@sanctuary-framework/mcp-server 1.1.1 → 1.1.2

package/dist/index.d.cts

@@ -5495,6 +5495,23 @@ interface DashboardHandle {
      * `agent_id`.
      */
     publishAgentStatus: (snapshot: unknown) => void;
+    /**
+     * v1.1.2 hotfix (Finding V): bind v1.1 hub bindings to this dashboard
+     * instance so /v1.1, /api/hub/*, and /api/identities serve the v1.1
+     * surface. Pass null to detach. PR #82 wired these routes only on the
+     * principal-policy DashboardApprovalChannel; the wrap-auto operator
+     * dashboard (this server) needed the same wiring for the wrap-emitted
+     * URL to expose the v1.1 surfaces the v1.1.1 release notes claim.
+     */
+    setV11Bindings: (bindings: V11Bindings | null) => void;
+    /**
+     * v1.1.2: enable loopback auto-auth for /api/hub/* + /api/identities.
+     * When true, requests from 127.0.0.1 / ::1 bypass the bearer-token
+     * check (mirrors the principal-policy dashboard's _autoAuthLocalhost
+     * flag). Set true when the dashboard binds to a loopback host and the
+     * caller has independently authenticated the operator.
+     */
+    setV11LoopbackAutoAuth: (enabled: boolean) => void;
 }
 declare function startDashboardServer(options: DashboardServerOptions): Promise<DashboardHandle>;
 

package/dist/index.d.ts

@@ -5495,6 +5495,23 @@ interface DashboardHandle {
      * `agent_id`.
      */
     publishAgentStatus: (snapshot: unknown) => void;
+    /**
+     * v1.1.2 hotfix (Finding V): bind v1.1 hub bindings to this dashboard
+     * instance so /v1.1, /api/hub/*, and /api/identities serve the v1.1
+     * surface. Pass null to detach. PR #82 wired these routes only on the
+     * principal-policy DashboardApprovalChannel; the wrap-auto operator
+     * dashboard (this server) needed the same wiring for the wrap-emitted
+     * URL to expose the v1.1 surfaces the v1.1.1 release notes claim.
+     */
+    setV11Bindings: (bindings: V11Bindings | null) => void;
+    /**
+     * v1.1.2: enable loopback auto-auth for /api/hub/* + /api/identities.
+     * When true, requests from 127.0.0.1 / ::1 bypass the bearer-token
+     * check (mirrors the principal-policy dashboard's _autoAuthLocalhost
+     * flag). Set true when the dashboard binds to a loopback host and the
+     * caller has independently authenticated the operator.
+     */
+    setV11LoopbackAutoAuth: (enabled: boolean) => void;
 }
 declare function startDashboardServer(options: DashboardServerOptions): Promise<DashboardHandle>;
 

package/dist/index.js

@@ -11138,6 +11138,20 @@ async function handleRequest(deps, req, res) {
   const url = new URL(req.url ?? "/", `http://${host}`);
   const method = (req.method ?? "GET").toUpperCase();
   const path = url.pathname;
+  if (deps.v11Bindings) {
+    const handled = await dispatchV11Request(
+      {
+        bindings: deps.v11Bindings,
+        ...deps.authToken !== void 0 ? { authToken: deps.authToken } : {},
+        loopbackAutoAuth: deps.loopbackAutoAuth ?? false
+      },
+      req,
+      res,
+      url,
+      method
+    );
+    if (handled) return true;
+  }
   if (!isAuthorized(deps, req, url)) {
     writeJSON(res, 401, { error: "unauthorized" });
     return true;
@@ -12767,6 +12781,47 @@ function handleDashboardV11Route(deps, req, res) {
   return true;
 }
 
+// src/dashboard/v1_1/dispatch.ts
+async function dispatchV11Request(inputs, req, res, url, method) {
+  const { bindings, authToken, loopbackAutoAuth } = inputs;
+  if (method === "GET" && (url.pathname === "/v1.1" || url.pathname === "/v1.1/")) {
+    return handleDashboardV11Route(
+      {
+        identityId: bindings.identityId,
+        fortressId: bindings.fortressId,
+        ...authToken !== void 0 ? { authToken } : {}
+      },
+      req,
+      res
+    );
+  }
+  if (url.pathname.startsWith("/api/hub/")) {
+    const authConfig = {
+      loopbackAutoAuth,
+      ...authToken !== void 0 ? { authToken } : {}
+    };
+    return handleHubRoute(
+      { authConfig, service: bindings.hubService },
+      req,
+      res
+    );
+  }
+  if (method === "GET" && url.pathname === "/api/identities") {
+    const authConfig = {
+      loopbackAutoAuth,
+      ...authToken !== void 0 ? { authToken } : {}
+    };
+    const aliasReq = Object.create(req);
+    aliasReq.url = "/api/hub/agents" + url.search;
+    return handleHubRoute(
+      { authConfig, service: bindings.hubService },
+      aliasReq,
+      res
+    );
+  }
+  return false;
+}
+
 // src/principal-policy/dashboard.ts
 var SESSION_TTL_REMOTE_MS = 5 * 60 * 1e3;
 var SESSION_TTL_LOCAL_MS = 24 * 60 * 60 * 1e3;
@@ -12893,45 +12948,17 @@ var DashboardApprovalChannel = class {
    */
   async dispatchV11(req, res, url, method) {
     if (!this.v11Bindings) return false;
-    if (method === "GET" && (url.pathname === "/v1.1" || url.pathname === "/v1.1/")) {
-      const handled = handleDashboardV11Route(
-        {
-          identityId: this.v11Bindings.identityId,
-          fortressId: this.v11Bindings.fortressId,
-          ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-        },
-        req,
-        res
-      );
-      return handled;
-    }
-    if (url.pathname.startsWith("/api/hub/")) {
-      const authConfig = {
-        loopbackAutoAuth: this._autoAuthLocalhost,
-        ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-      };
-      const handled = await handleHubRoute(
-        { authConfig, service: this.v11Bindings.hubService },
-        req,
-        res
-      );
-      return handled;
-    }
-    if (method === "GET" && url.pathname === "/api/identities") {
-      const authConfig = {
-        loopbackAutoAuth: this._autoAuthLocalhost,
-        ...this.authToken !== void 0 ? { authToken: this.authToken } : {}
-      };
-      const aliasReq = Object.create(req);
-      aliasReq.url = "/api/hub/agents" + url.search;
-      const handled = await handleHubRoute(
-        { authConfig, service: this.v11Bindings.hubService },
-        aliasReq,
-        res
-      );
-      return handled;
-    }
-    return false;
+    return dispatchV11Request(
+      {
+        bindings: this.v11Bindings,
+        ...this.authToken !== void 0 ? { authToken: this.authToken } : {},
+        loopbackAutoAuth: this._autoAuthLocalhost
+      },
+      req,
+      res,
+      url,
+      method
+    );
   }
   /**
    * v0.10.2: enable (or disable) the loopback auto-auth fast path. See
@@ -28820,14 +28847,18 @@ async function startDashboardServer(options) {
       }
     }
   };
-  const deps = {
-    sources: options.sources,
-    authToken: options.authToken,
-    approvals: options.approvals,
-    onEvent
-  };
+  let v11Bindings = null;
+  let v11LoopbackAutoAuth = false;
   const server = createServer$2(async (req, res) => {
     try {
+      const deps = {
+        sources: options.sources,
+        authToken: options.authToken,
+        approvals: options.approvals,
+        onEvent,
+        v11Bindings,
+        loopbackAutoAuth: v11LoopbackAutoAuth
+      };
       const served = await handleRequest(deps, req, res);
       if (!served) {
         res.writeHead(404, { "Content-Type": "application/json" });
@@ -28865,7 +28896,13 @@ async function startDashboardServer(options) {
     publishActivity: (entry) => publish({ type: "activity", data: entry }),
     publishApproval: (approval) => publish({ type: "approval", data: approval }),
     publishInbox: (item) => publish({ type: "inbox", data: item }),
-    publishAgentStatus: (snapshot) => publish({ type: "agent_status", data: snapshot })
+    publishAgentStatus: (snapshot) => publish({ type: "agent_status", data: snapshot }),
+    setV11Bindings: (bindings) => {
+      v11Bindings = bindings;
+    },
+    setV11LoopbackAutoAuth: (enabled) => {
+      v11LoopbackAutoAuth = enabled;
+    }
   };
 }