@rekog/mcp-nest 1.9.10 → 2.0.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (364) hide show
  1. package/README.md +76 -29
  2. package/dist/index.d.ts +0 -1
  3. package/dist/index.d.ts.map +1 -1
  4. package/dist/index.js +0 -1
  5. package/dist/index.js.map +1 -1
  6. package/dist/mcp/decorators/constants.d.ts +1 -0
  7. package/dist/mcp/decorators/constants.d.ts.map +1 -1
  8. package/dist/mcp/decorators/constants.js +2 -1
  9. package/dist/mcp/decorators/constants.js.map +1 -1
  10. package/dist/mcp/decorators/index.d.ts +3 -1
  11. package/dist/mcp/decorators/index.d.ts.map +1 -1
  12. package/dist/mcp/decorators/index.js +3 -1
  13. package/dist/mcp/decorators/index.js.map +1 -1
  14. package/dist/mcp/decorators/mcp-controller.decorator.d.ts +6 -0
  15. package/dist/mcp/decorators/mcp-controller.decorator.d.ts.map +1 -0
  16. package/dist/mcp/decorators/mcp-controller.decorator.js +43 -0
  17. package/dist/mcp/decorators/mcp-controller.decorator.js.map +1 -0
  18. package/dist/mcp/decorators/mcp-message-pattern.d.ts +3 -0
  19. package/dist/mcp/decorators/mcp-message-pattern.d.ts.map +1 -0
  20. package/dist/mcp/decorators/mcp-message-pattern.js +13 -0
  21. package/dist/mcp/decorators/mcp-message-pattern.js.map +1 -0
  22. package/dist/mcp/decorators/prompt.decorator.d.ts +1 -1
  23. package/dist/mcp/decorators/prompt.decorator.d.ts.map +1 -1
  24. package/dist/mcp/decorators/prompt.decorator.js +2 -1
  25. package/dist/mcp/decorators/prompt.decorator.js.map +1 -1
  26. package/dist/mcp/decorators/public.decorator.js.map +1 -1
  27. package/dist/mcp/decorators/raw-request.decorator.d.ts +2 -0
  28. package/dist/mcp/decorators/raw-request.decorator.d.ts.map +1 -0
  29. package/dist/mcp/decorators/raw-request.decorator.js +6 -0
  30. package/dist/mcp/decorators/raw-request.decorator.js.map +1 -0
  31. package/dist/mcp/decorators/resource-template.decorator.d.ts +1 -1
  32. package/dist/mcp/decorators/resource-template.decorator.d.ts.map +1 -1
  33. package/dist/mcp/decorators/resource-template.decorator.js +2 -1
  34. package/dist/mcp/decorators/resource-template.decorator.js.map +1 -1
  35. package/dist/mcp/decorators/resource.decorator.d.ts +1 -1
  36. package/dist/mcp/decorators/resource.decorator.d.ts.map +1 -1
  37. package/dist/mcp/decorators/resource.decorator.js +2 -1
  38. package/dist/mcp/decorators/resource.decorator.js.map +1 -1
  39. package/dist/mcp/decorators/tool.decorator.d.ts +1 -3
  40. package/dist/mcp/decorators/tool.decorator.d.ts.map +1 -1
  41. package/dist/mcp/decorators/tool.decorator.js +2 -1
  42. package/dist/mcp/decorators/tool.decorator.js.map +1 -1
  43. package/dist/mcp/filters/mcp-exception.filter.d.ts +6 -0
  44. package/dist/mcp/filters/mcp-exception.filter.d.ts.map +1 -0
  45. package/dist/mcp/filters/mcp-exception.filter.js +26 -0
  46. package/dist/mcp/filters/mcp-exception.filter.js.map +1 -0
  47. package/dist/mcp/index.d.ts +11 -7
  48. package/dist/mcp/index.d.ts.map +1 -1
  49. package/dist/mcp/index.js +11 -7
  50. package/dist/mcp/index.js.map +1 -1
  51. package/dist/mcp/interfaces/authenticated-user.interface.d.ts +9 -0
  52. package/dist/mcp/interfaces/authenticated-user.interface.d.ts.map +1 -0
  53. package/dist/{authz/interfaces/request-with-user.js → mcp/interfaces/authenticated-user.interface.js} +1 -1
  54. package/dist/mcp/interfaces/authenticated-user.interface.js.map +1 -0
  55. package/dist/mcp/interfaces/dynamic-prompt.interface.d.ts +1 -1
  56. package/dist/mcp/interfaces/dynamic-prompt.interface.d.ts.map +1 -1
  57. package/dist/mcp/interfaces/dynamic-prompt.interface.js.map +1 -1
  58. package/dist/mcp/interfaces/dynamic-resource.interface.d.ts +1 -1
  59. package/dist/mcp/interfaces/dynamic-resource.interface.d.ts.map +1 -1
  60. package/dist/mcp/interfaces/dynamic-resource.interface.js.map +1 -1
  61. package/dist/mcp/interfaces/dynamic-tool.interface.d.ts +1 -1
  62. package/dist/mcp/interfaces/dynamic-tool.interface.d.ts.map +1 -1
  63. package/dist/mcp/interfaces/dynamic-tool.interface.js.map +1 -1
  64. package/dist/mcp/interfaces/index.d.ts +2 -2
  65. package/dist/mcp/interfaces/index.d.ts.map +1 -1
  66. package/dist/mcp/interfaces/index.js +0 -3
  67. package/dist/mcp/interfaces/index.js.map +1 -1
  68. package/dist/mcp/services/tool-authorization.service.d.ts +7 -5
  69. package/dist/mcp/services/tool-authorization.service.d.ts.map +1 -1
  70. package/dist/mcp/services/tool-authorization.service.js +9 -6
  71. package/dist/mcp/services/tool-authorization.service.js.map +1 -1
  72. package/dist/mcp/transport/mcp-context.d.ts +34 -0
  73. package/dist/mcp/transport/mcp-context.d.ts.map +1 -0
  74. package/dist/mcp/transport/mcp-context.js +74 -0
  75. package/dist/mcp/transport/mcp-context.js.map +1 -0
  76. package/dist/mcp/transport/mcp-http-handler.d.ts +7 -0
  77. package/dist/mcp/transport/mcp-http-handler.d.ts.map +1 -0
  78. package/dist/mcp/transport/mcp-http-handler.js +5 -0
  79. package/dist/mcp/transport/mcp-http-handler.js.map +1 -0
  80. package/dist/mcp/transport/mcp-server-options.interface.d.ts +23 -0
  81. package/dist/mcp/transport/mcp-server-options.interface.d.ts.map +1 -0
  82. package/dist/{authz/providers/oauth-provider.interface.js → mcp/transport/mcp-server-options.interface.js} +1 -1
  83. package/dist/mcp/transport/mcp-server-options.interface.js.map +1 -0
  84. package/dist/mcp/transport/mcp-transport.constants.d.ts +19 -0
  85. package/dist/mcp/transport/mcp-transport.constants.d.ts.map +1 -0
  86. package/dist/mcp/transport/mcp-transport.constants.js +21 -0
  87. package/dist/mcp/transport/mcp-transport.constants.js.map +1 -0
  88. package/dist/mcp/transport/mcp-transport.interface.d.ts +17 -0
  89. package/dist/mcp/transport/mcp-transport.interface.d.ts.map +1 -0
  90. package/dist/{authz/interfaces/oauth-common.interface.js → mcp/transport/mcp-transport.interface.js} +1 -1
  91. package/dist/mcp/transport/mcp-transport.interface.js.map +1 -0
  92. package/dist/mcp/transport/mcp.strategy.d.ts +56 -0
  93. package/dist/mcp/transport/mcp.strategy.d.ts.map +1 -0
  94. package/dist/mcp/transport/mcp.strategy.js +446 -0
  95. package/dist/mcp/transport/mcp.strategy.js.map +1 -0
  96. package/dist/mcp/transport/resource-matcher.d.ts +13 -0
  97. package/dist/mcp/transport/resource-matcher.d.ts.map +1 -0
  98. package/dist/mcp/transport/resource-matcher.js +83 -0
  99. package/dist/mcp/transport/resource-matcher.js.map +1 -0
  100. package/dist/mcp/transport/streamable-http.controller.d.ts +16 -0
  101. package/dist/mcp/transport/streamable-http.controller.d.ts.map +1 -0
  102. package/dist/mcp/transport/streamable-http.controller.js +98 -0
  103. package/dist/mcp/transport/streamable-http.controller.js.map +1 -0
  104. package/dist/mcp/transport/transports/index.d.ts +3 -0
  105. package/dist/mcp/transport/transports/index.d.ts.map +1 -0
  106. package/dist/{authz → mcp/transport/transports}/index.js +2 -10
  107. package/dist/mcp/transport/transports/index.js.map +1 -0
  108. package/dist/mcp/transport/transports/read-body.d.ts +3 -0
  109. package/dist/mcp/transport/transports/read-body.d.ts.map +1 -0
  110. package/dist/mcp/transport/transports/read-body.js +32 -0
  111. package/dist/mcp/transport/transports/read-body.js.map +1 -0
  112. package/dist/mcp/transport/transports/stdio.transport.d.ts +9 -0
  113. package/dist/mcp/transport/transports/stdio.transport.d.ts.map +1 -0
  114. package/dist/mcp/transport/transports/stdio.transport.js +27 -0
  115. package/dist/mcp/transport/transports/stdio.transport.js.map +1 -0
  116. package/dist/mcp/transport/transports/streamable-http.transport.d.ts +33 -0
  117. package/dist/mcp/transport/transports/streamable-http.transport.d.ts.map +1 -0
  118. package/dist/mcp/transport/transports/streamable-http.transport.js +216 -0
  119. package/dist/mcp/transport/transports/streamable-http.transport.js.map +1 -0
  120. package/dist/mcp/utils/mcp-logger.factory.d.ts +6 -2
  121. package/dist/mcp/utils/mcp-logger.factory.d.ts.map +1 -1
  122. package/dist/mcp/utils/mcp-logger.factory.js.map +1 -1
  123. package/package.json +3 -66
  124. package/src/index.ts +0 -1
  125. package/src/mcp/decorators/constants.ts +1 -0
  126. package/src/mcp/decorators/index.ts +3 -1
  127. package/src/mcp/decorators/mcp-controller.decorator.ts +126 -0
  128. package/src/mcp/decorators/mcp-message-pattern.ts +38 -0
  129. package/src/mcp/decorators/prompt.decorator.ts +6 -2
  130. package/src/mcp/decorators/public.decorator.ts +3 -3
  131. package/src/mcp/decorators/raw-request.decorator.ts +32 -0
  132. package/src/mcp/decorators/resource-template.decorator.ts +6 -2
  133. package/src/mcp/decorators/resource.decorator.ts +6 -2
  134. package/src/mcp/decorators/tool.decorator.ts +6 -3
  135. package/src/mcp/filters/mcp-exception.filter.ts +47 -0
  136. package/src/mcp/index.ts +13 -7
  137. package/src/mcp/interfaces/authenticated-user.interface.ts +22 -0
  138. package/src/mcp/interfaces/dynamic-prompt.interface.ts +1 -1
  139. package/src/mcp/interfaces/dynamic-resource.interface.ts +1 -1
  140. package/src/mcp/interfaces/dynamic-tool.interface.ts +2 -2
  141. package/src/mcp/interfaces/index.ts +3 -7
  142. package/src/mcp/services/tool-authorization.service.ts +52 -72
  143. package/src/mcp/transport/mcp-context.ts +138 -0
  144. package/src/mcp/transport/mcp-http-handler.ts +32 -0
  145. package/src/mcp/transport/mcp-server-options.interface.ts +75 -0
  146. package/src/mcp/transport/mcp-transport.constants.ts +99 -0
  147. package/src/mcp/transport/mcp-transport.interface.ts +50 -0
  148. package/src/mcp/transport/mcp.strategy.ts +752 -0
  149. package/src/mcp/transport/resource-matcher.ts +107 -0
  150. package/src/mcp/transport/streamable-http.controller.ts +114 -0
  151. package/src/mcp/transport/transports/index.ts +2 -0
  152. package/src/mcp/transport/transports/read-body.ts +39 -0
  153. package/src/mcp/transport/transports/stdio.transport.ts +35 -0
  154. package/src/mcp/transport/transports/streamable-http.transport.ts +384 -0
  155. package/src/mcp/utils/mcp-logger.factory.spec.ts +8 -22
  156. package/src/mcp/utils/mcp-logger.factory.ts +13 -2
  157. package/dist/authz/guards/jwt-auth.guard.d.ts +0 -19
  158. package/dist/authz/guards/jwt-auth.guard.d.ts.map +0 -1
  159. package/dist/authz/guards/jwt-auth.guard.js +0 -108
  160. package/dist/authz/guards/jwt-auth.guard.js.map +0 -1
  161. package/dist/authz/index.d.ts +0 -11
  162. package/dist/authz/index.d.ts.map +0 -1
  163. package/dist/authz/index.js.map +0 -1
  164. package/dist/authz/interfaces/oauth-common.interface.d.ts +0 -21
  165. package/dist/authz/interfaces/oauth-common.interface.d.ts.map +0 -1
  166. package/dist/authz/interfaces/oauth-common.interface.js.map +0 -1
  167. package/dist/authz/interfaces/request-with-user.d.ts +0 -13
  168. package/dist/authz/interfaces/request-with-user.d.ts.map +0 -1
  169. package/dist/authz/interfaces/request-with-user.js.map +0 -1
  170. package/dist/authz/mcp-oauth.controller.d.ts +0 -81
  171. package/dist/authz/mcp-oauth.controller.d.ts.map +0 -1
  172. package/dist/authz/mcp-oauth.controller.js +0 -540
  173. package/dist/authz/mcp-oauth.controller.js.map +0 -1
  174. package/dist/authz/mcp-oauth.module.d.ts +0 -12
  175. package/dist/authz/mcp-oauth.module.d.ts.map +0 -1
  176. package/dist/authz/mcp-oauth.module.js +0 -271
  177. package/dist/authz/mcp-oauth.module.js.map +0 -1
  178. package/dist/authz/providers/azure-ad.provider.d.ts +0 -3
  179. package/dist/authz/providers/azure-ad.provider.d.ts.map +0 -1
  180. package/dist/authz/providers/azure-ad.provider.js +0 -37
  181. package/dist/authz/providers/azure-ad.provider.js.map +0 -1
  182. package/dist/authz/providers/github.provider.d.ts +0 -3
  183. package/dist/authz/providers/github.provider.d.ts.map +0 -1
  184. package/dist/authz/providers/github.provider.js +0 -24
  185. package/dist/authz/providers/github.provider.js.map +0 -1
  186. package/dist/authz/providers/google.provider.d.ts +0 -3
  187. package/dist/authz/providers/google.provider.d.ts.map +0 -1
  188. package/dist/authz/providers/google.provider.js +0 -25
  189. package/dist/authz/providers/google.provider.js.map +0 -1
  190. package/dist/authz/providers/oauth-provider.interface.d.ts +0 -107
  191. package/dist/authz/providers/oauth-provider.interface.d.ts.map +0 -1
  192. package/dist/authz/providers/oauth-provider.interface.js.map +0 -1
  193. package/dist/authz/services/client.service.d.ts +0 -12
  194. package/dist/authz/services/client.service.d.ts.map +0 -1
  195. package/dist/authz/services/client.service.js +0 -81
  196. package/dist/authz/services/client.service.js.map +0 -1
  197. package/dist/authz/services/jwt-token.service.d.ts +0 -37
  198. package/dist/authz/services/jwt-token.service.d.ts.map +0 -1
  199. package/dist/authz/services/jwt-token.service.js +0 -182
  200. package/dist/authz/services/jwt-token.service.js.map +0 -1
  201. package/dist/authz/services/oauth-strategy.service.d.ts +0 -13
  202. package/dist/authz/services/oauth-strategy.service.d.ts.map +0 -1
  203. package/dist/authz/services/oauth-strategy.service.js +0 -71
  204. package/dist/authz/services/oauth-strategy.service.js.map +0 -1
  205. package/dist/authz/stores/memory-store.service.d.ts +0 -27
  206. package/dist/authz/stores/memory-store.service.d.ts.map +0 -1
  207. package/dist/authz/stores/memory-store.service.js +0 -107
  208. package/dist/authz/stores/memory-store.service.js.map +0 -1
  209. package/dist/authz/stores/oauth-store.interface.d.ts +0 -61
  210. package/dist/authz/stores/oauth-store.interface.d.ts.map +0 -1
  211. package/dist/authz/stores/oauth-store.interface.js +0 -5
  212. package/dist/authz/stores/oauth-store.interface.js.map +0 -1
  213. package/dist/authz/stores/typeorm/constants.d.ts +0 -3
  214. package/dist/authz/stores/typeorm/constants.d.ts.map +0 -1
  215. package/dist/authz/stores/typeorm/constants.js +0 -6
  216. package/dist/authz/stores/typeorm/constants.js.map +0 -1
  217. package/dist/authz/stores/typeorm/entities/authorization-code.entity.d.ts +0 -15
  218. package/dist/authz/stores/typeorm/entities/authorization-code.entity.d.ts.map +0 -1
  219. package/dist/authz/stores/typeorm/entities/authorization-code.entity.js +0 -69
  220. package/dist/authz/stores/typeorm/entities/authorization-code.entity.js.map +0 -1
  221. package/dist/authz/stores/typeorm/entities/index.d.ts +0 -5
  222. package/dist/authz/stores/typeorm/entities/index.d.ts.map +0 -1
  223. package/dist/authz/stores/typeorm/entities/index.js +0 -12
  224. package/dist/authz/stores/typeorm/entities/index.js.map +0 -1
  225. package/dist/authz/stores/typeorm/entities/oauth-client.entity.d.ts +0 -17
  226. package/dist/authz/stores/typeorm/entities/oauth-client.entity.d.ts.map +0 -1
  227. package/dist/authz/stores/typeorm/entities/oauth-client.entity.js +0 -77
  228. package/dist/authz/stores/typeorm/entities/oauth-client.entity.js.map +0 -1
  229. package/dist/authz/stores/typeorm/entities/oauth-session.entity.d.ts +0 -14
  230. package/dist/authz/stores/typeorm/entities/oauth-session.entity.d.ts.map +0 -1
  231. package/dist/authz/stores/typeorm/entities/oauth-session.entity.js +0 -65
  232. package/dist/authz/stores/typeorm/entities/oauth-session.entity.js.map +0 -1
  233. package/dist/authz/stores/typeorm/entities/user-profile.entity.d.ts +0 -13
  234. package/dist/authz/stores/typeorm/entities/user-profile.entity.d.ts.map +0 -1
  235. package/dist/authz/stores/typeorm/entities/user-profile.entity.js +0 -62
  236. package/dist/authz/stores/typeorm/entities/user-profile.entity.js.map +0 -1
  237. package/dist/authz/stores/typeorm/typeorm-store.service.d.ts +0 -28
  238. package/dist/authz/stores/typeorm/typeorm-store.service.d.ts.map +0 -1
  239. package/dist/authz/stores/typeorm/typeorm-store.service.js +0 -138
  240. package/dist/authz/stores/typeorm/typeorm-store.service.js.map +0 -1
  241. package/dist/mcp/constants/feature-registration.constants.d.ts +0 -7
  242. package/dist/mcp/constants/feature-registration.constants.d.ts.map +0 -1
  243. package/dist/mcp/constants/feature-registration.constants.js +0 -5
  244. package/dist/mcp/constants/feature-registration.constants.js.map +0 -1
  245. package/dist/mcp/decorators/tool-guards.decorator.d.ts +0 -12
  246. package/dist/mcp/decorators/tool-guards.decorator.d.ts.map +0 -1
  247. package/dist/mcp/decorators/tool-guards.decorator.js +0 -13
  248. package/dist/mcp/decorators/tool-guards.decorator.js.map +0 -1
  249. package/dist/mcp/interfaces/mcp-options.interface.d.ts +0 -53
  250. package/dist/mcp/interfaces/mcp-options.interface.d.ts.map +0 -1
  251. package/dist/mcp/interfaces/mcp-options.interface.js +0 -10
  252. package/dist/mcp/interfaces/mcp-options.interface.js.map +0 -1
  253. package/dist/mcp/mcp.module.d.ts +0 -15
  254. package/dist/mcp/mcp.module.d.ts.map +0 -1
  255. package/dist/mcp/mcp.module.js +0 -248
  256. package/dist/mcp/mcp.module.js.map +0 -1
  257. package/dist/mcp/services/handlers/mcp-handler.base.d.ts +0 -117
  258. package/dist/mcp/services/handlers/mcp-handler.base.d.ts.map +0 -1
  259. package/dist/mcp/services/handlers/mcp-handler.base.js +0 -125
  260. package/dist/mcp/services/handlers/mcp-handler.base.js.map +0 -1
  261. package/dist/mcp/services/handlers/mcp-prompts.handler.d.ts +0 -12
  262. package/dist/mcp/services/handlers/mcp-prompts.handler.d.ts.map +0 -1
  263. package/dist/mcp/services/handlers/mcp-prompts.handler.js +0 -98
  264. package/dist/mcp/services/handlers/mcp-prompts.handler.js.map +0 -1
  265. package/dist/mcp/services/handlers/mcp-resources.handler.d.ts +0 -13
  266. package/dist/mcp/services/handlers/mcp-resources.handler.d.ts.map +0 -1
  267. package/dist/mcp/services/handlers/mcp-resources.handler.js +0 -117
  268. package/dist/mcp/services/handlers/mcp-resources.handler.js.map +0 -1
  269. package/dist/mcp/services/handlers/mcp-tools.handler.d.ts +0 -22
  270. package/dist/mcp/services/handlers/mcp-tools.handler.d.ts.map +0 -1
  271. package/dist/mcp/services/handlers/mcp-tools.handler.js +0 -258
  272. package/dist/mcp/services/handlers/mcp-tools.handler.js.map +0 -1
  273. package/dist/mcp/services/mcp-dynamic-registry.service.d.ts +0 -26
  274. package/dist/mcp/services/mcp-dynamic-registry.service.d.ts.map +0 -1
  275. package/dist/mcp/services/mcp-dynamic-registry.service.js +0 -133
  276. package/dist/mcp/services/mcp-dynamic-registry.service.js.map +0 -1
  277. package/dist/mcp/services/mcp-executor.service.d.ts +0 -15
  278. package/dist/mcp/services/mcp-executor.service.d.ts.map +0 -1
  279. package/dist/mcp/services/mcp-executor.service.js +0 -47
  280. package/dist/mcp/services/mcp-executor.service.js.map +0 -1
  281. package/dist/mcp/services/mcp-registry-discovery.service.d.ts +0 -63
  282. package/dist/mcp/services/mcp-registry-discovery.service.d.ts.map +0 -1
  283. package/dist/mcp/services/mcp-registry-discovery.service.js +0 -397
  284. package/dist/mcp/services/mcp-registry-discovery.service.js.map +0 -1
  285. package/dist/mcp/services/mcp-sse.service.d.ts +0 -20
  286. package/dist/mcp/services/mcp-sse.service.d.ts.map +0 -1
  287. package/dist/mcp/services/mcp-sse.service.js +0 -91
  288. package/dist/mcp/services/mcp-sse.service.js.map +0 -1
  289. package/dist/mcp/services/mcp-streamable-http.service.d.ts +0 -32
  290. package/dist/mcp/services/mcp-streamable-http.service.d.ts.map +0 -1
  291. package/dist/mcp/services/mcp-streamable-http.service.js +0 -327
  292. package/dist/mcp/services/mcp-streamable-http.service.js.map +0 -1
  293. package/dist/mcp/services/sse-ping.service.d.ts +0 -23
  294. package/dist/mcp/services/sse-ping.service.d.ts.map +0 -1
  295. package/dist/mcp/services/sse-ping.service.js +0 -99
  296. package/dist/mcp/services/sse-ping.service.js.map +0 -1
  297. package/dist/mcp/transport/sse.controller.factory.d.ts +0 -14
  298. package/dist/mcp/transport/sse.controller.factory.d.ts.map +0 -1
  299. package/dist/mcp/transport/sse.controller.factory.js +0 -67
  300. package/dist/mcp/transport/sse.controller.factory.js.map +0 -1
  301. package/dist/mcp/transport/stdio.service.d.ts +0 -14
  302. package/dist/mcp/transport/stdio.service.d.ts.map +0 -1
  303. package/dist/mcp/transport/stdio.service.js +0 -66
  304. package/dist/mcp/transport/stdio.service.js.map +0 -1
  305. package/dist/mcp/transport/streamable-http.controller.factory.d.ts +0 -14
  306. package/dist/mcp/transport/streamable-http.controller.factory.d.ts.map +0 -1
  307. package/dist/mcp/transport/streamable-http.controller.factory.js +0 -74
  308. package/dist/mcp/transport/streamable-http.controller.factory.js.map +0 -1
  309. package/dist/mcp/utils/capabilities-builder.d.ts +0 -5
  310. package/dist/mcp/utils/capabilities-builder.d.ts.map +0 -1
  311. package/dist/mcp/utils/capabilities-builder.js +0 -25
  312. package/dist/mcp/utils/capabilities-builder.js.map +0 -1
  313. package/dist/mcp/utils/mcp-server.factory.d.ts +0 -6
  314. package/dist/mcp/utils/mcp-server.factory.d.ts.map +0 -1
  315. package/dist/mcp/utils/mcp-server.factory.js +0 -22
  316. package/dist/mcp/utils/mcp-server.factory.js.map +0 -1
  317. package/src/authz/guards/jwt-auth.guard.ts +0 -127
  318. package/src/authz/index.ts +0 -10
  319. package/src/authz/interfaces/oauth-common.interface.ts +0 -21
  320. package/src/authz/interfaces/request-with-user.ts +0 -16
  321. package/src/authz/mcp-oauth.controller.ts +0 -860
  322. package/src/authz/mcp-oauth.module.ts +0 -384
  323. package/src/authz/providers/azure-ad.provider.ts +0 -40
  324. package/src/authz/providers/github.provider.ts +0 -22
  325. package/src/authz/providers/google.provider.ts +0 -23
  326. package/src/authz/providers/oauth-provider.interface.ts +0 -147
  327. package/src/authz/services/client.service.ts +0 -125
  328. package/src/authz/services/jwt-token.service.spec.ts +0 -67
  329. package/src/authz/services/jwt-token.service.ts +0 -188
  330. package/src/authz/services/oauth-strategy.service.ts +0 -64
  331. package/src/authz/stores/memory-store.service.spec.ts +0 -475
  332. package/src/authz/stores/memory-store.service.ts +0 -141
  333. package/src/authz/stores/oauth-store.interface.ts +0 -131
  334. package/src/authz/stores/typeorm/README.md +0 -140
  335. package/src/authz/stores/typeorm/constants.ts +0 -6
  336. package/src/authz/stores/typeorm/entities/authorization-code.entity.ts +0 -41
  337. package/src/authz/stores/typeorm/entities/index.ts +0 -4
  338. package/src/authz/stores/typeorm/entities/oauth-client.entity.ts +0 -53
  339. package/src/authz/stores/typeorm/entities/oauth-session.entity.ts +0 -38
  340. package/src/authz/stores/typeorm/entities/user-profile.entity.ts +0 -46
  341. package/src/authz/stores/typeorm/typeorm-store.service.spec.ts +0 -494
  342. package/src/authz/stores/typeorm/typeorm-store.service.ts +0 -165
  343. package/src/mcp/constants/feature-registration.constants.ts +0 -24
  344. package/src/mcp/decorators/tool-guards.decorator.ts +0 -82
  345. package/src/mcp/interfaces/mcp-options.interface.ts +0 -95
  346. package/src/mcp/mcp.module.ts +0 -349
  347. package/src/mcp/services/handlers/mcp-handler.base.ts +0 -203
  348. package/src/mcp/services/handlers/mcp-prompts.handler.ts +0 -143
  349. package/src/mcp/services/handlers/mcp-resources.handler.ts +0 -183
  350. package/src/mcp/services/handlers/mcp-tools.handler.spec.ts +0 -41
  351. package/src/mcp/services/handlers/mcp-tools.handler.ts +0 -436
  352. package/src/mcp/services/mcp-dynamic-registry.service.ts +0 -236
  353. package/src/mcp/services/mcp-executor.service.ts +0 -64
  354. package/src/mcp/services/mcp-registry-discovery.service.spec.ts +0 -306
  355. package/src/mcp/services/mcp-registry-discovery.service.ts +0 -849
  356. package/src/mcp/services/mcp-sse.service.ts +0 -124
  357. package/src/mcp/services/mcp-streamable-http.service.ts +0 -472
  358. package/src/mcp/services/sse-ping.service.ts +0 -144
  359. package/src/mcp/transport/custom-decorator.spec.ts +0 -75
  360. package/src/mcp/transport/sse.controller.factory.ts +0 -84
  361. package/src/mcp/transport/stdio.service.ts +0 -75
  362. package/src/mcp/transport/streamable-http.controller.factory.ts +0 -80
  363. package/src/mcp/utils/capabilities-builder.ts +0 -43
  364. package/src/mcp/utils/mcp-server.factory.ts +0 -33
@@ -1,384 +0,0 @@
1
- import { DynamicModule, Module } from '@nestjs/common';
2
- import { ConfigModule } from '@nestjs/config';
3
- import { JwtModule } from '@nestjs/jwt';
4
- import { PassportModule } from '@nestjs/passport';
5
- import { McpAuthJwtGuard } from './guards/jwt-auth.guard';
6
- import { createMcpOAuthController } from './mcp-oauth.controller';
7
- import type {
8
- OAuthUserModuleOptions as AuthUserModuleOptions,
9
- OAuthEndpointConfiguration,
10
- OAuthModuleDefaults,
11
- OAuthModuleOptions,
12
- } from './providers/oauth-provider.interface';
13
- import { ClientService } from './services/client.service';
14
- import { JwtTokenService } from './services/jwt-token.service';
15
- import { OAuthStrategyService } from './services/oauth-strategy.service';
16
- import { MemoryStore } from './stores/memory-store.service';
17
- import { normalizeEndpoint } from '../mcp/utils/normalize-endpoint';
18
- import { OAUTH_TYPEORM_CONNECTION_NAME } from './stores/typeorm/constants';
19
-
20
- let authInstanceIdCounter = 0;
21
-
22
- // Default configuration values
23
- export const DEFAULT_OPTIONS: OAuthModuleDefaults = {
24
- serverUrl: 'http://localhost:3000',
25
- resource: 'http://localhost:3000/mcp',
26
- jwtIssuer: 'http://localhost:3000',
27
- jwtAudience: 'mcp-client',
28
- jwtAccessTokenExpiresIn: '1d',
29
- jwtRefreshTokenExpiresIn: '30d',
30
- enableRefreshTokens: true,
31
- cookieMaxAge: 24 * 60 * 60 * 1000, // 24 hours
32
- oauthSessionExpiresIn: 10 * 60 * 1000, // 10 minutes
33
- authCodeExpiresIn: 10 * 60 * 1000, // 10 minutes
34
- nodeEnv: 'development',
35
- apiPrefix: '',
36
- endpoints: {
37
- wellKnownAuthorizationServerMetadata:
38
- '/.well-known/oauth-authorization-server',
39
- wellKnownProtectedResourceMetadata: '/.well-known/oauth-protected-resource',
40
- register: '/register',
41
- authorize: '/authorize',
42
- callback: '/callback',
43
- token: '/token',
44
- revoke: '/revoke',
45
- },
46
- disableEndpoints: {
47
- wellKnownAuthorizationServerMetadata: false,
48
- wellKnownProtectedResourceMetadata: false,
49
- },
50
- protectedResourceMetadata: {
51
- scopesSupported: ['offline_access'],
52
- bearerMethodsSupported: ['header'],
53
- mcpVersionsSupported: ['2025-06-18'],
54
- },
55
- authorizationServerMetadata: {
56
- responseTypesSupported: ['code'],
57
- responseModesSupported: ['query'],
58
- grantTypesSupported: ['authorization_code', 'refresh_token'],
59
- tokenEndpointAuthMethodsSupported: [
60
- 'client_secret_basic',
61
- 'client_secret_post',
62
- 'none',
63
- ],
64
- scopesSupported: ['offline_access'],
65
- codeChallengeMethodsSupported: ['plain', 'S256'],
66
- },
67
- };
68
-
69
- @Module({})
70
- export class McpAuthModule {
71
- /**
72
- * To avoid import circular dependency issues, we use a marker property.
73
- */
74
- readonly __isMcpAuthModule = true;
75
-
76
- static forRoot(options: AuthUserModuleOptions): DynamicModule {
77
- // Create a unique instance ID for this auth module
78
- const authModuleId = `mcp-auth-module-${authInstanceIdCounter++}`;
79
-
80
- // Merge user options with defaults and validate
81
- const resolvedOptions = this.mergeAndValidateOptions(
82
- DEFAULT_OPTIONS,
83
- options,
84
- );
85
-
86
- resolvedOptions.endpoints = prepareEndpoints(
87
- resolvedOptions.apiPrefix,
88
- DEFAULT_OPTIONS.endpoints,
89
- options.endpoints || {},
90
- );
91
-
92
- // Use instance-scoped token for OAuth options
93
- const oauthModuleOptionsToken = `OAUTH_MODULE_OPTIONS_${authModuleId}`;
94
- const oauthModuleOptions = {
95
- provide: oauthModuleOptionsToken,
96
- useValue: resolvedOptions,
97
- };
98
-
99
- // Determine imports based on configuration
100
- const imports = [
101
- ConfigModule,
102
- PassportModule.register({
103
- defaultStrategy: 'jwt',
104
- session: false,
105
- }),
106
- JwtModule.register({
107
- secret: resolvedOptions.jwtSecret,
108
- signOptions: {
109
- issuer: resolvedOptions.jwtIssuer,
110
- audience: resolvedOptions.jwtAudience,
111
- },
112
- }),
113
- ];
114
-
115
- // Add TypeORM configuration if using TypeORM store
116
- const storeConfig = resolvedOptions.storeConfiguration;
117
- const isTypeOrmStore = storeConfig?.type === 'typeorm';
118
- if (isTypeOrmStore) {
119
- const typeormOptions = storeConfig.options;
120
- try {
121
- // Require TypeORM-related modules only when needed
122
- // eslint-disable-next-line @typescript-eslint/no-require-imports
123
- const { TypeOrmModule } = require('@nestjs/typeorm');
124
- const {
125
- OAuthClientEntity,
126
- AuthorizationCodeEntity,
127
- OAuthSessionEntity,
128
- OAuthUserProfileEntity,
129
- // eslint-disable-next-line @typescript-eslint/no-require-imports
130
- } = require('./stores/typeorm/entities');
131
-
132
- imports.push(
133
- TypeOrmModule.forRoot({
134
- ...typeormOptions,
135
- // Use a unique connection name for the OAuth store to avoid clashes
136
- name: OAUTH_TYPEORM_CONNECTION_NAME,
137
- entities: [
138
- OAuthClientEntity,
139
- AuthorizationCodeEntity,
140
- OAuthSessionEntity,
141
- OAuthUserProfileEntity,
142
- ],
143
- }),
144
- TypeOrmModule.forFeature(
145
- [
146
- OAuthClientEntity,
147
- AuthorizationCodeEntity,
148
- OAuthSessionEntity,
149
- OAuthUserProfileEntity,
150
- ],
151
- OAUTH_TYPEORM_CONNECTION_NAME,
152
- ),
153
- );
154
- } catch (err) {
155
- throw new Error(
156
- "To use the TypeORM store, please install '@nestjs/typeorm' and 'typeorm'.",
157
- );
158
- }
159
- }
160
-
161
- // Create store provider based on configuration with instance-scoped token
162
- const oauthStoreToken = `IOAuthStore_${authModuleId}`;
163
- const oauthStoreProvider = this.createStoreProvider(
164
- resolvedOptions.storeConfiguration,
165
- oauthStoreToken,
166
- );
167
-
168
- // Create alias for compatibility with injection
169
- const oauthStoreAliasProvider = {
170
- provide: MemoryStore,
171
- useExisting: oauthStoreToken,
172
- };
173
-
174
- const providers: any[] = [
175
- {
176
- provide: 'OAUTH_MODULE_ID',
177
- useValue: authModuleId,
178
- },
179
- oauthModuleOptions,
180
- oauthStoreProvider,
181
- oauthStoreAliasProvider,
182
- // Provide backward-compatible tokens as aliases
183
- {
184
- provide: 'OAUTH_MODULE_OPTIONS',
185
- useExisting: oauthModuleOptionsToken,
186
- },
187
- {
188
- provide: 'IOAuthStore',
189
- useExisting: oauthStoreToken,
190
- },
191
- // Provide services using their class tokens
192
- OAuthStrategyService,
193
- ClientService,
194
- JwtTokenService,
195
- McpAuthJwtGuard,
196
- ];
197
-
198
- // No additional providers needed for TypeORM store - provider is created dynamically
199
-
200
- // Create controller with apiPrefix, passing the instance-scoped tokens
201
- const OAuthControllerClass = createMcpOAuthController(
202
- resolvedOptions.endpoints,
203
- {
204
- disableWellKnownAuthorizationServerMetadata:
205
- resolvedOptions.disableEndpoints
206
- .wellKnownAuthorizationServerMetadata ?? false,
207
- disableWellKnownProtectedResourceMetadata:
208
- resolvedOptions.disableEndpoints.wellKnownProtectedResourceMetadata ??
209
- false,
210
- },
211
- authModuleId,
212
- );
213
-
214
- return {
215
- module: McpAuthModule,
216
- imports,
217
- controllers: [OAuthControllerClass],
218
- providers,
219
- exports: [
220
- 'OAUTH_MODULE_ID',
221
- 'OAUTH_MODULE_OPTIONS',
222
- 'IOAuthStore',
223
- JwtTokenService,
224
- ClientService,
225
- OAuthStrategyService,
226
- McpAuthJwtGuard,
227
- MemoryStore,
228
- ],
229
- };
230
- }
231
-
232
- private static mergeAndValidateOptions(
233
- defaults: OAuthModuleDefaults,
234
- options: AuthUserModuleOptions,
235
- ): OAuthModuleOptions {
236
- // Validate required options first
237
- this.validateRequiredOptions(options);
238
-
239
- // Merge with defaults
240
- const resolvedOptions: OAuthModuleOptions = {
241
- ...defaults,
242
- ...options,
243
- // Ensure jwtIssuer defaults to serverUrl if not provided
244
- jwtIssuer:
245
- options.jwtIssuer || options.serverUrl || DEFAULT_OPTIONS.jwtIssuer,
246
- cookieSecure:
247
- options.cookieSecure || process.env.NODE_ENV === 'production',
248
- // Merge protectedResourceMetadata with defaults
249
- protectedResourceMetadata: {
250
- ...defaults.protectedResourceMetadata,
251
- ...options.protectedResourceMetadata,
252
- },
253
- // Merge authorizationServerMetadata with defaults
254
- authorizationServerMetadata: {
255
- ...defaults.authorizationServerMetadata,
256
- ...options.authorizationServerMetadata,
257
- },
258
- // Merge disableEndpoints with defaults
259
- disableEndpoints: {
260
- ...defaults.disableEndpoints,
261
- ...(options.disableEndpoints || {}),
262
- },
263
- };
264
-
265
- if (!resolvedOptions.enableRefreshTokens) {
266
- resolvedOptions.authorizationServerMetadata.grantTypesSupported =
267
- resolvedOptions.authorizationServerMetadata.grantTypesSupported.filter(
268
- (g) => g !== 'refresh_token',
269
- );
270
- resolvedOptions.protectedResourceMetadata.scopesSupported =
271
- resolvedOptions.protectedResourceMetadata.scopesSupported.filter(
272
- (s) => s !== 'offline_access',
273
- );
274
- }
275
-
276
- // Final validation of resolved options
277
- this.validateResolvedOptions(resolvedOptions);
278
-
279
- return resolvedOptions;
280
- }
281
-
282
- private static validateRequiredOptions(options: AuthUserModuleOptions): void {
283
- const requiredFields: (keyof AuthUserModuleOptions)[] = [
284
- 'provider',
285
- 'clientId',
286
- 'clientSecret',
287
- 'jwtSecret',
288
- ];
289
-
290
- for (const field of requiredFields) {
291
- if (!options[field]) {
292
- throw new Error(
293
- `OAuthModuleOptions: ${String(field)} is required and must be provided by the user`,
294
- );
295
- }
296
- }
297
- }
298
-
299
- private static validateResolvedOptions(options: OAuthModuleOptions): void {
300
- // Validate JWT secret is strong enough
301
- if (options.jwtSecret.length < 32) {
302
- throw new Error(
303
- 'OAuthModuleOptions: jwtSecret must be at least 32 characters long',
304
- );
305
- }
306
-
307
- // Validate URLs are proper format
308
- try {
309
- new URL(options.serverUrl);
310
- new URL(options.jwtIssuer);
311
- } catch {
312
- throw new Error(
313
- 'OAuthModuleOptions: serverUrl and jwtIssuer must be valid URLs',
314
- );
315
- }
316
-
317
- // Validate provider configuration
318
- if (!options.provider.name || !options.provider.strategy) {
319
- throw new Error(
320
- 'OAuthModuleOptions: provider must have name and strategy',
321
- );
322
- }
323
- }
324
-
325
- private static createStoreProvider(
326
- storeConfiguration: OAuthModuleOptions['storeConfiguration'],
327
- provideToken: string,
328
- ) {
329
- if (!storeConfiguration || storeConfiguration.type === 'memory') {
330
- // Default memory store
331
- return {
332
- provide: provideToken,
333
- useValue: new MemoryStore(),
334
- };
335
- }
336
-
337
- if (storeConfiguration.type === 'typeorm') {
338
- // TypeORM store
339
- const {
340
- TypeOrmStore,
341
- // eslint-disable-next-line @typescript-eslint/no-require-imports
342
- } = require('./stores/typeorm/typeorm-store.service');
343
- return {
344
- provide: provideToken,
345
- useClass: TypeOrmStore,
346
- };
347
- }
348
-
349
- if (storeConfiguration.type === 'custom') {
350
- // Custom store
351
- return {
352
- provide: provideToken,
353
- useValue: storeConfiguration.store,
354
- };
355
- }
356
-
357
- throw new Error(
358
- `Unknown store configuration type: ${(storeConfiguration as any).type}`,
359
- );
360
- }
361
- }
362
-
363
- function prepareEndpoints(
364
- apiPrefix: string,
365
- defaultEndpoints: OAuthEndpointConfiguration,
366
- configuredEndpoints: OAuthEndpointConfiguration,
367
- ) {
368
- const updatedDefaultEndpoints = {
369
- wellKnownAuthorizationServerMetadata:
370
- defaultEndpoints.wellKnownAuthorizationServerMetadata,
371
- wellKnownProtectedResourceMetadata:
372
- defaultEndpoints.wellKnownProtectedResourceMetadata,
373
- callback: normalizeEndpoint(`/${apiPrefix}/${defaultEndpoints.callback}`),
374
- token: normalizeEndpoint(`/${apiPrefix}/${defaultEndpoints.token}`),
375
- revoke: normalizeEndpoint(`/${apiPrefix}/${defaultEndpoints.revoke}`),
376
- authorize: normalizeEndpoint(`/${apiPrefix}/${defaultEndpoints.authorize}`),
377
- register: normalizeEndpoint(`/${apiPrefix}/${defaultEndpoints.register}`),
378
- } as OAuthEndpointConfiguration;
379
-
380
- return {
381
- ...updatedDefaultEndpoints,
382
- ...configuredEndpoints,
383
- };
384
- }
@@ -1,40 +0,0 @@
1
- import { Strategy } from 'passport-azure-ad-oauth2';
2
- import { normalizeEndpoint } from '../../mcp/utils/normalize-endpoint';
3
- import { OAuthProviderConfig } from './oauth-provider.interface';
4
-
5
- export const AzureADOAuthProvider: OAuthProviderConfig = {
6
- name: 'azure-ad',
7
- displayName: 'Microsoft Azure AD',
8
- strategy: Strategy,
9
- strategyOptions: ({ serverUrl, clientId, clientSecret, callbackPath }) => ({
10
- clientID: clientId,
11
- clientSecret: clientSecret,
12
- callbackURL: normalizeEndpoint(`${serverUrl}/${callbackPath}`),
13
- tenant: 'common', // Can be overridden via custom configuration
14
- resource: 'https://graph.microsoft.com/', // Microsoft Graph API
15
- }),
16
- scope: ['openid', 'profile', 'email', 'User.Read'],
17
- profileMapper: (profile) => {
18
- // Azure AD profile structure from Microsoft Graph
19
- const azureProfile = profile._json || profile;
20
-
21
- return {
22
- id: azureProfile.id || azureProfile.oid || profile.id,
23
- username:
24
- azureProfile.preferred_username ||
25
- azureProfile.userPrincipalName ||
26
- azureProfile.mail ||
27
- azureProfile.email ||
28
- profile.username,
29
- email:
30
- azureProfile.mail ||
31
- azureProfile.userPrincipalName ||
32
- azureProfile.email ||
33
- profile.emails?.[0]?.value,
34
- displayName:
35
- azureProfile.displayName || azureProfile.name || profile.displayName,
36
- avatarUrl: azureProfile.photo || profile.photos?.[0]?.value,
37
- raw: profile,
38
- };
39
- },
40
- };
@@ -1,22 +0,0 @@
1
- import { normalizeEndpoint } from '../../mcp/utils/normalize-endpoint';
2
- import { OAuthProviderConfig } from './oauth-provider.interface';
3
- import { Strategy } from 'passport-github';
4
-
5
- export const GitHubOAuthProvider: OAuthProviderConfig = {
6
- name: 'github',
7
- strategy: Strategy,
8
- strategyOptions: ({ serverUrl, clientId, clientSecret, callbackPath }) => ({
9
- clientID: clientId,
10
- clientSecret: clientSecret,
11
- callbackURL: normalizeEndpoint(`${serverUrl}/${callbackPath}`),
12
- }),
13
- scope: ['user:email'],
14
- profileMapper: (profile) => ({
15
- id: profile.id,
16
- username: profile.username || profile.login,
17
- email: profile.emails?.[0]?.value,
18
- displayName: profile.displayName || profile.name,
19
- avatarUrl: profile.photos?.[0]?.value || profile.avatar_url,
20
- raw: profile,
21
- }),
22
- };
@@ -1,23 +0,0 @@
1
- import { Strategy } from 'passport-google-oauth20';
2
- import { normalizeEndpoint } from '../../mcp/utils/normalize-endpoint';
3
- import { OAuthProviderConfig } from './oauth-provider.interface';
4
-
5
- export const GoogleOAuthProvider: OAuthProviderConfig = {
6
- name: 'google',
7
- strategy: Strategy,
8
- strategyOptions: ({ serverUrl, clientId, clientSecret, callbackPath }) => ({
9
- clientID: clientId,
10
- clientSecret: clientSecret,
11
- callbackURL: normalizeEndpoint(`${serverUrl}/${callbackPath}`),
12
- scope: ['profile', 'email'],
13
- }),
14
- scope: ['profile', 'email'],
15
- profileMapper: (profile) => ({
16
- id: profile.id,
17
- username: profile.emails?.[0]?.value?.split('@')[0] || profile.id,
18
- email: profile.emails?.[0]?.value,
19
- displayName: profile.displayName,
20
- avatarUrl: profile.photos?.[0]?.value,
21
- raw: profile,
22
- }),
23
- };
@@ -1,147 +0,0 @@
1
- import type { IOAuthStore } from '../stores/oauth-store.interface';
2
- import type {
3
- OAuthSession,
4
- OAuthUserProfile,
5
- } from '../interfaces/oauth-common.interface';
6
-
7
- // Re-export common interfaces
8
- export type { OAuthSession, OAuthUserProfile };
9
-
10
- // Define a minimal placeholder for TypeORM options so the type remains
11
- // available without requiring the optional `@nestjs/typeorm` package.
12
- // Consumers who use the TypeORM store should install the package to get
13
- // the full type definitions.
14
- type TypeOrmModuleOptions = Record<string, unknown>;
15
-
16
- export interface OAuthProviderConfig {
17
- name: string;
18
- displayName?: string;
19
- strategy: any; // Passport Strategy constructor
20
- strategyOptions: (options: {
21
- serverUrl: string;
22
- clientId: string;
23
- clientSecret: string;
24
- callbackPath?: string; // Optional custom callback path
25
- }) => any;
26
- scope?: string[];
27
- profileMapper: (profile: any) => OAuthUserProfile;
28
- }
29
-
30
- // Store configuration union type
31
- export type StoreConfiguration =
32
- | { type: 'typeorm'; options: TypeOrmModuleOptions }
33
- | { type: 'custom'; store: IOAuthStore }
34
- | { type: 'memory' }
35
- | undefined; // Default to memory store
36
-
37
- export interface OAuthEndpointConfiguration {
38
- wellKnownAuthorizationServerMetadata?: string; // Default: '/.well-known/oauth-authorization-server'
39
- wellKnownProtectedResourceMetadata?: string | string[]; // Default: '/.well-known/oauth-protected-resource'
40
- register?: string; // Default: '/register'
41
- authorize?: string; // Default: '/authorize'
42
- callback?: string; // Default: '/callback'
43
- token?: string; // Default: '/token'
44
- revoke?: string; // Default: '/revoke'
45
- }
46
-
47
- export interface OAuthEndpointDisableOptions {
48
- wellKnownAuthorizationServerMetadata?: boolean;
49
- wellKnownProtectedResourceMetadata?: boolean;
50
- }
51
-
52
- export interface OAuthUserModuleOptions {
53
- provider: OAuthProviderConfig;
54
-
55
- // Required OAuth Provider Credentials
56
- clientId: string;
57
- clientSecret: string;
58
-
59
- // Required JWT Configuration
60
- jwtSecret: string;
61
-
62
- // Server Configuration
63
- serverUrl?: string;
64
- resource?: string; // should be the endpoint clients connect to, e.g.: 'https://localhost:3000/mcp'
65
- // JWT Configuration
66
- jwtIssuer?: string;
67
- jwtAudience?: string;
68
- jwtAccessTokenExpiresIn?: string;
69
- jwtRefreshTokenExpiresIn?: string;
70
- enableRefreshTokens?: boolean;
71
-
72
- // Cookie Configuration
73
- cookieSecure?: boolean;
74
- cookieMaxAge?: number;
75
-
76
- // OAuth Session Configuration
77
- oauthSessionExpiresIn?: number; // in milliseconds
78
- authCodeExpiresIn?: number; // in milliseconds
79
-
80
- // Protected Resource Metadata Configuration
81
- protectedResourceMetadata?: {
82
- scopesSupported?: string[];
83
- bearerMethodsSupported?: string[];
84
- mcpVersionsSupported?: string[];
85
- };
86
-
87
- // Authorization Server Metadata Configuration
88
- authorizationServerMetadata?: {
89
- responseTypesSupported?: string[];
90
- responseModesSupported?: string[];
91
- grantTypesSupported?: string[];
92
- tokenEndpointAuthMethodsSupported?: string[];
93
- scopesSupported?: string[];
94
- codeChallengeMethodsSupported?: string[];
95
- };
96
-
97
- // Storage Configuration - single property for all storage options
98
- storeConfiguration?: StoreConfiguration;
99
- apiPrefix?: string;
100
-
101
- // Endpoint Configuration
102
- endpoints?: OAuthEndpointConfiguration;
103
- disableEndpoints?: OAuthEndpointDisableOptions;
104
- }
105
-
106
- export interface OAuthModuleDefaults {
107
- serverUrl: string;
108
- resource: string; // Default resource URL
109
- jwtIssuer: string;
110
- jwtAudience: string;
111
- jwtAccessTokenExpiresIn: string;
112
- jwtRefreshTokenExpiresIn: string;
113
- enableRefreshTokens: boolean;
114
- cookieMaxAge: number;
115
- oauthSessionExpiresIn: number;
116
- authCodeExpiresIn: number;
117
- nodeEnv: string;
118
- apiPrefix: string;
119
- endpoints: OAuthEndpointConfiguration;
120
- disableEndpoints: OAuthEndpointDisableOptions;
121
- protectedResourceMetadata: {
122
- scopesSupported: string[];
123
- bearerMethodsSupported: string[];
124
- mcpVersionsSupported: string[];
125
- };
126
- authorizationServerMetadata: {
127
- responseTypesSupported: string[];
128
- responseModesSupported: string[];
129
- grantTypesSupported: string[];
130
- tokenEndpointAuthMethodsSupported: string[];
131
- scopesSupported: string[];
132
- codeChallengeMethodsSupported: string[];
133
- };
134
- }
135
-
136
- // Resolved options after merging with defaults
137
- export type OAuthModuleOptions = Required<
138
- Pick<
139
- OAuthUserModuleOptions,
140
- 'provider' | 'clientId' | 'clientSecret' | 'jwtSecret'
141
- >
142
- > &
143
- Required<OAuthModuleDefaults> & {
144
- // Optional fields that may remain undefined
145
- cookieSecure: boolean;
146
- storeConfiguration?: StoreConfiguration;
147
- };