@optimizely-opal/opal-tool-ocp-sdk 1.1.0-beta.1 → 1.1.0

package/dist/types/Models.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.IslandResponse = exports.IslandConfig = exports.IslandAction = exports.IslandField = exports.AuthRequirement = exports.OptiIdAuthData = exports.OptiIdAuthDataCredentials = exports.Parameter = exports.ParameterType = void 0;
+exports.IslandResponse = exports.IslandConfig = exports.IslandAction = exports.IslandField = exports.AuthRequirement = exports.Parameter = exports.ParameterType = void 0;
 /* eslint-disable max-classes-per-file */
 /**
  * Types of parameters supported by Opal tools
@@ -48,34 +48,6 @@ class Parameter {
     }
 }
 exports.Parameter = Parameter;
-/**
- * Credentials structure
- */
-class OptiIdAuthDataCredentials {
-    customer_id;
-    instance_id;
-    access_token;
-    product_sku;
-    constructor(customer_id, instance_id, access_token, product_sku) {
-        this.customer_id = customer_id;
-        this.instance_id = instance_id;
-        this.access_token = access_token;
-        this.product_sku = product_sku;
-    }
-}
-exports.OptiIdAuthDataCredentials = OptiIdAuthDataCredentials;
-/**
- * Auth data structure
- */
-class OptiIdAuthData {
-    provider;
-    credentials;
-    constructor(provider, credentials) {
-        this.provider = provider;
-        this.credentials = credentials;
-    }
-}
-exports.OptiIdAuthData = OptiIdAuthData;
 /**
  * Authentication requirements for an Opal tool
  */

package/dist/types/Models.js.map

@@ -1 +1 @@
-{"version":3,"file":"Models.js","sourceRoot":"","sources":["../../src/types/Models.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AACzC;;GAEG;AACH,IAAY,aAOX;AAPD,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,oCAAmB,CAAA;IACnB,kCAAiB,CAAA;IACjB,oCAAmB,CAAA;IACnB,8BAAa,CAAA;IACb,sCAAqB,CAAA;AACvB,CAAC,EAPW,aAAa,6BAAb,aAAa,QAOxB;AAED;;GAEG;AACH,MAAa,SAAS;IASX;IACA;IACA;IACA;IAXT;;;;;;OAMG;IACH,YACS,IAAY,EACZ,IAAmB,EACnB,WAAmB,EACnB,QAAiB;QAHjB,SAAI,GAAJ,IAAI,CAAQ;QACZ,SAAI,GAAJ,IAAI,CAAe;QACnB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAS;IACvB,CAAC;IAEJ;;OAEG;IACI,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF;AA1BD,8BA0BC;AAED;;GAEG;AACH,MAAa,yBAAyB;IAG3B;IACA;IACA;IACA;IAJT,YACS,WAAmB,EACnB,WAAmB,EACnB,YAAoB,EACpB,WAAmB;QAHnB,gBAAW,GAAX,WAAW,CAAQ;QACnB,gBAAW,GAAX,WAAW,CAAQ;QACnB,iBAAY,GAAZ,YAAY,CAAQ;QACpB,gBAAW,GAAX,WAAW,CAAQ;IACzB,CAAC;CACL;AARD,8DAQC;AAGD;;GAEG;AACH,MAAa,cAAc;IAGhB;IACA;IAFT,YACS,QAAgB,EAChB,WAAsC;QADtC,aAAQ,GAAR,QAAQ,CAAQ;QAChB,gBAAW,GAAX,WAAW,CAA2B;IAC5C,CAAC;CACL;AAND,wCAMC;AAED;;GAEG;AACH,MAAa,eAAe;IAQjB;IACA;IACA;IATT;;;;;OAKG;IACH,YACS,QAAgB,EAChB,WAAmB,EACnB,WAAoB,IAAI;QAFxB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAgB;IAC9B,CAAC;IAEJ;;OAEG;IACI,MAAM;QACX,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF;AAvBD,0CAuBC;AAED,MAAa,WAAW;IAGb;IACA;IACA;IACA;IACA;IACA;IANT,YACS,IAAY,EACZ,KAAa,EACb,IAAmC,EACnC,QAAmC,EAAE,EACrC,SAAkB,KAAK,EACvB,UAAoB,EAAE;QALtB,SAAI,GAAJ,IAAI,CAAQ;QACZ,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAA+B;QACnC,UAAK,GAAL,KAAK,CAAgC;QACrC,WAAM,GAAN,MAAM,CAAiB;QACvB,YAAO,GAAP,OAAO,CAAe;IAC5B,CAAC;IAEG,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;CACF;AArBD,kCAqBC;AAED,MAAa,YAAY;IAGd;IACA;IACA;IACA;IACA;IALT,YACS,IAAY,EACZ,KAAa,EACb,IAAY,EACZ,QAAgB,EAChB,YAAoB,QAAQ;QAJ5B,SAAI,GAAJ,IAAI,CAAQ;QACZ,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAAQ;QACZ,aAAQ,GAAR,QAAQ,CAAQ;QAChB,cAAS,GAAT,SAAS,CAAmB;IAClC,CAAC;IAEG,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;IACJ,CAAC;CACF;AAnBD,oCAmBC;AAED,MAAa,YAAY;IAGd;IACA;IACA;IACA;IAJT,YACS,MAAqB,EACrB,OAAuB,EACvB,IAAwB,EACxB,IAAa;QAHb,WAAM,GAAN,MAAM,CAAe;QACrB,YAAO,GAAP,OAAO,CAAgB;QACvB,SAAI,GAAJ,IAAI,CAAoB;QACxB,SAAI,GAAJ,IAAI,CAAS;IACnB,CAAC;CACL;AARD,oCAQC;AAED,MAAa,cAAc;IAGhB;IACA;IAFT,YACS,IAAc,EACd,MAEN;QAHM,SAAI,GAAJ,IAAI,CAAU;QACd,WAAM,GAAN,MAAM,CAEZ;IACA,CAAC;IAEG,MAAM,CAAC,MAAM,CAAC,OAAuB;QAC1C,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IACnD,CAAC;CACF;AAZD,wCAYC"}
+{"version":3,"file":"Models.js","sourceRoot":"","sources":["../../src/types/Models.ts"],"names":[],"mappings":";;;AAAA,yCAAyC;AACzC;;GAEG;AACH,IAAY,aAOX;AAPD,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,oCAAmB,CAAA;IACnB,kCAAiB,CAAA;IACjB,oCAAmB,CAAA;IACnB,8BAAa,CAAA;IACb,sCAAqB,CAAA;AACvB,CAAC,EAPW,aAAa,6BAAb,aAAa,QAOxB;AAED;;GAEG;AACH,MAAa,SAAS;IASX;IACA;IACA;IACA;IAXT;;;;;;OAMG;IACH,YACS,IAAY,EACZ,IAAmB,EACnB,WAAmB,EACnB,QAAiB;QAHjB,SAAI,GAAJ,IAAI,CAAQ;QACZ,SAAI,GAAJ,IAAI,CAAe;QACnB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAS;IACvB,CAAC;IAEJ;;OAEG;IACI,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF;AA1BD,8BA0BC;AAoCD;;GAEG;AACH,MAAa,eAAe;IAQjB;IACA;IACA;IATT;;;;;OAKG;IACH,YACS,QAAgB,EAChB,WAAmB,EACnB,WAAoB,IAAI;QAFxB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAgB;IAC9B,CAAC;IAEJ;;OAEG;IACI,MAAM;QACX,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF;AAvBD,0CAuBC;AAED,MAAa,WAAW;IAGb;IACA;IACA;IACA;IACA;IACA;IANT,YACS,IAAY,EACZ,KAAa,EACb,IAAmC,EACnC,QAAmC,EAAE,EACrC,SAAkB,KAAK,EACvB,UAAoB,EAAE;QALtB,SAAI,GAAJ,IAAI,CAAQ;QACZ,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAA+B;QACnC,UAAK,GAAL,KAAK,CAAgC;QACrC,WAAM,GAAN,MAAM,CAAiB;QACvB,YAAO,GAAP,OAAO,CAAe;IAC5B,CAAC;IAEG,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;CACF;AArBD,kCAqBC;AAED,MAAa,YAAY;IAGd;IACA;IACA;IACA;IACA;IALT,YACS,IAAY,EACZ,KAAa,EACb,IAAY,EACZ,QAAgB,EAChB,YAAoB,QAAQ;QAJ5B,SAAI,GAAJ,IAAI,CAAQ;QACZ,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAAQ;QACZ,aAAQ,GAAR,QAAQ,CAAQ;QAChB,cAAS,GAAT,SAAS,CAAmB;IAClC,CAAC;IAEG,MAAM;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;IACJ,CAAC;CACF;AAnBD,oCAmBC;AAED,MAAa,YAAY;IAGd;IACA;IACA;IACA;IAJT,YACS,MAAqB,EACrB,OAAuB,EACvB,IAAwB,EACxB,IAAa;QAHb,WAAM,GAAN,MAAM,CAAe;QACrB,YAAO,GAAP,OAAO,CAAgB;QACvB,SAAI,GAAJ,IAAI,CAAoB;QACxB,SAAI,GAAJ,IAAI,CAAS;IACnB,CAAC;CACL;AARD,oCAQC;AAED,MAAa,cAAc;IAGhB;IACA;IAFT,YACS,IAAc,EACd,MAEN;QAHM,SAAI,GAAJ,IAAI,CAAU;QACd,WAAM,GAAN,MAAM,CAEZ;IACA,CAAC;IAEG,MAAM,CAAC,MAAM,CAAC,OAAuB;QAC1C,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IACnD,CAAC;CACF;AAZD,wCAYC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@optimizely-opal/opal-tool-ocp-sdk",
-  "version": "1.1.0-beta.1",
+  "version": "1.1.0",
   "description": "OCP SDK for Opal tool",
   "scripts": {
     "validate-deps": "node scripts/validate-deps.js",

package/src/auth/AuthUtils.ts

@@ -1,6 +1,6 @@
 import { getAppContext, logger, Request } from '@zaiusinc/app-sdk';
 import { getTokenVerifier } from './TokenVerifier';
-import { OptiIdAuthData } from '../types/Models';
+import { AuthData, OptiIdAuthDataCredentials } from '../types/Models';
 import { ToolError } from '../types/ToolError';
 
 /**
@@ -34,8 +34,8 @@ async function validateAccessToken(accessToken: string | undefined): Promise<voi
  * @param request - The incoming request
  * @returns object with authData and accessToken, or null if auth is missing
  */
-export function extractAuthData(request: any): { authData: OptiIdAuthData; accessToken: string } | null {
-  const authData = request?.bodyJSON?.auth as OptiIdAuthData;
+export function extractAuthData(request: any): OptiIdAuthDataCredentials | null {
+  const authData = request?.bodyJSON?.auth as AuthData;
 
   if (!authData) {
     return null;
@@ -50,7 +50,7 @@ export function extractAuthData(request: any): { authData: OptiIdAuthData; acces
     return null;
   }
 
-  return { authData, accessToken };
+  return authData?.credentials as OptiIdAuthDataCredentials;
 }
 
 /**
@@ -60,8 +60,8 @@ export function extractAuthData(request: any): { authData: OptiIdAuthData; acces
  * @returns object with authData and accessToken
  * @throws {ToolError} If auth data is invalid or missing
  */
-function extractAndValidateAuthData(request: any): { authData: OptiIdAuthData; accessToken: string } {
-  const authData = request?.bodyJSON?.auth as OptiIdAuthData;
+function extractAndValidateAuthData(request: any): OptiIdAuthDataCredentials {
+  const authData = request?.bodyJSON?.auth as AuthData;
 
   if (!authData) {
     throw new ToolError('Forbidden', 403, 'Authentication data is required');
@@ -76,7 +76,7 @@ function extractAndValidateAuthData(request: any): { authData: OptiIdAuthData; a
     throw new ToolError('Forbidden', 403, 'OptiID access token is required');
   }
 
-  return { authData, accessToken };
+  return authData?.credentials as OptiIdAuthDataCredentials;
 }
 
 /**
@@ -120,14 +120,14 @@ async function authenticateRequest(request: any, validateOrg: boolean): Promise<
     return;
   }
 
-  const { authData, accessToken } = extractAndValidateAuthData(request);
+  const optiIdCredentials = extractAndValidateAuthData(request);
 
   // Validate organization ID if required
   if (validateOrg) {
-    validateOrganizationId(authData.credentials?.customer_id);
+    validateOrganizationId(optiIdCredentials.customer_id);
   }
 
-  await validateAccessToken(accessToken);
+  await validateAccessToken(optiIdCredentials.access_token);
 }
 
 /**

package/src/decorator/Decorator.test.ts

@@ -544,7 +544,7 @@ describe('Decorators', () => {
       const registeredHandler = registerToolCall![2];
 
       // Call the handler
-      const result = await registeredHandler(undefined as any, {}, {});
+      const result = await registeredHandler(undefined as any, {}, undefined as any);
 
       // Should be able to call class methods through 'this'
       expect((result as any).result).toBe('class-method-called');
@@ -574,7 +574,7 @@ describe('Decorators', () => {
       const registeredHandler = registerInteractionCall![1];
 
       // Call the handler
-      const result = await registeredHandler(undefined as any, {});
+      const result = await registeredHandler(undefined as any, {}, undefined as any);
 
       // Should be able to call class methods through 'this'
       expect((result as any).message).toBe('interaction-processed');
@@ -606,7 +606,7 @@ describe('Decorators', () => {
       // Call the handler with an invalid functionContext (truthy but wrong type)
       // This should trigger the instanceof check and create a new instance instead
       const invalidContext = { notAnInstance: true, someOtherProperty: 'invalid' };
-      const result = await registeredHandler(invalidContext as any, {}, {});
+      const result = await registeredHandler(invalidContext as any, {}, undefined as any);
 
       // Should still work by creating a new instance
       expect((result as any).result).toBe('class-method-called');
@@ -638,7 +638,7 @@ describe('Decorators', () => {
       // Call the handler with an invalid functionContext (truthy but wrong type)
       // This should trigger the instanceof check and create a new instance instead
       const invalidContext = { notAnInstance: true, someOtherProperty: 'invalid' };
-      const result = await registeredHandler(invalidContext as any, {});
+      const result = await registeredHandler(invalidContext as any, {}, undefined as any);
 
       // Should still work by creating a new instance
       expect((result as any).message).toBe('interaction-processed');

package/src/function/GlobalToolFunction.ts

@@ -30,8 +30,8 @@ export abstract class GlobalToolFunction extends GlobalFunction {
     const startTime = Date.now();
 
     // Extract customer_id from auth data for global context attribution
-    const authInfo = extractAuthData(this.request);
-    const customerId = authInfo?.authData?.credentials?.customer_id;
+    const optiIdCredentials = extractAuthData(this.request);
+    const customerId = optiIdCredentials?.customer_id;
 
     amendLogContext({
       opalThreadId: this.request.headers.get('x-opal-thread-id') || '',

package/src/service/Service.test.ts

@@ -1,6 +1,6 @@
 /* eslint-disable @typescript-eslint/no-unsafe-call */
 import { toolsService, Tool, Interaction } from './Service';
-import { Parameter, ParameterType, AuthRequirement, OptiIdAuthDataCredentials, OptiIdAuthData } from '../types/Models';
+import { Parameter, ParameterType, AuthRequirement, AuthData } from '../types/Models';
 import { ToolError } from '../types/ToolError';
 import { ToolFunction } from '../function/ToolFunction';
 import { logger } from '@zaiusinc/app-sdk';
@@ -82,8 +82,8 @@ const mockKvStore = storage.kvStore;
 
 
 describe('ToolsService', () => {
-  let mockTool: Tool<unknown>;
-  let mockInteraction: Interaction<unknown>;
+  let mockTool: Tool;
+  let mockInteraction: Interaction;
   let mockToolFunction: ToolFunction;
 
   beforeEach(() => {
@@ -135,11 +135,21 @@ describe('ToolsService', () => {
       return map;
     };
 
+    const defaultAuth = {
+      provider: 'OptiID',
+      credentials: {
+        customer_id: 'test-customer',
+        instance_id: 'test-instance',
+        access_token: 'test-token',
+        product_sku: 'test-sku'
+      }
+    };
+
     const baseRequest = {
       path: '/test-tool',
       method: 'POST',
-      bodyJSON: { parameters: { param1: 'test-value' } },
-      body: JSON.stringify({ parameters: { param1: 'test-value' } }),
+      bodyJSON: { parameters: { param1: 'test-value' }, auth: defaultAuth },
+      body: JSON.stringify({ parameters: { param1: 'test-value' }, auth: defaultAuth }),
       bodyData: Buffer.from(''),
       headers: createHeadersMap(),
       params: {},
@@ -280,7 +290,7 @@ describe('ToolsService', () => {
         expect(mockTool.handler).toHaveBeenCalledWith(
           mockToolFunction, // functionContext
           { param1: 'test-value' },
-          undefined
+          expect.objectContaining({ provider: 'OptiID' })
         );
       });
 
@@ -302,7 +312,7 @@ describe('ToolsService', () => {
         expect(mockTool.handler).toHaveBeenCalledWith(
           mockToolFunctionInstance, // functionContext - existing instance
           { param1: 'test-value' },
-          undefined
+          expect.objectContaining({ provider: 'OptiID' })
         );
       });
 
@@ -349,9 +359,19 @@ describe('ToolsService', () => {
           '/test-toolfunction-access'
         );
 
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
+
         const testRequest = createMockRequest({
           path: '/test-toolfunction-access',
-          bodyJSON: { action: 'test' }
+          bodyJSON: { action: 'test', auth: authData }
         });
 
         const response = await toolsService.processRequest(testRequest, mockToolFunctionInstance);
@@ -361,19 +381,24 @@ describe('ToolsService', () => {
         expect((response as any).data.success).toBe(true);
         expect((response as any).data.requestPath).toBe('/test-path');
         expect((response as any).data.testMethodResult).toBe('path: /test-path');
-        expect((response as any).data.receivedParams).toEqual({ action: 'test' });
+        expect((response as any).data.receivedParams).toEqual({ action: 'test', auth: authData });
         expect(handlerThatAccessesRequest).toHaveBeenCalledWith(
           mockToolFunctionInstance, // functionContext is the ToolFunction instance
-          { action: 'test' },
-          undefined
+          { action: 'test', auth: authData },
+          authData
         );
       });
 
       it('should execute tool with OptiID auth data when provided', async () => {
-        const authData = new OptiIdAuthData(
-          'optiId',
-          new OptiIdAuthDataCredentials('customer123', 'instance123', 'token123', 'sku123')
-        );
+        const authData: AuthData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'customer123',
+            instance_id: 'instance123',
+            access_token: 'token123',
+            product_sku: 'sku123'
+          }
+        };
 
         const requestWithAuth = createMockRequest({
           bodyJSON: {
@@ -397,9 +422,19 @@ describe('ToolsService', () => {
       });
 
       it('should handle request body without parameters wrapper', async () => {
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
+
         const requestWithoutWrapper = createMockRequest({
-          bodyJSON: { param1: 'test-value' },
-          body: JSON.stringify({ param1: 'test-value' })
+          bodyJSON: { param1: 'test-value', auth: authData },
+          body: JSON.stringify({ param1: 'test-value', auth: authData })
         });
 
         const response = await toolsService.processRequest(requestWithoutWrapper, mockToolFunction);
@@ -407,8 +442,8 @@ describe('ToolsService', () => {
         expect(response.status).toBe(200);
         expect(mockTool.handler).toHaveBeenCalledWith(
           mockToolFunction, // functionContext
-          { param1: 'test-value' },
-          undefined
+          { param1: 'test-value', auth: authData },
+          authData
         );
       });
 
@@ -474,36 +509,62 @@ describe('ToolsService', () => {
       });
 
       it('should execute interaction successfully with data', async () => {
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
+
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
-          bodyJSON: { data: { param1: 'test-value' } },
-          body: JSON.stringify({ data: { param1: 'test-value' } })
+          bodyJSON: { data: { param1: 'test-value' }, auth: authData },
+          body: JSON.stringify({ data: { param1: 'test-value' }, auth: authData })
         });
 
         const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockInteraction.handler).toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value' }, undefined);
+        expect(mockInteraction.handler).toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value' }, authData);
       });
 
       it('should handle interaction request body without data wrapper', async () => {
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
+
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
-          bodyJSON: { param1: 'test-value' },
-          body: JSON.stringify({ param1: 'test-value' })
+          bodyJSON: { param1: 'test-value', auth: authData },
+          body: JSON.stringify({ param1: 'test-value', auth: authData })
         });
 
         const response = await toolsService.processRequest(interactionRequest, mockToolFunction);
 
         expect(response.status).toBe(200);
-        expect(mockInteraction.handler).toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value' }, undefined);
+        expect(mockInteraction.handler)
+          .toHaveBeenCalledWith(mockToolFunction, { param1: 'test-value', auth: authData }, authData);
       });
 
       it('should execute interaction with OptiID auth data when provided', async () => {
-        const authData = new OptiIdAuthData(
-          'optiId',
-          new OptiIdAuthDataCredentials('customer123', 'instance123', 'token123', 'sku123')
-        );
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'customer123',
+            instance_id: 'instance123',
+            access_token: 'token123',
+            product_sku: 'sku123'
+          }
+        };
 
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
@@ -528,10 +589,15 @@ describe('ToolsService', () => {
       });
 
       it('should handle interaction request without data wrapper but with auth data', async () => {
-        const authData = new OptiIdAuthData(
-          'optiId',
-          new OptiIdAuthDataCredentials('customer123', 'instance123', 'token123', 'sku123')
-        );
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'customer123',
+            instance_id: 'instance123',
+            access_token: 'token123',
+            product_sku: 'sku123'
+          }
+        };
 
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
@@ -559,12 +625,21 @@ describe('ToolsService', () => {
       });
 
       it('should throw error when interaction handler throws a regular error', async () => {
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
         const errorMessage = 'Interaction execution failed';
         jest.mocked(mockInteraction.handler).mockRejectedValueOnce(new Error(errorMessage));
 
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
-          bodyJSON: { data: { param1: 'test-value' } }
+          bodyJSON: { data: { param1: 'test-value' }, auth: authData }
         });
 
         await expect(toolsService.processRequest(interactionRequest, mockToolFunction))
@@ -572,12 +647,21 @@ describe('ToolsService', () => {
       });
 
       it('should throw ToolError when interaction handler throws ToolError', async () => {
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
         const toolError = new ToolError('Webhook validation failed', 400, 'Invalid signature');
         jest.mocked(mockInteraction.handler).mockRejectedValueOnce(toolError);
 
         const interactionRequest = createMockRequest({
           path: '/test-interaction',
-          bodyJSON: { data: { param1: 'test-value' } }
+          bodyJSON: { data: { param1: 'test-value' }, auth: authData }
         });
 
         await expect(toolsService.processRequest(interactionRequest, mockToolFunction))
@@ -627,7 +711,7 @@ describe('ToolsService', () => {
     });
 
     describe('edge cases', () => {
-      it('should handle request with null bodyJSON', async () => {
+      it('should throw 403 when request has null bodyJSON (no auth data)', async () => {
         // Create a tool without required parameters
         const toolWithoutRequiredParams = {
           name: 'no_required_params_tool',
@@ -651,13 +735,18 @@ describe('ToolsService', () => {
           body: null
         });
 
-        const response = await toolsService.processRequest(requestWithNullBody, mockToolFunction);
+        await expect(toolsService.processRequest(requestWithNullBody, mockToolFunction))
+          .rejects.toThrow(ToolError);
 
-        expect(response.status).toBe(200);
-        expect(toolWithoutRequiredParams.handler).toHaveBeenCalledWith(mockToolFunction, null, undefined);
+        try {
+          await toolsService.processRequest(requestWithNullBody, mockToolFunction);
+        } catch (error) {
+          expect((error as ToolError).status).toBe(403);
+          expect((error as ToolError).message).toContain('Authentication data is required');
+        }
       });
 
-      it('should handle request with undefined bodyJSON', async () => {
+      it('should throw 403 when request has undefined bodyJSON (no auth data)', async () => {
         // Create a tool without required parameters
         const toolWithoutRequiredParams = {
           name: 'no_required_params_tool_2',
@@ -681,10 +770,15 @@ describe('ToolsService', () => {
           body: undefined
         });
 
-        const response = await toolsService.processRequest(requestWithUndefinedBody, mockToolFunction);
+        await expect(toolsService.processRequest(requestWithUndefinedBody, mockToolFunction))
+          .rejects.toThrow(ToolError);
 
-        expect(response.status).toBe(200);
-        expect(toolWithoutRequiredParams.handler).toHaveBeenCalledWith(mockToolFunction, undefined, undefined);
+        try {
+          await toolsService.processRequest(requestWithUndefinedBody, mockToolFunction);
+        } catch (error) {
+          expect((error as ToolError).status).toBe(403);
+          expect((error as ToolError).message).toContain('Authentication data is required');
+        }
       });
 
       it('should extract auth data from bodyJSON when body exists', async () => {
@@ -696,10 +790,15 @@ describe('ToolsService', () => {
           mockTool.endpoint
         );
 
-        const authData = new OptiIdAuthData(
-          'optiId',
-          new OptiIdAuthDataCredentials('customer123', 'instance123', 'token123', 'sku123')
-        );
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'customer123',
+            instance_id: 'instance123',
+            access_token: 'token123',
+            product_sku: 'sku123'
+          }
+        };
 
         const requestWithAuth = createMockRequest({
           bodyJSON: {
@@ -722,7 +821,7 @@ describe('ToolsService', () => {
         );
       });
 
-      it('should handle missing auth data gracefully', async () => {
+      it('should throw 403 when auth data is missing for tool with auth requirements', async () => {
         toolsService.registerTool(
           mockTool.name,
           mockTool.description,
@@ -741,14 +840,15 @@ describe('ToolsService', () => {
           })
         });
 
-        const response = await toolsService.processRequest(requestWithoutAuth, mockToolFunction);
+        await expect(toolsService.processRequest(requestWithoutAuth, mockToolFunction))
+          .rejects.toThrow(ToolError);
 
-        expect(response.status).toBe(200);
-        expect(mockTool.handler).toHaveBeenCalledWith(
-          mockToolFunction, // functionContext
-          { param1: 'test-value' },
-          undefined
-        );
+        try {
+          await toolsService.processRequest(requestWithoutAuth, mockToolFunction);
+        } catch (error) {
+          expect((error as ToolError).status).toBe(403);
+          expect((error as ToolError).message).toContain('Authentication data is required');
+        }
       });
 
       it('should handle auth extraction when body is falsy but bodyJSON has auth', async () => {
@@ -760,10 +860,15 @@ describe('ToolsService', () => {
           mockTool.endpoint
         );
 
-        const authData = new OptiIdAuthData(
-          'optiId',
-          new OptiIdAuthDataCredentials('customer123', 'instance123', 'token123', 'sku123')
-        );
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'customer123',
+            instance_id: 'instance123',
+            access_token: 'token123',
+            product_sku: 'sku123'
+          }
+        };
 
         const requestWithAuthButNoBody = createMockRequest({
           bodyJSON: {
@@ -864,13 +969,24 @@ describe('ToolsService', () => {
           toolWithoutParams.endpoint
         );
 
+        const authData = {
+          provider: 'OptiID',
+          credentials: {
+            customer_id: 'test-customer',
+            instance_id: 'test-instance',
+            access_token: 'test-token',
+            product_sku: 'test-sku'
+          }
+        };
+
         // Send request with any data (should be ignored)
         const request = createMockRequest({
           path: '/no-params-tool',
           bodyJSON: {
             parameters: {
               unexpected: 'value'
-            }
+            },
+            auth: authData
           }
         });
 
@@ -880,7 +996,7 @@ describe('ToolsService', () => {
         expect(toolWithoutParams.handler).toHaveBeenCalledWith(
           mockToolFunction,
           { unexpected: 'value' },
-          undefined
+          authData
         );
       });
     });