICENSE +0 -202
  51. package/vendor/extension-sso/vendor/extension-browser-sso/README.md +0 -16
  52. package/vendor/extension-sso/vendor/extension-browser-sso/package.json +0 -47
  53. package/vendor/extension-sso/vendor/extension-browser-sso/src/autoAuth.mjs +0 -47
  54. package/vendor/extension-sso/vendor/extension-browser-sso/src/browserHttpRead.mjs +0 -76
  55. package/vendor/extension-sso/vendor/extension-browser-sso/src/browserLogin.mjs +0 -24
  56. package/vendor/extension-sso/vendor/extension-browser-sso/src/chromeCookies.mjs +0 -192
  57. package/vendor/extension-sso/vendor/extension-browser-sso/src/cookieJar.mjs +0 -132
  58. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/devops-data-paths.mjs +0 -222
  59. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/devops-diagnostics.mjs +0 -440
  60. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/enterprise-api-read.mjs +0 -180
  61. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-command-pack.mjs +0 -1
  62. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-plan.mjs +0 -45
  63. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-shell-policy.d.mts +0 -26
  64. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-shell-policy.mjs +0 -170
  65. package/vendor/extension-sso/vendor/extension-browser-sso/src/htmlSessionExtract.mjs +0 -64
  66. package/vendor/extension-sso/vendor/extension-read-only-toolkit/LICENSE +0 -202
  67. package/vendor/extension-sso/vendor/extension-read-only-toolkit/README.md +0 -29
  68. package/vendor/extension-sso/vendor/extension-read-only-toolkit/package.json +0 -43
  69. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/devops-data-paths.mjs +0 -222
  70. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/devops-diagnostics.mjs +0 -440
  71. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/enterprise-api-read.mjs +0 -180
  72. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-command-pack.mjs +0 -1
  73. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-plan.mjs +0 -45
  74. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-shell-policy.d.mts +0 -26
  75. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-shell-policy.mjs +0 -170
@@ -1,292 +0,0 @@
1
- import { buildRequestUrl, normalizeBaseUrl, parseResponseBody } from "@nuvlore/extension-read-only-toolkit/enterprise-api-read";
2
- import { assertNonHtmlApiResponse } from "@nuvlore/extension-read-only-toolkit/devops-diagnostics";
3
- import { assertReadOnlyHttpRequest } from "./extensionAccess.mjs";
4
- import {
5
- mergeCookies,
6
- resolveBestCookieHost,
7
- saveCookieJar
8
- } from "./cookieJar.mjs";
9
- import { importCookiesFromChrome } from "./sessionManager.mjs";
10
- import { resolveAutoAuthOptions, shouldRetryAuthAfterFailure } from "./autoAuth.mjs";
11
- import { ensureServiceSession } from "./sessionAuth.mjs";
12
- import { getSsoConfig } from "./ssoConfig.mjs";
13
- import { getServiceDomains, getWorkdayService } from "./serviceRegistry.mjs";
14
- import { extractHtmlSession } from "./htmlSessionExtract.mjs";
15
-
16
- /** Per-service HTTP hints for real browser-session API access (GET only). */
17
- export const SSO_HTTP_PROFILES = {
18
- jira: {
19
- apiPrefix: "/rest/api/latest",
20
- extraHeaders: { "X-Atlassian-Token": "no-check" },
21
- verifyPath: "/rest/api/latest/myself",
22
- refererPath: "/secure/Dashboard.jspa"
23
- },
24
- bitbucket: {
25
- apiPrefix: "/rest/api/1.0",
26
- extraHeaders: { "X-Atlassian-Token": "no-check" },
27
- verifyPath: "/rest/api/latest/projects",
28
- verifyFollowRedirects: true
29
- },
30
- confluence: {
31
- apiPrefix: "/rest/api",
32
- extraHeaders: { "X-Atlassian-Token": "no-check" },
33
- verifyPath: "/rest/api/user/current"
34
- },
35
- bamboo: {
36
- apiPrefix: "/rest/api/latest",
37
- extraHeaders: {},
38
- verifyPath: "/rest/api/latest/info"
39
- },
40
- github: {
41
- apiPrefix: "/api/v3",
42
- extraHeaders: { Accept: "application/vnd.github+json" },
43
- verifyPath: "/settings/profile",
44
- verifyMode: "html",
45
- verifyExtract: "github-profile"
46
- },
47
- teamcity: {
48
- apiPrefix: "/app/rest",
49
- extraHeaders: { Accept: "application/json" },
50
- verifyPath: "/login.html",
51
- verifyMode: "html",
52
- verifyExtract: "generic"
53
- },
54
- pharos: {
55
- apiPrefix: "/api",
56
- extraHeaders: { Accept: "application/json" },
57
- verifyPath: "/api/health"
58
- },
59
- dashboard: {
60
- apiPrefix: "/s/readonly",
61
- extraHeaders: {},
62
- verifyPath: "/s/readonly/app/discover"
63
- },
64
- pagerduty: {
65
- apiPrefix: "/api/v2",
66
- extraHeaders: { Accept: "application/vnd.pagerduty+json;version=2" },
67
- verifyPath: "/",
68
- verifyMode: "html",
69
- verifyExtract: "generic"
70
- },
71
- repository: {
72
- apiPrefix: "/artifactory/api",
73
- extraHeaders: {},
74
- verifyPath: "/artifactory/api/system/ping"
75
- },
76
- slack: {
77
- apiPrefix: "/",
78
- extraHeaders: {},
79
- verifyPath: "/",
80
- verifyMode: "html",
81
- verifyExtract: "generic",
82
- verifyFollowRedirects: true
83
- },
84
- sana: {
85
- apiPrefix: "/",
86
- extraHeaders: {},
87
- verifyPath: "/",
88
- verifyMode: "html",
89
- verifyExtract: "generic",
90
- verifyFollowRedirects: true
91
- },
92
- "google-drive": {
93
- apiPrefix: "/drive",
94
- extraHeaders: { Accept: "application/json" },
95
- verifyPath: "/drive/v3/about",
96
- verifyBaseUrl: "https://www.googleapis.com",
97
- verifyQuery: { fields: "user" }
98
- },
99
- "service-hub": {
100
- apiPrefix: "/api/now",
101
- extraHeaders: { Accept: "application/json" },
102
- verifyPath: "/api/now/ui/user/current_user"
103
- },
104
- snyk: {
105
- apiPrefix: "/",
106
- extraHeaders: { Accept: "application/json" },
107
- verifyPath: "/api/me"
108
- },
109
- collibra: {
110
- apiPrefix: "/rest/2.0",
111
- extraHeaders: { Accept: "application/json" },
112
- verifyPath: "/rest/2.0/communities",
113
- verifyQuery: { limit: 1 }
114
- },
115
- mixpanel: {
116
- apiPrefix: "/",
117
- extraHeaders: { Accept: "application/json" },
118
- verifyPath: "/api/app/workspaces"
119
- }
120
- };
121
-
122
- async function refreshServiceCookies(config, serviceId, options = {}) {
123
- const domains = getServiceDomains(serviceId);
124
- const imported = await importCookiesFromChrome(config, [config.domain, ...domains]);
125
- if (!imported?.cookies?.length) return null;
126
- const { jar } = await ensureServiceSession(serviceId, {
127
- config,
128
- openBrowserOnMissing: options.openBrowserOnMissing,
129
- autoAuth: options.autoAuth,
130
- onStatus: options.onStatus
131
- });
132
- const merged = {
133
- ...(jar ?? {}),
134
- cookies: mergeCookies(jar?.cookies ?? [], imported.cookies),
135
- source: "chrome-sync"
136
- };
137
- await saveCookieJar(config.cookieJarPath, merged);
138
- return merged;
139
- }
140
-
141
- async function ssoReadGetOnce(serviceId, input = {}, options = {}) {
142
- const service = getWorkdayService(serviceId);
143
- const profile = SSO_HTTP_PROFILES[serviceId] ?? {};
144
- const authOptions = resolveAutoAuthOptions(options);
145
- const config = authOptions.config ?? getSsoConfig();
146
- const session = await ensureServiceSession(serviceId, { ...authOptions, config });
147
- let jar = session.jar;
148
- jar = (await refreshServiceCookies(config, serviceId, authOptions)) ?? jar;
149
-
150
- const domains = getServiceDomains(serviceId);
151
- const { host, cookie, hasCookies } = resolveBestCookieHost(jar, domains);
152
- if (!hasCookies || !cookie) {
153
- throw new Error(
154
- `No SSO cookies for ${service.label}. Open ${session.authUrl} in Chrome via Okta, then retry.`
155
- );
156
- }
157
-
158
- const readAccess = service.readAccess ?? {};
159
- const baseUrl = normalizeBaseUrl(input.baseUrl || readAccess.defaultBaseUrl || `https://${host}`);
160
- const restPath = String(input.restPath || input.path || "").trim();
161
- if (!restPath) throw new Error("restPath is required.");
162
- const url = buildRequestUrl(baseUrl, restPath, input.query);
163
- const fetchImpl = authOptions.fetchImpl ?? globalThis.fetch;
164
-
165
- const response = await fetchImpl(url, {
166
- method: "GET",
167
- headers: {
168
- accept: "application/json,text/html",
169
- cookie,
170
- "user-agent": `Mozilla/5.0 nuvlore/0.1 ${serviceId}-sso-read`,
171
- ...(profile.refererPath ? { referer: `${baseUrl}${profile.refererPath}` } : {}),
172
- ...(profile.extraHeaders ?? {}),
173
- ...(input.headers ?? {})
174
- },
175
- redirect: input.followRedirects ? "follow" : "manual"
176
- });
177
-
178
- const text = await response.text();
179
- if (!authOptions.allowHtml) {
180
- assertNonHtmlApiResponse(service.label, text);
181
- }
182
- const data = parseResponseBody(text);
183
- if (!response.ok && !authOptions.allowHtml) {
184
- const error = new Error(`${service.label} SSO read failed (${response.status}) at ${restPath}`);
185
- error.status = response.status;
186
- throw error;
187
- }
188
-
189
- return {
190
- readOnly: true,
191
- method: "GET",
192
- service: serviceId,
193
- extension: service.extension,
194
- baseUrl,
195
- host,
196
- restPath,
197
- url: url.toString(),
198
- status: response.status,
199
- contentType: response.headers.get("content-type"),
200
- data
201
- };
202
- }
203
-
204
- export async function ssoReadGet(serviceId, input = {}, options = {}) {
205
- assertReadOnlyHttpRequest({ method: "GET", path: input.restPath || input.path });
206
- const authOptions = resolveAutoAuthOptions(options);
207
- try {
208
- return await ssoReadGetOnce(serviceId, input, authOptions);
209
- } catch (error) {
210
- if (!shouldRetryAuthAfterFailure(error, authOptions)) throw error;
211
- await ensureServiceSession(serviceId, {
212
- ...authOptions,
213
- forceBrowser: true,
214
- openBrowserOnMissing: true
215
- });
216
- return ssoReadGetOnce(serviceId, input, { ...authOptions, _retriedAuth: true });
217
- }
218
- }
219
-
220
- export async function ssoReadHtml(
221
- serviceId,
222
- htmlPath,
223
- { extract = "generic", followRedirects = false } = {},
224
- options = {}
225
- ) {
226
- const result = await ssoReadGet(
227
- serviceId,
228
- { restPath: htmlPath, followRedirects },
229
- { ...options, allowHtml: true }
230
- );
231
- const html = typeof result.data === "string" ? result.data : String(result.data ?? "");
232
- const extracted = extractHtmlSession(extract, html, { url: result.url });
233
- return {
234
- ...result,
235
- mode: "html-session",
236
- extracted,
237
- htmlLength: html.length
238
- };
239
- }
240
-
241
- export async function verifySsoAccess(serviceId, options = {}) {
242
- const profile = SSO_HTTP_PROFILES[serviceId];
243
- const service = getWorkdayService(serviceId);
244
- const verifyPath = options.restPath || profile?.verifyPath || service.readAccess?.restPathPrefix || "/";
245
- const verifyBaseUrl = profile?.verifyBaseUrl;
246
- try {
247
- const result =
248
- profile?.verifyMode === "html"
249
- ? await ssoReadHtml(
250
- serviceId,
251
- verifyPath,
252
- {
253
- extract: profile.verifyExtract ?? "generic",
254
- followRedirects: profile.verifyFollowRedirects ?? false
255
- },
256
- options
257
- )
258
- : await ssoReadGet(
259
- serviceId,
260
- { restPath: verifyPath, query: profile?.verifyQuery, ...(verifyBaseUrl ? { baseUrl: verifyBaseUrl } : {}) },
261
- options
262
- );
263
- const preview =
264
- result.extracted ??
265
- (typeof result.data === "object" ? result.data : String(result.data ?? "").slice(0, 200));
266
- const accessible =
267
- profile?.verifyMode === "html" ? Boolean(result.extracted?.authenticated) : true;
268
- return {
269
- accessible,
270
- readOnly: true,
271
- service: serviceId,
272
- extension: service.extension,
273
- verifyPath,
274
- mode: result.mode ?? "api",
275
- status: result.status,
276
- preview
277
- };
278
- } catch (error) {
279
- return {
280
- accessible: false,
281
- readOnly: true,
282
- service: serviceId,
283
- extension: service.extension,
284
- verifyPath,
285
- error: error instanceof Error ? error.message : String(error)
286
- };
287
- }
288
- }
289
-
290
- export function listSsoHttpServices() {
291
- return Object.keys(SSO_HTTP_PROFILES);
292
- }
@@ -1,16 +0,0 @@
1
- import {
2
- extensionReadGet,
3
- getExtensionReadAccess,
4
- listExtensionReadAccess
5
- } from "../src/extensionAccess.mjs";
6
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
7
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
8
- import {
9
- listServiceReadSearchCapabilities,
10
- readAnyService,
11
- searchAnyService
12
- } from "../src/serviceReadSearch.mjs";
13
-
14
- function textResult(text) {
15
- return { content: [{ type: "text", text }] };
16
- }
@@ -1,5 +0,0 @@
1
- import { getOktaAppReadAccess, listOktaApps, oktaAppReadGet, probeAllOktaApps } from "../src/oktaAppAccess.mjs";
2
-
3
- function textResult(text) {
4
- return { content: [{ type: "text", text }] };
5
- }
@@ -1,18 +0,0 @@
1
- import { getSsoConfig } from "../src/ssoConfig.mjs";
2
- import {
3
- ensureSsoSession,
4
- getOktaCookieHeader,
5
- jarSummary,
6
- loadCookieJar
7
- } from "../src/sessionManager.mjs";
8
- import {
9
- getServiceCookieHeader,
10
- openOktaAppForAuth,
11
- openServiceForAuth
12
- } from "../src/sessionAuth.mjs";
13
- import { getOktaApp } from "../src/oktaAppCatalog.mjs";
14
- import { getWorkdayService, listWorkdayServices } from "../src/serviceRegistry.mjs";
15
-
16
- function textResult(text) {
17
- return { content: [{ type: "text", text }] };
18
- }
@@ -1,51 +0,0 @@
1
- export const description = "Perform a read-only HTTP GET against a Workday extension API using SSO browser cookies. GET only — no POST/PUT/PATCH/DELETE.";
2
- import {
3
- extensionReadGet,
4
- getExtensionReadAccess,
5
- listExtensionReadAccess
6
- } from "../src/extensionAccess.mjs";
7
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
8
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
9
- import {
10
- listServiceReadSearchCapabilities,
11
- readAnyService,
12
- searchAnyService
13
- } from "../src/serviceReadSearch.mjs";
14
-
15
- function textResult(text) {
16
- return { content: [{ type: "text", text }] };
17
- }
18
-
19
-
20
-
21
- export default {
22
- name: "workday_extension_read",
23
- description:
24
- "Perform a read-only HTTP GET against a Workday extension API using SSO browser cookies. GET only — no POST/PUT/PATCH/DELETE.",
25
- inputSchema: {
26
- type: "object",
27
- properties: {
28
- service: { type: "string", description: "Service id, e.g. jira, bitbucket" },
29
- restPath: { type: "string", description: "Relative REST path, e.g. /rest/api/latest/myself" },
30
- baseUrl: { type: "string", description: "Optional override of the Workday default base URL" },
31
- query: {
32
- type: "object",
33
- description: "Optional query string parameters",
34
- additionalProperties: true
35
- }
36
- },
37
- required: ["service", "restPath"]
38
- },
39
- meta: {
40
- permissions: { rule: "ask" },
41
- secret_provider: "keychain"
42
- },
43
- async handler(args) {
44
- const result = await extensionReadGet(String(args.service).toLowerCase(), {
45
- restPath: args.restPath,
46
- baseUrl: args.baseUrl,
47
- query: args.query
48
- });
49
- return textResult(JSON.stringify(result, null, 2));
50
- }
51
- };
@@ -1,65 +0,0 @@
1
- export const description = "Read-only SSO access profile for an Nuvlore extension service (Cookie headers + base URL). Never returns write credentials.";
2
- import {
3
- extensionReadGet,
4
- getExtensionReadAccess,
5
- listExtensionReadAccess
6
- } from "../src/extensionAccess.mjs";
7
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
8
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
9
- import {
10
- listServiceReadSearchCapabilities,
11
- readAnyService,
12
- searchAnyService
13
- } from "../src/serviceReadSearch.mjs";
14
-
15
- function textResult(text) {
16
- return { content: [{ type: "text", text }] };
17
- }
18
-
19
-
20
-
21
- export default {
22
- name: "workday_extension_read_access",
23
- description:
24
- "Read-only SSO access profile for an Nuvlore extension service (Cookie headers + base URL). Never returns write credentials.",
25
- inputSchema: {
26
- type: "object",
27
- properties: {
28
- service: {
29
- type: "string",
30
- description: "Extension service id, e.g. jira, bitbucket, bamboo, bds"
31
- },
32
- extension: {
33
- type: "string",
34
- description: "Alternatively, npm package name e.g. @nuvlore/extension-jira"
35
- }
36
- }
37
- },
38
- meta: {
39
- permissions: { rule: "allow" },
40
- secret_provider: "keychain"
41
- },
42
- async handler(args = {}) {
43
- const serviceId = args.service
44
- ? String(args.service).toLowerCase()
45
- : args.extension
46
- ? getServiceByExtension(String(args.extension)).id
47
- : "";
48
- if (!serviceId) {
49
- return textResult(
50
- JSON.stringify(
51
- {
52
- ok: false,
53
- readOnly: true,
54
- message: "Provide service or extension.",
55
- services: listExtensionReadAccess()
56
- },
57
- null,
58
- 2
59
- )
60
- );
61
- }
62
- const access = await getExtensionReadAccess(serviceId);
63
- return textResult(JSON.stringify({ ok: access.ready !== false, ...access }, null, 2));
64
- }
65
- };
@@ -1,39 +0,0 @@
1
- export const description = "List read-only SSO access modes for every registered Nuvlore extension.";
2
- import {
3
- extensionReadGet,
4
- getExtensionReadAccess,
5
- listExtensionReadAccess
6
- } from "../src/extensionAccess.mjs";
7
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
8
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
9
- import {
10
- listServiceReadSearchCapabilities,
11
- readAnyService,
12
- searchAnyService
13
- } from "../src/serviceReadSearch.mjs";
14
-
15
- function textResult(text) {
16
- return { content: [{ type: "text", text }] };
17
- }
18
-
19
-
20
-
21
- export default {
22
- name: "workday_list_extension_access",
23
- description: "List read-only SSO access modes for every registered Nuvlore extension.",
24
- inputSchema: { type: "object", properties: {} },
25
- meta: { permissions: { rule: "allow" } },
26
- async handler() {
27
- return textResult(
28
- JSON.stringify(
29
- {
30
- readOnly: true,
31
- methods: ["GET"],
32
- services: listExtensionReadAccess()
33
- },
34
- null,
35
- 2
36
- )
37
- );
38
- }
39
- };
@@ -1,18 +0,0 @@
1
- export const description = "List all Okta UserHome apps from workday.okta.com with read-only access metadata.";
2
- import { getOktaAppReadAccess, listOktaApps, oktaAppReadGet, probeAllOktaApps } from "../src/oktaAppAccess.mjs";
3
-
4
- function textResult(text) {
5
- return { content: [{ type: "text", text }] };
6
- }
7
-
8
-
9
-
10
- export default {
11
- name: "workday_list_okta_apps",
12
- description: "List all Okta UserHome apps from workday.okta.com with read-only access metadata.",
13
- inputSchema: { type: "object", properties: {} },
14
- meta: { permissions: { rule: "allow" } },
15
- async handler() {
16
- return textResult(JSON.stringify({ readOnly: true, apps: listOktaApps() }, null, 2));
17
- }
18
- };
@@ -1,41 +0,0 @@
1
- export const description = "List concrete read-only service operations for Jira, Bitbucket, Confluence, Bamboo, GitHub, TeamCity, PagerDuty, Repository, Pharos, and Dashboard.";
2
- import {
3
- extensionReadGet,
4
- getExtensionReadAccess,
5
- listExtensionReadAccess
6
- } from "../src/extensionAccess.mjs";
7
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
8
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
9
- import {
10
- listServiceReadSearchCapabilities,
11
- readAnyService,
12
- searchAnyService
13
- } from "../src/serviceReadSearch.mjs";
14
-
15
- function textResult(text) {
16
- return { content: [{ type: "text", text }] };
17
- }
18
-
19
-
20
-
21
- export default {
22
- name: "workday_list_service_operations",
23
- description:
24
- "List concrete read-only service operations for Jira, Bitbucket, Confluence, Bamboo, GitHub, TeamCity, PagerDuty, Repository, Pharos, and Dashboard.",
25
- inputSchema: { type: "object", properties: {} },
26
- meta: { permissions: { rule: "allow" } },
27
- annotations: { readOnlyHint: true, destructiveHint: false },
28
- async handler() {
29
- return textResult(
30
- JSON.stringify(
31
- {
32
- readOnly: true,
33
- methods: ["GET"],
34
- services: listServiceOperations()
35
- },
36
- null,
37
- 2
38
- )
39
- );
40
- }
41
- };
@@ -1,34 +0,0 @@
1
- export const description = "List read/default-read/search routes for every registered Workday service, including generated Okta app services.";
2
- import {
3
- extensionReadGet,
4
- getExtensionReadAccess,
5
- listExtensionReadAccess
6
- } from "../src/extensionAccess.mjs";
7
- import { getServiceByExtension } from "../src/serviceRegistry.mjs";
8
- import { listServiceOperations, readServiceOperation } from "../src/serviceOperations.mjs";
9
- import {
10
- listServiceReadSearchCapabilities,
11
- readAnyService,
12
- searchAnyService
13
- } from "../src/serviceReadSearch.mjs";
14
-
15
- function textResult(text) {
16
- return { content: [{ type: "text", text }] };
17
- }
18
-
19
-
20
-
21
- export default {
22
- name: "workday_list_service_read_search_capabilities",
23
- description:
24
- "List read/default-read/search routes for every registered Workday service, including generated Okta app services.",
25
- inputSchema: { type: "object", properties: {} },
26
- meta: { permissions: { rule: "allow" } },
27
- annotations: { readOnlyHint: true, destructiveHint: false },
28
- async handler() {
29
- return textResult(JSON.stringify({
30
- readOnly: true,
31
- services: listServiceReadSearchCapabilities()
32
- }, null, 2));
33
- }
34
- };
@@ -1,31 +0,0 @@
1
- export const description = "List Workday services that share Okta SSO authentication.";
2
- import { getSsoConfig } from "../src/ssoConfig.mjs";
3
- import {
4
- ensureSsoSession,
5
- getOktaCookieHeader,
6
- jarSummary,
7
- loadCookieJar
8
- } from "../src/sessionManager.mjs";
9
- import {
10
- getServiceCookieHeader,
11
- openOktaAppForAuth,
12
- openServiceForAuth
13
- } from "../src/sessionAuth.mjs";
14
- import { getOktaApp } from "../src/oktaAppCatalog.mjs";
15
- import { getWorkdayService, listWorkdayServices } from "../src/serviceRegistry.mjs";
16
-
17
- function textResult(text) {
18
- return { content: [{ type: "text", text }] };
19
- }
20
-
21
-
22
-
23
- export default {
24
- name: "workday_list_services",
25
- description: "List Workday services that share Okta SSO authentication.",
26
- inputSchema: { type: "object", properties: {} },
27
- meta: { permissions: { rule: "allow" } },
28
- async handler() {
29
- return textResult(JSON.stringify({ services: listWorkdayServices() }, null, 2));
30
- }
31
- };
@@ -1,24 +0,0 @@
1
- export const description = "Probe read-only readiness for every Okta UserHome app (GET only).";
2
- import { getOktaAppReadAccess, listOktaApps, oktaAppReadGet, probeAllOktaApps } from "../src/oktaAppAccess.mjs";
3
-
4
- function textResult(text) {
5
- return { content: [{ type: "text", text }] };
6
- }
7
-
8
-
9
-
10
- export default {
11
- name: "workday_okta_app_probe_all",
12
- description: "Probe read-only readiness for every Okta UserHome app (GET only).",
13
- inputSchema: { type: "object", properties: {} },
14
- meta: { permissions: { rule: "allow" } },
15
- async handler() {
16
- const results = await probeAllOktaApps();
17
- const summary = {
18
- total: results.length,
19
- ready: results.filter((r) => r.ready).length,
20
- notReady: results.filter((r) => !r.ready).length
21
- };
22
- return textResult(JSON.stringify({ readOnly: true, summary, results }, null, 2));
23
- }
24
- };
@@ -1,30 +0,0 @@
1
- export const description = "Read-only GET for an Okta UserHome app using browser cookies. GET only.";
2
- import { getOktaAppReadAccess, listOktaApps, oktaAppReadGet, probeAllOktaApps } from "../src/oktaAppAccess.mjs";
3
-
4
- function textResult(text) {
5
- return { content: [{ type: "text", text }] };
6
- }
7
-
8
-
9
-
10
- export default {
11
- name: "workday_okta_app_read",
12
- description: "Read-only GET for an Okta UserHome app using browser cookies. GET only.",
13
- inputSchema: {
14
- type: "object",
15
- properties: {
16
- app: { type: "string" },
17
- restPath: { type: "string" },
18
- allowCookieFallback: { type: "boolean", default: true }
19
- },
20
- required: ["app"]
21
- },
22
- meta: { permissions: { rule: "ask" } },
23
- async handler(args) {
24
- const result = await oktaAppReadGet(String(args.app), {
25
- restPath: args.restPath,
26
- allowCookieFallback: args.allowCookieFallback !== false
27
- });
28
- return textResult(JSON.stringify(result, null, 2));
29
- }
30
- };