@polpo-ai/connect-server 0.15.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +13 -0
- package/README.md +15 -0
- package/dist/index.d.ts +5 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -0
- package/dist/memory-store.d.ts +13 -0
- package/dist/memory-store.d.ts.map +1 -0
- package/dist/memory-store.js +52 -0
- package/dist/memory-store.js.map +1 -0
- package/dist/oauth.d.ts +8 -0
- package/dist/oauth.d.ts.map +1 -0
- package/dist/oauth.js +23 -0
- package/dist/oauth.js.map +1 -0
- package/dist/secrets.d.ts +13 -0
- package/dist/secrets.d.ts.map +1 -0
- package/dist/secrets.js +17 -0
- package/dist/secrets.js.map +1 -0
- package/dist/service.d.ts +64 -0
- package/dist/service.d.ts.map +1 -0
- package/dist/service.js +279 -0
- package/dist/service.js.map +1 -0
- package/package.json +55 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
Copyright 2026-present Lumea Labs
|
|
2
|
+
|
|
3
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
you may not use this file except in compliance with the License.
|
|
5
|
+
You may obtain a copy of the License at
|
|
6
|
+
|
|
7
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
|
|
9
|
+
Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
See the License for the specific language governing permissions and
|
|
13
|
+
limitations under the License.
|
package/README.md
ADDED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# @polpo-ai/connect-server
|
|
2
|
+
|
|
3
|
+
Server-side primitives for Polpo Connect.
|
|
4
|
+
|
|
5
|
+
This package implements the backend lifecycle for API-key and OAuth2 connections:
|
|
6
|
+
|
|
7
|
+
- API-key connection creation
|
|
8
|
+
- OAuth authorization URL generation
|
|
9
|
+
- OAuth callback and token exchange
|
|
10
|
+
- access token retrieval
|
|
11
|
+
- refresh token handling
|
|
12
|
+
- policy checks before token release
|
|
13
|
+
- revocation and secret deletion
|
|
14
|
+
|
|
15
|
+
It is intentionally framework-agnostic. Cloud/OSS servers can mount it through Hono, Express, Workers, or another transport without coupling the core lifecycle to HTTP routes.
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { type ConnectStore, type ConnectionListFilter, type ConnectionRecord, type OAuthStateRecord } from "@polpo-ai/connect";
|
|
2
|
+
export declare class MemoryConnectStore implements ConnectStore {
|
|
3
|
+
private readonly connections;
|
|
4
|
+
private readonly oauthStates;
|
|
5
|
+
listConnections(filter?: ConnectionListFilter): Promise<ConnectionRecord[]>;
|
|
6
|
+
getConnection(id: string): Promise<ConnectionRecord | null>;
|
|
7
|
+
upsertConnection(record: ConnectionRecord): Promise<ConnectionRecord>;
|
|
8
|
+
updateConnection(id: string, patch: Partial<Omit<ConnectionRecord, "id" | "createdAt">>): Promise<ConnectionRecord>;
|
|
9
|
+
deleteConnection(id: string): Promise<void>;
|
|
10
|
+
saveOAuthState(record: OAuthStateRecord): Promise<void>;
|
|
11
|
+
consumeOAuthState(state: string): Promise<OAuthStateRecord | null>;
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=memory-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"memory-store.d.ts","sourceRoot":"","sources":["../src/memory-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,YAAY,EAAE,KAAK,oBAAoB,EAAE,KAAK,gBAAgB,EAAE,KAAK,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE7I,qBAAa,kBAAmB,YAAW,YAAY;IACrD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAuC;IACnE,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAuC;IAE7D,eAAe,CAAC,MAAM,GAAE,oBAAyB,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAI/E,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAK3D,gBAAgB,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAKrE,gBAAgB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,GAAG,WAAW,CAAC,CAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAQnH,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,cAAc,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvD,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;CAKzE"}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
import { ConnectError } from "@polpo-ai/connect";
|
|
2
|
+
export class MemoryConnectStore {
|
|
3
|
+
connections = new Map();
|
|
4
|
+
oauthStates = new Map();
|
|
5
|
+
async listConnections(filter = {}) {
|
|
6
|
+
return [...this.connections.values()].filter((connection) => matchesFilter(connection, filter)).map(clone);
|
|
7
|
+
}
|
|
8
|
+
async getConnection(id) {
|
|
9
|
+
const record = this.connections.get(id);
|
|
10
|
+
return record ? clone(record) : null;
|
|
11
|
+
}
|
|
12
|
+
async upsertConnection(record) {
|
|
13
|
+
this.connections.set(record.id, clone(record));
|
|
14
|
+
return clone(record);
|
|
15
|
+
}
|
|
16
|
+
async updateConnection(id, patch) {
|
|
17
|
+
const existing = this.connections.get(id);
|
|
18
|
+
if (!existing)
|
|
19
|
+
throw new ConnectError("connection_not_found", `Connection not found: ${id}`);
|
|
20
|
+
const updated = { ...existing, ...patch, id, createdAt: existing.createdAt };
|
|
21
|
+
this.connections.set(id, clone(updated));
|
|
22
|
+
return clone(updated);
|
|
23
|
+
}
|
|
24
|
+
async deleteConnection(id) {
|
|
25
|
+
this.connections.delete(id);
|
|
26
|
+
}
|
|
27
|
+
async saveOAuthState(record) {
|
|
28
|
+
this.oauthStates.set(record.state, clone(record));
|
|
29
|
+
}
|
|
30
|
+
async consumeOAuthState(state) {
|
|
31
|
+
const record = this.oauthStates.get(state);
|
|
32
|
+
this.oauthStates.delete(state);
|
|
33
|
+
return record ? clone(record) : null;
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
function matchesFilter(connection, filter) {
|
|
37
|
+
if (filter.providerId && connection.providerId !== filter.providerId)
|
|
38
|
+
return false;
|
|
39
|
+
if (filter.projectId && connection.projectId !== filter.projectId)
|
|
40
|
+
return false;
|
|
41
|
+
if (filter.orgId && connection.orgId !== filter.orgId)
|
|
42
|
+
return false;
|
|
43
|
+
if (filter.status && connection.status !== filter.status)
|
|
44
|
+
return false;
|
|
45
|
+
if (filter.owner && (connection.owner?.type !== filter.owner.type || connection.owner.id !== filter.owner.id))
|
|
46
|
+
return false;
|
|
47
|
+
return true;
|
|
48
|
+
}
|
|
49
|
+
function clone(value) {
|
|
50
|
+
return JSON.parse(JSON.stringify(value));
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=memory-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"memory-store.js","sourceRoot":"","sources":["../src/memory-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAA8F,MAAM,mBAAmB,CAAC;AAE7I,MAAM,OAAO,kBAAkB;IACZ,WAAW,GAAG,IAAI,GAAG,EAA4B,CAAC;IAClD,WAAW,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEnE,KAAK,CAAC,eAAe,CAAC,SAA+B,EAAE;QACrD,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7G,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAU;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxC,OAAO,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,MAAwB;QAC7C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC/C,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,EAAU,EAAE,KAA0D;QAC3F,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,YAAY,CAAC,sBAAsB,EAAE,yBAAyB,EAAE,EAAE,CAAC,CAAC;QAC7F,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,KAAK,EAAE,EAAE,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC;QAC7E,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QACzC,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,EAAU;QAC/B,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAwB;QAC3C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAa;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,OAAO,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACvC,CAAC;CACF;AAED,SAAS,aAAa,CAAC,UAA4B,EAAE,MAA4B;IAC/E,IAAI,MAAM,CAAC,UAAU,IAAI,UAAU,CAAC,UAAU,KAAK,MAAM,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IACnF,IAAI,MAAM,CAAC,SAAS,IAAI,UAAU,CAAC,SAAS,KAAK,MAAM,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAChF,IAAI,MAAM,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,KAAK,MAAM,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACpE,IAAI,MAAM,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACvE,IAAI,MAAM,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,KAAK,MAAM,CAAC,KAAK,CAAC,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5H,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,KAAK,CAAI,KAAQ;IACxB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAM,CAAC;AAChD,CAAC"}
|
package/dist/oauth.d.ts
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export declare function createOpaqueToken(bytes?: number): string;
|
|
2
|
+
export declare function createPkcePair(): {
|
|
3
|
+
verifier: string;
|
|
4
|
+
challenge: string;
|
|
5
|
+
};
|
|
6
|
+
export declare function toFormBody(input: Record<string, string | undefined>): URLSearchParams;
|
|
7
|
+
export declare function parseScopes(scope: string | undefined, fallback: readonly string[]): string[];
|
|
8
|
+
//# sourceMappingURL=oauth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAEA,wBAAgB,iBAAiB,CAAC,KAAK,SAAK,GAAG,MAAM,CAEpD;AAED,wBAAgB,cAAc,IAAI;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAIxE;AAED,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,eAAe,CAMrF;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,QAAQ,EAAE,SAAS,MAAM,EAAE,GAAG,MAAM,EAAE,CAG5F"}
|
package/dist/oauth.js
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { createHash, randomBytes } from "node:crypto";
|
|
2
|
+
export function createOpaqueToken(bytes = 32) {
|
|
3
|
+
return randomBytes(bytes).toString("base64url");
|
|
4
|
+
}
|
|
5
|
+
export function createPkcePair() {
|
|
6
|
+
const verifier = createOpaqueToken(48);
|
|
7
|
+
const challenge = createHash("sha256").update(verifier).digest("base64url");
|
|
8
|
+
return { verifier, challenge };
|
|
9
|
+
}
|
|
10
|
+
export function toFormBody(input) {
|
|
11
|
+
const body = new URLSearchParams();
|
|
12
|
+
for (const [key, value] of Object.entries(input)) {
|
|
13
|
+
if (value !== undefined && value !== "")
|
|
14
|
+
body.set(key, value);
|
|
15
|
+
}
|
|
16
|
+
return body;
|
|
17
|
+
}
|
|
18
|
+
export function parseScopes(scope, fallback) {
|
|
19
|
+
if (!scope)
|
|
20
|
+
return [...fallback];
|
|
21
|
+
return scope.split(/[,\s]+/).map((part) => part.trim()).filter(Boolean);
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=oauth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../src/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,UAAU,iBAAiB,CAAC,KAAK,GAAG,EAAE;IAC1C,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC5E,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,KAAyC;IAClE,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;IACnC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAyB,EAAE,QAA2B;IAChF,IAAI,CAAC,KAAK;QAAE,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC;IACjC,OAAO,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAC1E,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { StoredConnectionSecret } from "@polpo-ai/connect";
|
|
2
|
+
export interface ConnectionSecretStore {
|
|
3
|
+
setSecret(ref: string, secret: StoredConnectionSecret): Promise<void>;
|
|
4
|
+
getSecret(ref: string): Promise<StoredConnectionSecret | null>;
|
|
5
|
+
deleteSecret(ref: string): Promise<void>;
|
|
6
|
+
}
|
|
7
|
+
export declare class MemoryConnectionSecretStore implements ConnectionSecretStore {
|
|
8
|
+
private readonly records;
|
|
9
|
+
setSecret(ref: string, secret: StoredConnectionSecret): Promise<void>;
|
|
10
|
+
getSecret(ref: string): Promise<StoredConnectionSecret | null>;
|
|
11
|
+
deleteSecret(ref: string): Promise<void>;
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../src/secrets.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAEhE,MAAM,WAAW,qBAAqB;IACpC,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC,CAAC;IAC/D,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC1C;AAED,qBAAa,2BAA4B,YAAW,qBAAqB;IACvE,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA6C;IAE/D,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIrE,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IAK9D,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAG/C"}
|
package/dist/secrets.js
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
export class MemoryConnectionSecretStore {
|
|
2
|
+
records = new Map();
|
|
3
|
+
async setSecret(ref, secret) {
|
|
4
|
+
this.records.set(ref, clone(secret));
|
|
5
|
+
}
|
|
6
|
+
async getSecret(ref) {
|
|
7
|
+
const secret = this.records.get(ref);
|
|
8
|
+
return secret ? clone(secret) : null;
|
|
9
|
+
}
|
|
10
|
+
async deleteSecret(ref) {
|
|
11
|
+
this.records.delete(ref);
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
function clone(value) {
|
|
15
|
+
return JSON.parse(JSON.stringify(value));
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=secrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../src/secrets.ts"],"names":[],"mappings":"AAQA,MAAM,OAAO,2BAA2B;IACrB,OAAO,GAAG,IAAI,GAAG,EAAkC,CAAC;IAErE,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,MAA8B;QACzD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACrC,OAAO,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAW;QAC5B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;CACF;AAED,SAAS,KAAK,CAAI,KAAQ;IACxB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAM,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
import { type ConnectPolicy, type ConnectStore, type ConnectSubject, type ConnectionRecord, type ConnectorProviderDefinition, type RuntimeToken } from "@polpo-ai/connect";
|
|
2
|
+
import type { ConnectionSecretStore } from "./secrets.js";
|
|
3
|
+
export interface CreateConnectServiceOptions {
|
|
4
|
+
providers: readonly ConnectorProviderDefinition[];
|
|
5
|
+
store: ConnectStore;
|
|
6
|
+
secrets: ConnectionSecretStore;
|
|
7
|
+
policy?: ConnectPolicy;
|
|
8
|
+
fetch?: typeof fetch;
|
|
9
|
+
now?: () => Date;
|
|
10
|
+
tokenRefreshSkewMs?: number;
|
|
11
|
+
oauthStateTtlMs?: number;
|
|
12
|
+
}
|
|
13
|
+
export interface CreateApiKeyConnectionInput {
|
|
14
|
+
providerId: string;
|
|
15
|
+
apiKey: string;
|
|
16
|
+
scopes?: string[];
|
|
17
|
+
subject?: ConnectSubject;
|
|
18
|
+
name?: string;
|
|
19
|
+
projectId?: string;
|
|
20
|
+
orgId?: string;
|
|
21
|
+
metadata?: Record<string, unknown>;
|
|
22
|
+
}
|
|
23
|
+
export interface StartOAuthInput {
|
|
24
|
+
providerId: string;
|
|
25
|
+
scopes?: string[];
|
|
26
|
+
subject?: ConnectSubject;
|
|
27
|
+
redirectUri: string;
|
|
28
|
+
projectId?: string;
|
|
29
|
+
orgId?: string;
|
|
30
|
+
connectionName?: string;
|
|
31
|
+
metadata?: Record<string, unknown>;
|
|
32
|
+
}
|
|
33
|
+
export interface StartOAuthResult {
|
|
34
|
+
authorizationUrl: string;
|
|
35
|
+
state: string;
|
|
36
|
+
expiresAt: string;
|
|
37
|
+
}
|
|
38
|
+
export interface CompleteOAuthInput {
|
|
39
|
+
state: string;
|
|
40
|
+
code?: string;
|
|
41
|
+
error?: string;
|
|
42
|
+
errorDescription?: string;
|
|
43
|
+
}
|
|
44
|
+
export interface GetTokenInput {
|
|
45
|
+
connectionId: string;
|
|
46
|
+
scopes?: string[];
|
|
47
|
+
subject?: ConnectSubject;
|
|
48
|
+
actionId?: string;
|
|
49
|
+
forceRefresh?: boolean;
|
|
50
|
+
}
|
|
51
|
+
export interface RevokeConnectionInput {
|
|
52
|
+
connectionId: string;
|
|
53
|
+
}
|
|
54
|
+
export interface ConnectService {
|
|
55
|
+
listProviders(): ConnectorProviderDefinition[];
|
|
56
|
+
listConnections(filter?: Parameters<ConnectStore["listConnections"]>[0]): Promise<ConnectionRecord[]>;
|
|
57
|
+
createApiKeyConnection(input: CreateApiKeyConnectionInput): Promise<ConnectionRecord>;
|
|
58
|
+
startOAuth(input: StartOAuthInput): Promise<StartOAuthResult>;
|
|
59
|
+
completeOAuth(input: CompleteOAuthInput): Promise<ConnectionRecord>;
|
|
60
|
+
getToken(input: GetTokenInput): Promise<RuntimeToken>;
|
|
61
|
+
revokeConnection(input: RevokeConnectionInput): Promise<ConnectionRecord>;
|
|
62
|
+
}
|
|
63
|
+
export declare function createConnectService(options: CreateConnectServiceOptions): ConnectService;
|
|
64
|
+
//# sourceMappingURL=service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../src/service.ts"],"names":[],"mappings":"AAAA,OAAO,EAML,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,2BAA2B,EAEhC,KAAK,YAAY,EAGlB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAG1D,MAAM,WAAW,2BAA2B;IAC1C,SAAS,EAAE,SAAS,2BAA2B,EAAE,CAAC;IAClD,KAAK,EAAE,YAAY,CAAC;IACpB,OAAO,EAAE,qBAAqB,CAAC;IAC/B,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,2BAA2B;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,aAAa,IAAI,2BAA2B,EAAE,CAAC;IAC/C,eAAe,CAAC,MAAM,CAAC,EAAE,UAAU,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACtG,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACtF,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC9D,aAAa,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACpE,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACtD,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;CAC3E;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,2BAA2B,GAAG,cAAc,CA8NzF"}
|
package/dist/service.js
ADDED
|
@@ -0,0 +1,279 @@
|
|
|
1
|
+
import { ConnectError, assertAllowedScopes, assertGrantedScopes, createConnectorRegistry, normalizeScopes, } from "@polpo-ai/connect";
|
|
2
|
+
import { createOpaqueToken, createPkcePair, parseScopes, toFormBody } from "./oauth.js";
|
|
3
|
+
export function createConnectService(options) {
|
|
4
|
+
const registry = createConnectorRegistry(options.providers);
|
|
5
|
+
const fetchImpl = options.fetch ?? fetch;
|
|
6
|
+
const now = options.now ?? (() => new Date());
|
|
7
|
+
const tokenRefreshSkewMs = options.tokenRefreshSkewMs ?? 60_000;
|
|
8
|
+
const oauthStateTtlMs = options.oauthStateTtlMs ?? 10 * 60_000;
|
|
9
|
+
return {
|
|
10
|
+
listProviders() {
|
|
11
|
+
return registry.list();
|
|
12
|
+
},
|
|
13
|
+
listConnections(filter) {
|
|
14
|
+
return options.store.listConnections(filter);
|
|
15
|
+
},
|
|
16
|
+
async createApiKeyConnection(input) {
|
|
17
|
+
const provider = registry.require(input.providerId);
|
|
18
|
+
if (provider.auth.type !== "api_key") {
|
|
19
|
+
throw new ConnectError("unsupported_auth", `Provider "${provider.id}" does not use API-key auth`);
|
|
20
|
+
}
|
|
21
|
+
const apiKey = input.apiKey.trim();
|
|
22
|
+
if (!apiKey) {
|
|
23
|
+
throw new ConnectError("invalid_request", "API key cannot be empty");
|
|
24
|
+
}
|
|
25
|
+
const grantedScopes = assertAllowedScopes(provider, input.scopes ?? provider.auth.defaultScopes);
|
|
26
|
+
const id = createId("conn");
|
|
27
|
+
const secretRef = createId("connsec");
|
|
28
|
+
await options.secrets.setSecret(secretRef, { kind: "api_key", apiKey });
|
|
29
|
+
return options.store.upsertConnection({
|
|
30
|
+
id,
|
|
31
|
+
providerId: provider.id,
|
|
32
|
+
name: input.name,
|
|
33
|
+
projectId: input.projectId,
|
|
34
|
+
orgId: input.orgId,
|
|
35
|
+
owner: input.subject,
|
|
36
|
+
authType: "api_key",
|
|
37
|
+
status: "active",
|
|
38
|
+
grantedScopes,
|
|
39
|
+
secretRef,
|
|
40
|
+
createdAt: now().toISOString(),
|
|
41
|
+
updatedAt: now().toISOString(),
|
|
42
|
+
metadata: input.metadata,
|
|
43
|
+
});
|
|
44
|
+
},
|
|
45
|
+
async startOAuth(input) {
|
|
46
|
+
const provider = registry.require(input.providerId);
|
|
47
|
+
if (provider.auth.type !== "oauth2") {
|
|
48
|
+
throw new ConnectError("unsupported_auth", `Provider "${provider.id}" does not use OAuth2 auth`);
|
|
49
|
+
}
|
|
50
|
+
const auth = provider.auth;
|
|
51
|
+
if (!auth.clientId) {
|
|
52
|
+
throw new ConnectError("invalid_provider", `OAuth provider "${provider.id}" is missing clientId`);
|
|
53
|
+
}
|
|
54
|
+
const requestedScopes = assertAllowedScopes(provider, input.scopes ?? auth.defaultScopes);
|
|
55
|
+
const state = createOpaqueToken();
|
|
56
|
+
const pkce = auth.supportsPkce === false ? undefined : createPkcePair();
|
|
57
|
+
const expiresAt = new Date(now().getTime() + oauthStateTtlMs).toISOString();
|
|
58
|
+
await options.store.saveOAuthState({
|
|
59
|
+
state,
|
|
60
|
+
providerId: provider.id,
|
|
61
|
+
subject: input.subject,
|
|
62
|
+
requestedScopes,
|
|
63
|
+
redirectUri: input.redirectUri,
|
|
64
|
+
codeVerifier: pkce?.verifier,
|
|
65
|
+
codeChallenge: pkce?.challenge,
|
|
66
|
+
projectId: input.projectId,
|
|
67
|
+
orgId: input.orgId,
|
|
68
|
+
connectionName: input.connectionName,
|
|
69
|
+
expiresAt,
|
|
70
|
+
createdAt: now().toISOString(),
|
|
71
|
+
metadata: input.metadata,
|
|
72
|
+
});
|
|
73
|
+
const url = new URL(auth.authorizationUrl);
|
|
74
|
+
url.searchParams.set("response_type", "code");
|
|
75
|
+
url.searchParams.set("client_id", auth.clientId);
|
|
76
|
+
url.searchParams.set("redirect_uri", input.redirectUri);
|
|
77
|
+
url.searchParams.set("state", state);
|
|
78
|
+
if (requestedScopes.length > 0)
|
|
79
|
+
url.searchParams.set("scope", requestedScopes.join(" "));
|
|
80
|
+
if (pkce) {
|
|
81
|
+
url.searchParams.set("code_challenge", pkce.challenge);
|
|
82
|
+
url.searchParams.set("code_challenge_method", "S256");
|
|
83
|
+
}
|
|
84
|
+
for (const [key, value] of Object.entries(auth.extraAuthorizeParams ?? {})) {
|
|
85
|
+
url.searchParams.set(key, value);
|
|
86
|
+
}
|
|
87
|
+
return { authorizationUrl: url.toString(), state, expiresAt };
|
|
88
|
+
},
|
|
89
|
+
async completeOAuth(input) {
|
|
90
|
+
const state = await options.store.consumeOAuthState(input.state);
|
|
91
|
+
if (!state) {
|
|
92
|
+
throw new ConnectError("oauth_state_not_found", "OAuth state was not found or has already been used");
|
|
93
|
+
}
|
|
94
|
+
if (new Date(state.expiresAt).getTime() <= now().getTime()) {
|
|
95
|
+
throw new ConnectError("oauth_state_expired", "OAuth state has expired");
|
|
96
|
+
}
|
|
97
|
+
if (input.error) {
|
|
98
|
+
throw new ConnectError("oauth_error", input.errorDescription ?? input.error, {
|
|
99
|
+
details: { error: input.error, errorDescription: input.errorDescription },
|
|
100
|
+
});
|
|
101
|
+
}
|
|
102
|
+
if (!input.code) {
|
|
103
|
+
throw new ConnectError("invalid_request", "OAuth callback is missing code");
|
|
104
|
+
}
|
|
105
|
+
const provider = registry.require(state.providerId);
|
|
106
|
+
if (provider.auth.type !== "oauth2") {
|
|
107
|
+
throw new ConnectError("unsupported_auth", `Provider "${provider.id}" does not use OAuth2 auth`);
|
|
108
|
+
}
|
|
109
|
+
const tokenSet = await exchangeCode(fetchImpl, provider.auth, input.code, state.redirectUri, state.codeVerifier);
|
|
110
|
+
const grantedScopes = assertAllowedScopes(provider, parseScopes(tokenSet.scope, state.requestedScopes));
|
|
111
|
+
assertGrantedScopes(grantedScopes, state.requestedScopes);
|
|
112
|
+
const id = createId("conn");
|
|
113
|
+
const secretRef = createId("connsec");
|
|
114
|
+
const tokens = normalizeTokenSet(tokenSet, grantedScopes, now());
|
|
115
|
+
await options.secrets.setSecret(secretRef, { kind: "oauth2", tokens });
|
|
116
|
+
return options.store.upsertConnection({
|
|
117
|
+
id,
|
|
118
|
+
providerId: provider.id,
|
|
119
|
+
name: state.connectionName,
|
|
120
|
+
projectId: state.projectId,
|
|
121
|
+
orgId: state.orgId,
|
|
122
|
+
owner: state.subject,
|
|
123
|
+
authType: "oauth2",
|
|
124
|
+
status: "active",
|
|
125
|
+
grantedScopes,
|
|
126
|
+
secretRef,
|
|
127
|
+
tokenExpiresAt: tokens.expiresAt,
|
|
128
|
+
createdAt: now().toISOString(),
|
|
129
|
+
updatedAt: now().toISOString(),
|
|
130
|
+
metadata: state.metadata,
|
|
131
|
+
});
|
|
132
|
+
},
|
|
133
|
+
async getToken(input) {
|
|
134
|
+
const connection = await options.store.getConnection(input.connectionId);
|
|
135
|
+
if (!connection) {
|
|
136
|
+
throw new ConnectError("connection_not_found", `Connection not found: ${input.connectionId}`);
|
|
137
|
+
}
|
|
138
|
+
if (connection.status !== "active") {
|
|
139
|
+
throw new ConnectError("connection_revoked", `Connection is not active: ${connection.id}`);
|
|
140
|
+
}
|
|
141
|
+
const scopes = assertGrantedScopes(connection.grantedScopes, input.scopes ?? []);
|
|
142
|
+
const allowed = await options.policy?.canUseConnection({
|
|
143
|
+
connection,
|
|
144
|
+
subject: input.subject,
|
|
145
|
+
scopes,
|
|
146
|
+
actionId: input.actionId,
|
|
147
|
+
});
|
|
148
|
+
if (allowed === false) {
|
|
149
|
+
throw new ConnectError("policy_denied", `Connection use denied by policy: ${connection.id}`);
|
|
150
|
+
}
|
|
151
|
+
if (!connection.secretRef) {
|
|
152
|
+
throw new ConnectError("secret_not_found", `Connection has no secret reference: ${connection.id}`);
|
|
153
|
+
}
|
|
154
|
+
const secret = await options.secrets.getSecret(connection.secretRef);
|
|
155
|
+
if (!secret) {
|
|
156
|
+
throw new ConnectError("secret_not_found", `Connection secret not found: ${connection.secretRef}`);
|
|
157
|
+
}
|
|
158
|
+
if (secret.kind === "api_key") {
|
|
159
|
+
if (!secret.apiKey)
|
|
160
|
+
throw new ConnectError("token_not_available", "API-key connection secret is empty");
|
|
161
|
+
return {
|
|
162
|
+
accessToken: secret.apiKey,
|
|
163
|
+
tokenType: "ApiKey",
|
|
164
|
+
scopes: connection.grantedScopes,
|
|
165
|
+
connectionId: connection.id,
|
|
166
|
+
providerId: connection.providerId,
|
|
167
|
+
};
|
|
168
|
+
}
|
|
169
|
+
if (secret.kind !== "oauth2" || !secret.tokens?.accessToken) {
|
|
170
|
+
throw new ConnectError("token_not_available", "Connection does not contain an OAuth access token");
|
|
171
|
+
}
|
|
172
|
+
let tokens = secret.tokens;
|
|
173
|
+
if (input.forceRefresh || shouldRefresh(tokens, now(), tokenRefreshSkewMs)) {
|
|
174
|
+
const provider = registry.require(connection.providerId);
|
|
175
|
+
if (provider.auth.type !== "oauth2") {
|
|
176
|
+
throw new ConnectError("unsupported_auth", `Provider "${provider.id}" does not use OAuth2 auth`);
|
|
177
|
+
}
|
|
178
|
+
if (!tokens.refreshToken) {
|
|
179
|
+
throw new ConnectError("token_not_available", "OAuth access token is expired and no refresh token is available");
|
|
180
|
+
}
|
|
181
|
+
tokens = await refreshToken(fetchImpl, provider.auth, tokens.refreshToken, connection.grantedScopes, now());
|
|
182
|
+
await options.secrets.setSecret(connection.secretRef, { ...secret, tokens });
|
|
183
|
+
await options.store.updateConnection(connection.id, {
|
|
184
|
+
tokenExpiresAt: tokens.expiresAt,
|
|
185
|
+
updatedAt: now().toISOString(),
|
|
186
|
+
});
|
|
187
|
+
}
|
|
188
|
+
return {
|
|
189
|
+
accessToken: tokens.accessToken,
|
|
190
|
+
tokenType: tokens.tokenType ?? "Bearer",
|
|
191
|
+
expiresAt: tokens.expiresAt,
|
|
192
|
+
scopes: tokens.scopes ?? connection.grantedScopes,
|
|
193
|
+
connectionId: connection.id,
|
|
194
|
+
providerId: connection.providerId,
|
|
195
|
+
};
|
|
196
|
+
},
|
|
197
|
+
async revokeConnection(input) {
|
|
198
|
+
const connection = await options.store.getConnection(input.connectionId);
|
|
199
|
+
if (!connection) {
|
|
200
|
+
throw new ConnectError("connection_not_found", `Connection not found: ${input.connectionId}`);
|
|
201
|
+
}
|
|
202
|
+
if (connection.secretRef) {
|
|
203
|
+
await options.secrets.deleteSecret(connection.secretRef);
|
|
204
|
+
}
|
|
205
|
+
return options.store.updateConnection(connection.id, {
|
|
206
|
+
status: "revoked",
|
|
207
|
+
secretRef: undefined,
|
|
208
|
+
updatedAt: now().toISOString(),
|
|
209
|
+
});
|
|
210
|
+
},
|
|
211
|
+
};
|
|
212
|
+
}
|
|
213
|
+
async function exchangeCode(fetchImpl, auth, code, redirectUri, codeVerifier) {
|
|
214
|
+
return requestToken(fetchImpl, auth.tokenUrl, {
|
|
215
|
+
grant_type: "authorization_code",
|
|
216
|
+
code,
|
|
217
|
+
redirect_uri: redirectUri,
|
|
218
|
+
client_id: auth.clientId,
|
|
219
|
+
client_secret: auth.clientSecret,
|
|
220
|
+
code_verifier: codeVerifier,
|
|
221
|
+
...auth.extraTokenParams,
|
|
222
|
+
});
|
|
223
|
+
}
|
|
224
|
+
async function refreshToken(fetchImpl, auth, refreshTokenValue, fallbackScopes, now) {
|
|
225
|
+
const tokenSet = await requestToken(fetchImpl, auth.tokenUrl, {
|
|
226
|
+
grant_type: "refresh_token",
|
|
227
|
+
refresh_token: refreshTokenValue,
|
|
228
|
+
client_id: auth.clientId,
|
|
229
|
+
client_secret: auth.clientSecret,
|
|
230
|
+
...auth.extraTokenParams,
|
|
231
|
+
});
|
|
232
|
+
return normalizeTokenSet(tokenSet, parseScopes(tokenSet.scope, fallbackScopes), now, refreshTokenValue);
|
|
233
|
+
}
|
|
234
|
+
async function requestToken(fetchImpl, tokenUrl, body) {
|
|
235
|
+
const response = await fetchImpl(tokenUrl, {
|
|
236
|
+
method: "POST",
|
|
237
|
+
headers: { "content-type": "application/x-www-form-urlencoded", accept: "application/json" },
|
|
238
|
+
body: toFormBody(body),
|
|
239
|
+
});
|
|
240
|
+
const text = await response.text();
|
|
241
|
+
const payload = text ? safeJson(text) : {};
|
|
242
|
+
if (!response.ok) {
|
|
243
|
+
throw new ConnectError("token_exchange_failed", "OAuth token endpoint returned an error", {
|
|
244
|
+
status: response.status,
|
|
245
|
+
details: payload,
|
|
246
|
+
});
|
|
247
|
+
}
|
|
248
|
+
if (!payload || typeof payload !== "object" || typeof payload.access_token !== "string") {
|
|
249
|
+
throw new ConnectError("token_exchange_failed", "OAuth token endpoint did not return access_token", { details: payload });
|
|
250
|
+
}
|
|
251
|
+
return payload;
|
|
252
|
+
}
|
|
253
|
+
function normalizeTokenSet(payload, scopes, now, fallbackRefreshToken) {
|
|
254
|
+
return {
|
|
255
|
+
accessToken: payload.access_token,
|
|
256
|
+
refreshToken: payload.refresh_token ?? fallbackRefreshToken,
|
|
257
|
+
tokenType: payload.token_type ?? "Bearer",
|
|
258
|
+
expiresAt: typeof payload.expires_in === "number" ? new Date(now.getTime() + payload.expires_in * 1000).toISOString() : undefined,
|
|
259
|
+
scopes: normalizeScopes(scopes),
|
|
260
|
+
raw: payload,
|
|
261
|
+
};
|
|
262
|
+
}
|
|
263
|
+
function shouldRefresh(tokens, now, skewMs) {
|
|
264
|
+
if (!tokens.expiresAt)
|
|
265
|
+
return false;
|
|
266
|
+
return new Date(tokens.expiresAt).getTime() - skewMs <= now.getTime();
|
|
267
|
+
}
|
|
268
|
+
function createId(prefix) {
|
|
269
|
+
return `${prefix}_${createOpaqueToken(18)}`;
|
|
270
|
+
}
|
|
271
|
+
function safeJson(text) {
|
|
272
|
+
try {
|
|
273
|
+
return JSON.parse(text);
|
|
274
|
+
}
|
|
275
|
+
catch {
|
|
276
|
+
throw new ConnectError("token_exchange_failed", "OAuth token endpoint returned invalid JSON", { details: text });
|
|
277
|
+
}
|
|
278
|
+
}
|
|
279
|
+
//# sourceMappingURL=service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"service.js","sourceRoot":"","sources":["../src/service.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,EACvB,eAAe,GAUhB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAsExF,MAAM,UAAU,oBAAoB,CAAC,OAAoC;IACvE,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC;IACzC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAC9C,MAAM,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,IAAI,MAAM,CAAC;IAChE,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,GAAG,MAAM,CAAC;IAE/D,OAAO;QACL,aAAa;YACX,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,eAAe,CAAC,MAAM;YACpB,OAAO,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,sBAAsB,CAAC,KAAK;YAChC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACpD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACrC,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,aAAa,QAAQ,CAAC,EAAE,6BAA6B,CAAC,CAAC;YACpG,CAAC;YACD,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,yBAAyB,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,aAAa,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACjG,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACtC,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;YACxE,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;gBACpC,EAAE;gBACF,UAAU,EAAE,QAAQ,CAAC,EAAE;gBACvB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,KAAK,EAAE,KAAK,CAAC,OAAO;gBACpB,QAAQ,EAAE,SAAS;gBACnB,MAAM,EAAE,QAAQ;gBAChB,aAAa;gBACb,SAAS;gBACT,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;gBAC9B,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;gBAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;aACzB,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,UAAU,CAAC,KAAK;YACpB,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACpD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACpC,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,aAAa,QAAQ,CAAC,EAAE,4BAA4B,CAAC,CAAC;YACnG,CAAC;YACD,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC3B,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,mBAAmB,QAAQ,CAAC,EAAE,uBAAuB,CAAC,CAAC;YACpG,CAAC;YACD,MAAM,eAAe,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC;YAC1F,MAAM,KAAK,GAAG,iBAAiB,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC;YACxE,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,GAAG,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YAC5E,MAAM,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC;gBACjC,KAAK;gBACL,UAAU,EAAE,QAAQ,CAAC,EAAE;gBACvB,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,eAAe;gBACf,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,YAAY,EAAE,IAAI,EAAE,QAAQ;gBAC5B,aAAa,EAAE,IAAI,EAAE,SAAS;gBAC9B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,cAAc,EAAE,KAAK,CAAC,cAAc;gBACpC,SAAS;gBACT,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;gBAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;aACzB,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC3C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;YAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YACjD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;YACxD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACrC,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC;gBAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzF,IAAI,IAAI,EAAE,CAAC;gBACT,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;gBACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;YACxD,CAAC;YACD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC3E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnC,CAAC;YACD,OAAO,EAAE,gBAAgB,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;QAChE,CAAC;QAED,KAAK,CAAC,aAAa,CAAC,KAAK;YACvB,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACjE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,oDAAoD,CAAC,CAAC;YACxG,CAAC;YACD,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC3D,MAAM,IAAI,YAAY,CAAC,qBAAqB,EAAE,yBAAyB,CAAC,CAAC;YAC3E,CAAC;YACD,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;gBAChB,MAAM,IAAI,YAAY,CAAC,aAAa,EAAE,KAAK,CAAC,gBAAgB,IAAI,KAAK,CAAC,KAAK,EAAE;oBAC3E,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,gBAAgB,EAAE,KAAK,CAAC,gBAAgB,EAAE;iBAC1E,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBAChB,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,gCAAgC,CAAC,CAAC;YAC9E,CAAC;YAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACpD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACpC,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,aAAa,QAAQ,CAAC,EAAE,4BAA4B,CAAC,CAAC;YACnG,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;YACjH,MAAM,aAAa,GAAG,mBAAmB,CAAC,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YACxG,mBAAmB,CAAC,aAAa,EAAE,KAAK,CAAC,eAAe,CAAC,CAAC;YAC1D,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACtC,MAAM,MAAM,GAAG,iBAAiB,CAAC,QAAQ,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;YACjE,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACvE,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;gBACpC,EAAE;gBACF,UAAU,EAAE,QAAQ,CAAC,EAAE;gBACvB,IAAI,EAAE,KAAK,CAAC,cAAc;gBAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,KAAK,EAAE,KAAK,CAAC,OAAO;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,QAAQ;gBAChB,aAAa;gBACb,SAAS;gBACT,cAAc,EAAE,MAAM,CAAC,SAAS;gBAChC,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;gBAC9B,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;gBAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;aACzB,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,KAAK;YAClB,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACzE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,YAAY,CAAC,sBAAsB,EAAE,yBAAyB,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;YAChG,CAAC;YACD,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACnC,MAAM,IAAI,YAAY,CAAC,oBAAoB,EAAE,6BAA6B,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7F,CAAC;YAED,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;YACjF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,gBAAgB,CAAC;gBACrD,UAAU;gBACV,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,MAAM;gBACN,QAAQ,EAAE,KAAK,CAAC,QAAQ;aACzB,CAAC,CAAC;YACH,IAAI,OAAO,KAAK,KAAK,EAAE,CAAC;gBACtB,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,oCAAoC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;YAC/F,CAAC;YACD,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;gBAC1B,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,uCAAuC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;YACrG,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACrE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,gCAAgC,UAAU,CAAC,SAAS,EAAE,CAAC,CAAC;YACrG,CAAC;YAED,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC9B,IAAI,CAAC,MAAM,CAAC,MAAM;oBAAE,MAAM,IAAI,YAAY,CAAC,qBAAqB,EAAE,oCAAoC,CAAC,CAAC;gBACxG,OAAO;oBACL,WAAW,EAAE,MAAM,CAAC,MAAM;oBAC1B,SAAS,EAAE,QAAQ;oBACnB,MAAM,EAAE,UAAU,CAAC,aAAa;oBAChC,YAAY,EAAE,UAAU,CAAC,EAAE;oBAC3B,UAAU,EAAE,UAAU,CAAC,UAAU;iBAClC,CAAC;YACJ,CAAC;YAED,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC;gBAC5D,MAAM,IAAI,YAAY,CAAC,qBAAqB,EAAE,mDAAmD,CAAC,CAAC;YACrG,CAAC;YAED,IAAI,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;YAC3B,IAAI,KAAK,CAAC,YAAY,IAAI,aAAa,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,kBAAkB,CAAC,EAAE,CAAC;gBAC3E,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;gBACzD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACpC,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,aAAa,QAAQ,CAAC,EAAE,4BAA4B,CAAC,CAAC;gBACnG,CAAC;gBACD,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;oBACzB,MAAM,IAAI,YAAY,CAAC,qBAAqB,EAAE,iEAAiE,CAAC,CAAC;gBACnH,CAAC;gBACD,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,YAAY,EAAE,UAAU,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC5G,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,EAAE,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC7E,MAAM,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,EAAE;oBAClD,cAAc,EAAE,MAAM,CAAC,SAAS;oBAChC,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;iBAC/B,CAAC,CAAC;YACL,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,QAAQ;gBACvC,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,UAAU,CAAC,aAAa;gBACjD,YAAY,EAAE,UAAU,CAAC,EAAE;gBAC3B,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,CAAC;QACJ,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,KAAK;YAC1B,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACzE,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,YAAY,CAAC,sBAAsB,EAAE,yBAAyB,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;YAChG,CAAC;YACD,IAAI,UAAU,CAAC,SAAS,EAAE,CAAC;gBACzB,MAAM,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YAC3D,CAAC;YACD,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,EAAE;gBACnD,MAAM,EAAE,SAAS;gBACjB,SAAS,EAAE,SAAS;gBACpB,SAAS,EAAE,GAAG,EAAE,CAAC,WAAW,EAAE;aAC/B,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,SAAuB,EAAE,IAAsB,EAAE,IAAY,EAAE,WAAmB,EAAE,YAAqB;IACnI,OAAO,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE;QAC5C,UAAU,EAAE,oBAAoB;QAChC,IAAI;QACJ,YAAY,EAAE,WAAW;QACzB,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,aAAa,EAAE,IAAI,CAAC,YAAY;QAChC,aAAa,EAAE,YAAY;QAC3B,GAAG,IAAI,CAAC,gBAAgB;KACzB,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,SAAuB,EAAE,IAAsB,EAAE,iBAAyB,EAAE,cAAwB,EAAE,GAAS;IACzI,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE;QAC5D,UAAU,EAAE,eAAe;QAC3B,aAAa,EAAE,iBAAiB;QAChC,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,aAAa,EAAE,IAAI,CAAC,YAAY;QAChC,GAAG,IAAI,CAAC,gBAAgB;KACzB,CAAC,CAAC;IACH,OAAO,iBAAiB,CAAC,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,GAAG,EAAE,iBAAiB,CAAC,CAAC;AAC1G,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,SAAuB,EAAE,QAAgB,EAAE,IAAwC;IAC7G,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE;QACzC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE,MAAM,EAAE,kBAAkB,EAAE;QAC5F,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC;KACvB,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3C,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,wCAAwC,EAAE;YACxF,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,OAAO,EAAE,OAAO;SACjB,CAAC,CAAC;IACL,CAAC;IACD,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAQ,OAAiC,CAAC,YAAY,KAAK,QAAQ,EAAE,CAAC;QACnH,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,kDAAkD,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAC5H,CAAC;IACD,OAAO,OAAgC,CAAC;AAC1C,CAAC;AAED,SAAS,iBAAiB,CAAC,OAA8B,EAAE,MAAgB,EAAE,GAAS,EAAE,oBAA6B;IACnH,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,YAAY;QACjC,YAAY,EAAE,OAAO,CAAC,aAAa,IAAI,oBAAoB;QAC3D,SAAS,EAAE,OAAO,CAAC,UAAU,IAAI,QAAQ;QACzC,SAAS,EAAE,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS;QACjI,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC;QAC/B,GAAG,EAAE,OAAO;KACb,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,MAAgB,EAAE,GAAS,EAAE,MAAc;IAChE,IAAI,CAAC,MAAM,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IACpC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;AACxE,CAAC;AAED,SAAS,QAAQ,CAAC,MAAc;IAC9B,OAAO,GAAG,MAAM,IAAI,iBAAiB,CAAC,EAAE,CAAC,EAAE,CAAC;AAC9C,CAAC;AAED,SAAS,QAAQ,CAAC,IAAY;IAC5B,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,YAAY,CAAC,uBAAuB,EAAE,4CAA4C,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnH,CAAC;AACH,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@polpo-ai/connect-server",
|
|
3
|
+
"version": "0.15.4",
|
|
4
|
+
"description": "Server-side Polpo Connect primitives for OAuth, API-key connections, token refresh, and policy checks",
|
|
5
|
+
"type": "module",
|
|
6
|
+
"main": "dist/index.js",
|
|
7
|
+
"types": "dist/index.d.ts",
|
|
8
|
+
"exports": {
|
|
9
|
+
".": {
|
|
10
|
+
"types": "./dist/index.d.ts",
|
|
11
|
+
"import": "./dist/index.js"
|
|
12
|
+
}
|
|
13
|
+
},
|
|
14
|
+
"sideEffects": false,
|
|
15
|
+
"files": [
|
|
16
|
+
"dist",
|
|
17
|
+
"README.md"
|
|
18
|
+
],
|
|
19
|
+
"dependencies": {
|
|
20
|
+
"@polpo-ai/connect": "0.15.4"
|
|
21
|
+
},
|
|
22
|
+
"devDependencies": {
|
|
23
|
+
"typescript": "^5.7.3",
|
|
24
|
+
"vitest": "^3.0.4"
|
|
25
|
+
},
|
|
26
|
+
"license": "Apache-2.0",
|
|
27
|
+
"keywords": [
|
|
28
|
+
"polpo",
|
|
29
|
+
"oauth",
|
|
30
|
+
"connectors",
|
|
31
|
+
"agents",
|
|
32
|
+
"permissions"
|
|
33
|
+
],
|
|
34
|
+
"author": "OpenPolpo Contributors",
|
|
35
|
+
"engines": {
|
|
36
|
+
"node": ">=18.0.0"
|
|
37
|
+
},
|
|
38
|
+
"publishConfig": {
|
|
39
|
+
"access": "public"
|
|
40
|
+
},
|
|
41
|
+
"repository": {
|
|
42
|
+
"type": "git",
|
|
43
|
+
"url": "https://github.com/lumea-labs/polpo.git",
|
|
44
|
+
"directory": "packages/connect-server"
|
|
45
|
+
},
|
|
46
|
+
"homepage": "https://github.com/lumea-labs/polpo/tree/main/packages/connect-server",
|
|
47
|
+
"bugs": {
|
|
48
|
+
"url": "https://github.com/lumea-labs/polpo/issues"
|
|
49
|
+
},
|
|
50
|
+
"scripts": {
|
|
51
|
+
"build": "tsc",
|
|
52
|
+
"dev": "tsc --watch",
|
|
53
|
+
"test": "vitest run"
|
|
54
|
+
}
|
|
55
|
+
}
|