@scupit/mcp-ecosystem 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth0/index.d.ts +3 -0
- package/dist/auth0/index.d.ts.map +1 -0
- package/dist/auth0/index.js +2 -0
- package/dist/auth0/index.js.map +1 -0
- package/dist/auth0/management-client.d.ts +78 -0
- package/dist/auth0/management-client.d.ts.map +1 -0
- package/dist/auth0/management-client.js +183 -0
- package/dist/auth0/management-client.js.map +1 -0
- package/dist/cli.d.ts +3 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +150 -0
- package/dist/cli.js.map +1 -0
- package/dist/commands/add-scope.d.ts +9 -0
- package/dist/commands/add-scope.d.ts.map +1 -0
- package/dist/commands/add-scope.js +55 -0
- package/dist/commands/add-scope.js.map +1 -0
- package/dist/commands/generate-artifacts.d.ts +10 -0
- package/dist/commands/generate-artifacts.d.ts.map +1 -0
- package/dist/commands/generate-artifacts.js +91 -0
- package/dist/commands/generate-artifacts.js.map +1 -0
- package/dist/commands/grant-client.d.ts +12 -0
- package/dist/commands/grant-client.d.ts.map +1 -0
- package/dist/commands/grant-client.js +111 -0
- package/dist/commands/grant-client.js.map +1 -0
- package/dist/commands/index.d.ts +15 -0
- package/dist/commands/index.d.ts.map +1 -0
- package/dist/commands/index.js +8 -0
- package/dist/commands/index.js.map +1 -0
- package/dist/commands/reconcile-all.d.ts +10 -0
- package/dist/commands/reconcile-all.d.ts.map +1 -0
- package/dist/commands/reconcile-all.js +58 -0
- package/dist/commands/reconcile-all.js.map +1 -0
- package/dist/commands/reconcile-client.d.ts +11 -0
- package/dist/commands/reconcile-client.d.ts.map +1 -0
- package/dist/commands/reconcile-client.js +295 -0
- package/dist/commands/reconcile-client.js.map +1 -0
- package/dist/commands/reconcile-server.d.ts +18 -0
- package/dist/commands/reconcile-server.d.ts.map +1 -0
- package/dist/commands/reconcile-server.js +213 -0
- package/dist/commands/reconcile-server.js.map +1 -0
- package/dist/commands/verify-tenant.d.ts +10 -0
- package/dist/commands/verify-tenant.d.ts.map +1 -0
- package/dist/commands/verify-tenant.js +76 -0
- package/dist/commands/verify-tenant.js.map +1 -0
- package/dist/config/index.d.ts +3 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +2 -0
- package/dist/config/index.js.map +1 -0
- package/dist/config/loader.d.ts +21 -0
- package/dist/config/loader.d.ts.map +1 -0
- package/dist/config/loader.js +181 -0
- package/dist/config/loader.js.map +1 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +7 -0
- package/dist/index.js.map +1 -0
- package/dist/mcp-runtime/auth-middleware.d.ts +27 -0
- package/dist/mcp-runtime/auth-middleware.d.ts.map +1 -0
- package/dist/mcp-runtime/auth-middleware.js +88 -0
- package/dist/mcp-runtime/auth-middleware.js.map +1 -0
- package/dist/mcp-runtime/index.d.ts +9 -0
- package/dist/mcp-runtime/index.d.ts.map +1 -0
- package/dist/mcp-runtime/index.js +5 -0
- package/dist/mcp-runtime/index.js.map +1 -0
- package/dist/mcp-runtime/protected-resource-metadata.d.ts +20 -0
- package/dist/mcp-runtime/protected-resource-metadata.d.ts.map +1 -0
- package/dist/mcp-runtime/protected-resource-metadata.js +30 -0
- package/dist/mcp-runtime/protected-resource-metadata.js.map +1 -0
- package/dist/mcp-runtime/token-validator.d.ts +32 -0
- package/dist/mcp-runtime/token-validator.d.ts.map +1 -0
- package/dist/mcp-runtime/token-validator.js +59 -0
- package/dist/mcp-runtime/token-validator.js.map +1 -0
- package/dist/mcp-runtime/www-authenticate.d.ts +19 -0
- package/dist/mcp-runtime/www-authenticate.d.ts.map +1 -0
- package/dist/mcp-runtime/www-authenticate.js +39 -0
- package/dist/mcp-runtime/www-authenticate.js.map +1 -0
- package/dist/mcp-server/create-server.d.ts +44 -0
- package/dist/mcp-server/create-server.d.ts.map +1 -0
- package/dist/mcp-server/create-server.js +73 -0
- package/dist/mcp-server/create-server.js.map +1 -0
- package/dist/mcp-server/index.d.ts +3 -0
- package/dist/mcp-server/index.d.ts.map +1 -0
- package/dist/mcp-server/index.js +2 -0
- package/dist/mcp-server/index.js.map +1 -0
- package/dist/types/auth0-responses.d.ts +46 -0
- package/dist/types/auth0-responses.d.ts.map +1 -0
- package/dist/types/auth0-responses.js +6 -0
- package/dist/types/auth0-responses.js.map +1 -0
- package/dist/types/client-config.d.ts +96 -0
- package/dist/types/client-config.d.ts.map +1 -0
- package/dist/types/client-config.js +32 -0
- package/dist/types/client-config.js.map +1 -0
- package/dist/types/client-descriptor.d.ts +45 -0
- package/dist/types/client-descriptor.d.ts.map +1 -0
- package/dist/types/client-descriptor.js +22 -0
- package/dist/types/client-descriptor.js.map +1 -0
- package/dist/types/ecosystem-config.d.ts +210 -0
- package/dist/types/ecosystem-config.d.ts.map +1 -0
- package/dist/types/ecosystem-config.js +64 -0
- package/dist/types/ecosystem-config.js.map +1 -0
- package/dist/types/index.d.ts +10 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +5 -0
- package/dist/types/index.js.map +1 -0
- package/dist/types/server-config.d.ts +73 -0
- package/dist/types/server-config.d.ts.map +1 -0
- package/dist/types/server-config.js +30 -0
- package/dist/types/server-config.js.map +1 -0
- package/dist/utils/context.d.ts +19 -0
- package/dist/utils/context.d.ts.map +1 -0
- package/dist/utils/context.js +29 -0
- package/dist/utils/context.js.map +1 -0
- package/dist/utils/index.d.ts +4 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/index.js +3 -0
- package/dist/utils/index.js.map +1 -0
- package/dist/utils/logger.d.ts +11 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +29 -0
- package/dist/utils/logger.js.map +1 -0
- package/package.json +67 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"generate-artifacts.js","sourceRoot":"","sources":["../../src/commands/generate-artifacts.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EACL,0BAA0B,EAC1B,cAAc,EACd,iBAAiB,EACjB,kCAAkC,EAClC,aAAa,GACd,MAAM,oBAAoB,CAAC;AAM5B;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,GAAmB;IAEnB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IACxC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;IACnC,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,qBAAqB;IAErB,MAAM,QAAQ,GAAa;QACzB,+CAA+C;QAC/C,GAAG,SAAS,CAAC,KAAK,CAAC,wBAAwB,eAAe;QAC1D,GAAG,SAAS,CAAC,KAAK,CAAC,4BAA4B,eAAe;QAC9D,uBAAuB,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE;QACtD,EAAE;KACH,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACjD,MAAM,SAAS,GAAG,SAAS,GAAG,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;QAClE,QAAQ,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,sCAAsC,CAAC,CAAC;QAElE,MAAM,QAAQ,GACZ,MAAM,CAAC,OAAO,KAAK,oBAAoB;YACvC,MAAM,CAAC,OAAO,KAAK,iBAAiB,CAAC;QAEvC,IAAI,MAAM,CAAC,WAAW,EAAE,iBAAiB,EAAE,CAAC;YAC1C,QAAQ,CAAC,IAAI,CACX,GAAG,MAAM,CAAC,WAAW,CAAC,iBAAiB,kBAAkB,CAC1D,CAAC;QACJ,CAAC;aAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,8BAA8B,CAAC,CAAC;QAC5D,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,KAAK,SAAS,yCAAyC,CAAC,CAAC;QACzE,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,0BAA0B,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC;QACvE,QAAQ,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,aAAa,UAAU,EAAE,CAAC,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACrD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,SAAS,CAAC,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;QAC9D,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC7B,MAAM,CAAC,OAAO,CAAC,cAAc,cAAc,EAAE,CAAC,CAAC;IACjD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,6BAA6B,cAAc,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,kCAAkC;IAElC,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QAClD,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACjD,MAAM,WAAW,GAAG,0BAA0B,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACvD,MAAM,WAAW,GAAG,kCAAkC,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxE,MAAM,MAAM,GAAG,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAEhD,MAAM,aAAa,GAAG;YACpB,MAAM,EAAE;gBACN,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,QAAQ;gBACR,YAAY,EAAE,WAAW;gBACzB,YAAY,EAAE,WAAW;aAC1B;YACD,IAAI,EAAE;gBACJ,MAAM,EAAE,WAAW,SAAS,CAAC,KAAK,CAAC,aAAa,GAAG;gBACnD,QAAQ,EAAE,WAAW;gBACrB,QAAQ,EAAE,WAAW,SAAS,CAAC,KAAK,CAAC,aAAa,wBAAwB;gBAC1E,+BAA+B,EAAE,WAAW;aAC7C;YACD,MAAM;SACP,CAAC;QAEF,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;QAC9C,MAAM,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,iBAAiB,GAAG,IAAI,CAAC,SAAS,EAAE,+BAA+B,CAAC,CAAC;QAE3E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,SAAS,CACb,iBAAiB,EACjB,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAC7C,OAAO,CACR,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAChC,MAAM,CAAC,OAAO,CAAC,cAAc,iBAAiB,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,6BAA6B,iBAAiB,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;AACnC,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { CommandContext } from "../utils/index.js";
|
|
2
|
+
export interface GrantClientResult {
|
|
3
|
+
serverSlug: string;
|
|
4
|
+
clientKey: string;
|
|
5
|
+
clientId: string;
|
|
6
|
+
audience: string;
|
|
7
|
+
action: "created" | "updated" | "unchanged" | "dry_run";
|
|
8
|
+
scopes: string[];
|
|
9
|
+
subjectType: string;
|
|
10
|
+
}
|
|
11
|
+
export declare function grantClient(ctx: CommandContext, serverSlug: string, clientKey: string, scopes?: string[]): Promise<GrantClientResult>;
|
|
12
|
+
//# sourceMappingURL=grant-client.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grant-client.d.ts","sourceRoot":"","sources":["../../src/commands/grant-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAKxD,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IACxD,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,WAAW,CAC/B,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE,MAAM,EAAE,GAChB,OAAO,CAAC,iBAAiB,CAAC,CAwI5B"}
|
|
@@ -0,0 +1,111 @@
|
|
|
1
|
+
import { logger } from "../utils/index.js";
|
|
2
|
+
import { deriveCanonicalResourceUri, resolveScopes } from "../config/index.js";
|
|
3
|
+
import { reconcileClient } from "./reconcile-client.js";
|
|
4
|
+
export async function grantClient(ctx, serverSlug, clientKey, scopes) {
|
|
5
|
+
const { config, auth0, dryRun } = ctx;
|
|
6
|
+
const serverConfig = config.serverConfigs.get(serverSlug);
|
|
7
|
+
if (!serverConfig) {
|
|
8
|
+
throw new Error(`Unknown server slug: "${serverSlug}"`);
|
|
9
|
+
}
|
|
10
|
+
const clientConfig = config.clientConfigs.get(clientKey);
|
|
11
|
+
if (!clientConfig) {
|
|
12
|
+
throw new Error(`Unknown client key: "${clientKey}"`);
|
|
13
|
+
}
|
|
14
|
+
const audience = deriveCanonicalResourceUri(config.ecosystem, serverConfig.slug);
|
|
15
|
+
const grantScopes = scopes && scopes.length > 0
|
|
16
|
+
? scopes
|
|
17
|
+
: resolveScopes(config.ecosystem, serverConfig);
|
|
18
|
+
const profileDef = config.ecosystem.defaults.client_profiles?.[clientConfig.profile];
|
|
19
|
+
const subjectType = profileDef?.access_mode === "machine" ? "client" : "user";
|
|
20
|
+
let clientId = clientConfig.auth0.existing_client_id;
|
|
21
|
+
if (!clientId) {
|
|
22
|
+
logger.info(`Ensuring client "${clientKey}" exists...`);
|
|
23
|
+
const result = await reconcileClient(ctx, clientKey);
|
|
24
|
+
clientId = result.clientId;
|
|
25
|
+
}
|
|
26
|
+
if (!clientId || clientId === "__DRY_RUN__") {
|
|
27
|
+
return {
|
|
28
|
+
serverSlug,
|
|
29
|
+
clientKey,
|
|
30
|
+
clientId: clientId ?? "__DRY_RUN__",
|
|
31
|
+
audience,
|
|
32
|
+
action: "dry_run",
|
|
33
|
+
scopes: grantScopes,
|
|
34
|
+
subjectType,
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
logger.info(`Reconciling grant: ${clientKey} -> ${serverSlug} (${subjectType})`);
|
|
38
|
+
logger.debug(` Audience: ${audience}`);
|
|
39
|
+
logger.debug(` Scopes: ${grantScopes.join(", ")}`);
|
|
40
|
+
const existing = await auth0.findClientGrant(clientId, audience, subjectType);
|
|
41
|
+
if (existing) {
|
|
42
|
+
const existingSet = new Set(existing.scope);
|
|
43
|
+
const desiredSet = new Set(grantScopes);
|
|
44
|
+
const equal = existingSet.size === desiredSet.size &&
|
|
45
|
+
[...desiredSet].every((s) => existingSet.has(s));
|
|
46
|
+
if (equal) {
|
|
47
|
+
logger.info("Grant exists and is up to date.");
|
|
48
|
+
return {
|
|
49
|
+
serverSlug,
|
|
50
|
+
clientKey,
|
|
51
|
+
clientId,
|
|
52
|
+
audience,
|
|
53
|
+
action: "unchanged",
|
|
54
|
+
scopes: grantScopes,
|
|
55
|
+
subjectType,
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
if (dryRun) {
|
|
59
|
+
logger.info("[DRY RUN] Would update grant.");
|
|
60
|
+
return {
|
|
61
|
+
serverSlug,
|
|
62
|
+
clientKey,
|
|
63
|
+
clientId,
|
|
64
|
+
audience,
|
|
65
|
+
action: "dry_run",
|
|
66
|
+
scopes: grantScopes,
|
|
67
|
+
subjectType,
|
|
68
|
+
};
|
|
69
|
+
}
|
|
70
|
+
await auth0.updateClientGrant(existing.id, { scope: grantScopes });
|
|
71
|
+
logger.success("Grant updated.");
|
|
72
|
+
return {
|
|
73
|
+
serverSlug,
|
|
74
|
+
clientKey,
|
|
75
|
+
clientId,
|
|
76
|
+
audience,
|
|
77
|
+
action: "updated",
|
|
78
|
+
scopes: grantScopes,
|
|
79
|
+
subjectType,
|
|
80
|
+
};
|
|
81
|
+
}
|
|
82
|
+
if (dryRun) {
|
|
83
|
+
logger.info("[DRY RUN] Would create grant.");
|
|
84
|
+
return {
|
|
85
|
+
serverSlug,
|
|
86
|
+
clientKey,
|
|
87
|
+
clientId,
|
|
88
|
+
audience,
|
|
89
|
+
action: "dry_run",
|
|
90
|
+
scopes: grantScopes,
|
|
91
|
+
subjectType,
|
|
92
|
+
};
|
|
93
|
+
}
|
|
94
|
+
await auth0.createClientGrant({
|
|
95
|
+
client_id: clientId,
|
|
96
|
+
audience,
|
|
97
|
+
scope: grantScopes,
|
|
98
|
+
subject_type: subjectType,
|
|
99
|
+
});
|
|
100
|
+
logger.success("Grant created.");
|
|
101
|
+
return {
|
|
102
|
+
serverSlug,
|
|
103
|
+
clientKey,
|
|
104
|
+
clientId,
|
|
105
|
+
audience,
|
|
106
|
+
action: "created",
|
|
107
|
+
scopes: grantScopes,
|
|
108
|
+
subjectType,
|
|
109
|
+
};
|
|
110
|
+
}
|
|
111
|
+
//# sourceMappingURL=grant-client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grant-client.js","sourceRoot":"","sources":["../../src/commands/grant-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,0BAA0B,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAYxD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,GAAmB,EACnB,UAAkB,EAClB,SAAiB,EACjB,MAAiB;IAEjB,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEtC,MAAM,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,yBAAyB,UAAU,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,GAAG,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,QAAQ,GAAG,0BAA0B,CACzC,MAAM,CAAC,SAAS,EAChB,YAAY,CAAC,IAAI,CAClB,CAAC;IAEF,MAAM,WAAW,GACf,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QACzB,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAEpD,MAAM,UAAU,GACd,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACpE,MAAM,WAAW,GACf,UAAU,EAAE,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;IAE5D,IAAI,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,kBAAkB,CAAC;IAErD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,CAAC,IAAI,CAAC,oBAAoB,SAAS,aAAa,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QACrD,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC7B,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC5C,OAAO;YACL,UAAU;YACV,SAAS;YACT,QAAQ,EAAE,QAAQ,IAAI,aAAa;YACnC,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,WAAW;YACnB,WAAW;SACZ,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,IAAI,CACT,sBAAsB,SAAS,OAAO,UAAU,KAAK,WAAW,GAAG,CACpE,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,eAAe,QAAQ,EAAE,CAAC,CAAC;IACxC,MAAM,CAAC,KAAK,CAAC,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEpD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,CAC1C,QAAQ,EACR,QAAQ,EACR,WAAW,CACZ,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QACxC,MAAM,KAAK,GACT,WAAW,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI;YACpC,CAAC,GAAG,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnD,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YAC/C,OAAO;gBACL,UAAU;gBACV,SAAS;gBACT,QAAQ;gBACR,QAAQ;gBACR,MAAM,EAAE,WAAW;gBACnB,MAAM,EAAE,WAAW;gBACnB,WAAW;aACZ,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC7C,OAAO;gBACL,UAAU;gBACV,SAAS;gBACT,QAAQ;gBACR,QAAQ;gBACR,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,WAAW;gBACnB,WAAW;aACZ,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QACnE,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QACjC,OAAO;YACL,UAAU;YACV,SAAS;YACT,QAAQ;YACR,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,WAAW;YACnB,WAAW;SACZ,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO;YACL,UAAU;YACV,SAAS;YACT,QAAQ;YACR,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,WAAW;YACnB,WAAW;SACZ,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,CAAC,iBAAiB,CAAC;QAC5B,SAAS,EAAE,QAAQ;QACnB,QAAQ;QACR,KAAK,EAAE,WAAW;QAClB,YAAY,EAAE,WAAW;KAC1B,CAAC,CAAC;IACH,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEjC,OAAO;QACL,UAAU;QACV,SAAS;QACT,QAAQ;QACR,QAAQ;QACR,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,WAAW;QACnB,WAAW;KACZ,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
export { verifyTenant } from "./verify-tenant.js";
|
|
2
|
+
export type { VerifyTenantResult } from "./verify-tenant.js";
|
|
3
|
+
export { reconcileClient } from "./reconcile-client.js";
|
|
4
|
+
export type { ReconcileClientResult } from "./reconcile-client.js";
|
|
5
|
+
export { reconcileServer } from "./reconcile-server.js";
|
|
6
|
+
export type { ReconcileServerResult, GrantResult } from "./reconcile-server.js";
|
|
7
|
+
export { reconcileAll } from "./reconcile-all.js";
|
|
8
|
+
export type { ReconcileAllResult } from "./reconcile-all.js";
|
|
9
|
+
export { addScope } from "./add-scope.js";
|
|
10
|
+
export type { AddScopeResult } from "./add-scope.js";
|
|
11
|
+
export { grantClient } from "./grant-client.js";
|
|
12
|
+
export type { GrantClientResult } from "./grant-client.js";
|
|
13
|
+
export { generateArtifacts } from "./generate-artifacts.js";
|
|
14
|
+
export type { GenerateArtifactsResult } from "./generate-artifacts.js";
|
|
15
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,YAAY,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,YAAY,EAAE,qBAAqB,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEhF,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,YAAY,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,YAAY,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAErD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,YAAY,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export { verifyTenant } from "./verify-tenant.js";
|
|
2
|
+
export { reconcileClient } from "./reconcile-client.js";
|
|
3
|
+
export { reconcileServer } from "./reconcile-server.js";
|
|
4
|
+
export { reconcileAll } from "./reconcile-all.js";
|
|
5
|
+
export { addScope } from "./add-scope.js";
|
|
6
|
+
export { grantClient } from "./grant-client.js";
|
|
7
|
+
export { generateArtifacts } from "./generate-artifacts.js";
|
|
8
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAGxD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAGxD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG1C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGhD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { CommandContext } from "../utils/index.js";
|
|
2
|
+
import { type ReconcileClientResult } from "./reconcile-client.js";
|
|
3
|
+
import { type ReconcileServerResult } from "./reconcile-server.js";
|
|
4
|
+
export interface ReconcileAllResult {
|
|
5
|
+
tenantOk: boolean;
|
|
6
|
+
clients: ReconcileClientResult[];
|
|
7
|
+
servers: ReconcileServerResult[];
|
|
8
|
+
}
|
|
9
|
+
export declare function reconcileAll(ctx: CommandContext): Promise<ReconcileAllResult>;
|
|
10
|
+
//# sourceMappingURL=reconcile-all.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reconcile-all.d.ts","sourceRoot":"","sources":["../../src/commands/reconcile-all.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGxD,OAAO,EAAmB,KAAK,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACpF,OAAO,EAAmB,KAAK,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEpF,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,qBAAqB,EAAE,CAAC;IACjC,OAAO,EAAE,qBAAqB,EAAE,CAAC;CAClC;AAED,wBAAsB,YAAY,CAChC,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,kBAAkB,CAAC,CAsE7B"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
import { logger } from "../utils/index.js";
|
|
2
|
+
import { verifyTenant } from "./verify-tenant.js";
|
|
3
|
+
import { reconcileClient } from "./reconcile-client.js";
|
|
4
|
+
import { reconcileServer } from "./reconcile-server.js";
|
|
5
|
+
export async function reconcileAll(ctx) {
|
|
6
|
+
const { config } = ctx;
|
|
7
|
+
logger.info("=== Full Ecosystem Reconciliation ===");
|
|
8
|
+
logger.blank();
|
|
9
|
+
// Phase 1: Verify tenant
|
|
10
|
+
const tenantResult = await verifyTenant(ctx);
|
|
11
|
+
if (tenantResult.manualActionRequired) {
|
|
12
|
+
logger.error("Tenant verification failed. Aborting reconciliation.");
|
|
13
|
+
return { tenantOk: false, clients: [], servers: [] };
|
|
14
|
+
}
|
|
15
|
+
logger.blank();
|
|
16
|
+
logger.info("=== Phase 2: Reconcile OAuth Clients ===");
|
|
17
|
+
logger.blank();
|
|
18
|
+
const clientResults = [];
|
|
19
|
+
for (const clientKey of config.clientConfigs.keys()) {
|
|
20
|
+
try {
|
|
21
|
+
const result = await reconcileClient(ctx, clientKey);
|
|
22
|
+
clientResults.push(result);
|
|
23
|
+
}
|
|
24
|
+
catch (err) {
|
|
25
|
+
logger.error(`Failed to reconcile client "${clientKey}": ${err instanceof Error ? err.message : String(err)}`);
|
|
26
|
+
}
|
|
27
|
+
logger.blank();
|
|
28
|
+
}
|
|
29
|
+
logger.info("=== Phase 3: Reconcile MCP Servers ===");
|
|
30
|
+
logger.blank();
|
|
31
|
+
const serverResults = [];
|
|
32
|
+
for (const slug of config.serverConfigs.keys()) {
|
|
33
|
+
try {
|
|
34
|
+
const result = await reconcileServer(ctx, slug);
|
|
35
|
+
serverResults.push(result);
|
|
36
|
+
}
|
|
37
|
+
catch (err) {
|
|
38
|
+
logger.error(`Failed to reconcile server "${slug}": ${err instanceof Error ? err.message : String(err)}`);
|
|
39
|
+
}
|
|
40
|
+
logger.blank();
|
|
41
|
+
}
|
|
42
|
+
// Summary
|
|
43
|
+
logger.info("=== Reconciliation Summary ===");
|
|
44
|
+
logger.blank();
|
|
45
|
+
for (const cr of clientResults) {
|
|
46
|
+
logger.info(` Client "${cr.clientKey}": ${cr.action} (${cr.clientId})`);
|
|
47
|
+
}
|
|
48
|
+
for (const sr of serverResults) {
|
|
49
|
+
logger.info(` Server "${sr.slug}": API ${sr.action} (${sr.apiIdentifier})`);
|
|
50
|
+
for (const gr of sr.grantResults) {
|
|
51
|
+
logger.info(` Grant ${gr.clientKey}: ${gr.action} [${gr.scopes.join(", ")}]`);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
logger.blank();
|
|
55
|
+
logger.success("Full reconciliation complete.");
|
|
56
|
+
return { tenantOk: true, clients: clientResults, servers: serverResults };
|
|
57
|
+
}
|
|
58
|
+
//# sourceMappingURL=reconcile-all.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reconcile-all.js","sourceRoot":"","sources":["../../src/commands/reconcile-all.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,eAAe,EAA8B,MAAM,uBAAuB,CAAC;AACpF,OAAO,EAAE,eAAe,EAA8B,MAAM,uBAAuB,CAAC;AAQpF,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,GAAmB;IAEnB,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAEvB,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;IACrD,MAAM,CAAC,KAAK,EAAE,CAAC;IAEf,yBAAyB;IACzB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,YAAY,CAAC,oBAAoB,EAAE,CAAC;QACtC,MAAM,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACrE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACvD,CAAC;IAED,MAAM,CAAC,KAAK,EAAE,CAAC;IACf,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACxD,MAAM,CAAC,KAAK,EAAE,CAAC;IAEf,MAAM,aAAa,GAA4B,EAAE,CAAC;IAClD,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACrD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CACV,+BAA+B,SAAS,MAAM,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACjG,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACtD,MAAM,CAAC,KAAK,EAAE,CAAC;IAEf,MAAM,aAAa,GAA4B,EAAE,CAAC;IAClD,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAChD,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CACV,+BAA+B,IAAI,MAAM,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAC5F,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;IAED,UAAU;IACV,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,EAAE,CAAC;IAEf,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CACT,aAAa,EAAE,CAAC,SAAS,MAAM,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,QAAQ,GAAG,CAC5D,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CACT,aAAa,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,aAAa,GAAG,CAChE,CAAC;QACF,KAAK,MAAM,EAAE,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;YACjC,MAAM,CAAC,IAAI,CACT,aAAa,EAAE,CAAC,SAAS,KAAK,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACpE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,EAAE,CAAC;IACf,MAAM,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC;IAEhD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC;AAC5E,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { CommandContext } from "../utils/index.js";
|
|
2
|
+
export interface ReconcileClientResult {
|
|
3
|
+
clientKey: string;
|
|
4
|
+
clientId: string;
|
|
5
|
+
action: "created" | "reused" | "patched" | "dry_run";
|
|
6
|
+
applicationType: string;
|
|
7
|
+
tokenEndpointAuthMethod: string;
|
|
8
|
+
secretPlaceholderRequired: boolean;
|
|
9
|
+
}
|
|
10
|
+
export declare function reconcileClient(ctx: CommandContext, clientKey: string): Promise<ReconcileClientResult>;
|
|
11
|
+
//# sourceMappingURL=reconcile-client.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reconcile-client.d.ts","sourceRoot":"","sources":["../../src/commands/reconcile-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAWxD,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;IACrD,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,EAAE,MAAM,CAAC;IAChC,yBAAyB,EAAE,OAAO,CAAC;CACpC;AAcD,wBAAsB,eAAe,CACnC,GAAG,EAAE,cAAc,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,qBAAqB,CAAC,CA6KhC"}
|
|
@@ -0,0 +1,295 @@
|
|
|
1
|
+
import { logger } from "../utils/index.js";
|
|
2
|
+
export async function reconcileClient(ctx, clientKey) {
|
|
3
|
+
const { config, auth0, dryRun } = ctx;
|
|
4
|
+
const clientConfig = config.clientConfigs.get(clientKey);
|
|
5
|
+
if (!clientConfig) {
|
|
6
|
+
throw new Error(`Unknown client key: "${clientKey}"`);
|
|
7
|
+
}
|
|
8
|
+
const descriptor = clientConfig.descriptor
|
|
9
|
+
? config.clientDescriptors.get(clientConfig.descriptor)
|
|
10
|
+
: undefined;
|
|
11
|
+
const settings = resolveSettings(config.ecosystem, clientConfig, descriptor);
|
|
12
|
+
logger.info(`Reconciling client: ${clientConfig.display_name} (${clientKey})`);
|
|
13
|
+
logger.debug(` Profile: ${clientConfig.profile}`);
|
|
14
|
+
logger.debug(` App type: ${settings.appType}`);
|
|
15
|
+
logger.debug(` Auth method: ${settings.tokenEndpointAuthMethod}`);
|
|
16
|
+
if (clientConfig.auth0.existing_client_id) {
|
|
17
|
+
logger.info(` Using existing client_id: ${clientConfig.auth0.existing_client_id}`);
|
|
18
|
+
const existing = await auth0.getApplication(clientConfig.auth0.existing_client_id);
|
|
19
|
+
const reuse = checkCompatibility(existing, settings);
|
|
20
|
+
if (!reuse.compatible) {
|
|
21
|
+
logger.warn(` Existing application is NOT fully compatible: ${reuse.reason}`);
|
|
22
|
+
const policy = descriptor?.reuse_policy ?? "share_if_exact_match";
|
|
23
|
+
if (policy === "patch_if_safe" && !dryRun) {
|
|
24
|
+
logger.info(" Attempting safe patch...");
|
|
25
|
+
await patchApplication(auth0, existing, settings, config.ecosystem, clientConfig);
|
|
26
|
+
logger.success(" Application patched.");
|
|
27
|
+
return {
|
|
28
|
+
clientKey,
|
|
29
|
+
clientId: existing.client_id,
|
|
30
|
+
action: "patched",
|
|
31
|
+
applicationType: settings.appType,
|
|
32
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
33
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
logger.warn(" Reusing as-is (policy does not allow patching).");
|
|
37
|
+
}
|
|
38
|
+
return {
|
|
39
|
+
clientKey,
|
|
40
|
+
clientId: existing.client_id,
|
|
41
|
+
action: "reused",
|
|
42
|
+
applicationType: settings.appType,
|
|
43
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
44
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
logger.info(" Searching for existing Auth0 application by metadata...");
|
|
48
|
+
const existingApp = await auth0.findApplicationByMetadata("client_key", clientKey);
|
|
49
|
+
if (existingApp) {
|
|
50
|
+
logger.info(` Found existing application: ${existingApp.name} (${existingApp.client_id})`);
|
|
51
|
+
const reuse = checkCompatibility(existingApp, settings);
|
|
52
|
+
if (reuse.compatible) {
|
|
53
|
+
logger.success(" Application is compatible. Reusing.");
|
|
54
|
+
return {
|
|
55
|
+
clientKey,
|
|
56
|
+
clientId: existingApp.client_id,
|
|
57
|
+
action: "reused",
|
|
58
|
+
applicationType: settings.appType,
|
|
59
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
60
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
logger.warn(` Existing application is not compatible: ${reuse.reason}`);
|
|
64
|
+
const policy = resolveReusePolicy(clientConfig, descriptor);
|
|
65
|
+
if (policy === "patch_if_safe") {
|
|
66
|
+
if (dryRun) {
|
|
67
|
+
logger.info(" [DRY RUN] Would patch existing application.");
|
|
68
|
+
return {
|
|
69
|
+
clientKey,
|
|
70
|
+
clientId: existingApp.client_id,
|
|
71
|
+
action: "dry_run",
|
|
72
|
+
applicationType: settings.appType,
|
|
73
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
74
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
75
|
+
};
|
|
76
|
+
}
|
|
77
|
+
logger.info(" Patching existing application...");
|
|
78
|
+
await patchApplication(auth0, existingApp, settings, config.ecosystem, clientConfig);
|
|
79
|
+
logger.success(" Application patched.");
|
|
80
|
+
return {
|
|
81
|
+
clientKey,
|
|
82
|
+
clientId: existingApp.client_id,
|
|
83
|
+
action: "patched",
|
|
84
|
+
applicationType: settings.appType,
|
|
85
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
86
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
if (policy === "share_if_exact_match") {
|
|
90
|
+
logger.warn(" Exact match required but not met. Creating a new application.");
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
else {
|
|
94
|
+
logger.info(" No existing application found.");
|
|
95
|
+
}
|
|
96
|
+
if (!clientConfig.auth0.create_if_missing) {
|
|
97
|
+
throw new Error(`No compatible Auth0 Application found for "${clientKey}" and create_if_missing is false.`);
|
|
98
|
+
}
|
|
99
|
+
if (dryRun) {
|
|
100
|
+
logger.info(" [DRY RUN] Would create a new Auth0 Application.");
|
|
101
|
+
return {
|
|
102
|
+
clientKey,
|
|
103
|
+
clientId: "__DRY_RUN__",
|
|
104
|
+
action: "dry_run",
|
|
105
|
+
applicationType: settings.appType,
|
|
106
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
107
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
108
|
+
};
|
|
109
|
+
}
|
|
110
|
+
logger.info(" Creating new Auth0 Application...");
|
|
111
|
+
const newApp = await auth0.createApplication({
|
|
112
|
+
name: clientConfig.display_name,
|
|
113
|
+
app_type: settings.appType,
|
|
114
|
+
token_endpoint_auth_method: settings.tokenEndpointAuthMethod,
|
|
115
|
+
grant_types: settings.grantTypes,
|
|
116
|
+
callbacks: settings.callbackUrls.length > 0 ? settings.callbackUrls : undefined,
|
|
117
|
+
allowed_logout_urls: settings.logoutUrls.length > 0 ? settings.logoutUrls : undefined,
|
|
118
|
+
web_origins: settings.webOrigins.length > 0 ? settings.webOrigins : undefined,
|
|
119
|
+
client_metadata: {
|
|
120
|
+
ecosystem: config.ecosystem.ecosystem_name,
|
|
121
|
+
client_key: clientKey,
|
|
122
|
+
descriptor: clientConfig.descriptor ?? "",
|
|
123
|
+
profile: clientConfig.profile,
|
|
124
|
+
managed_by: "@scupit/mcp-ecosystem",
|
|
125
|
+
},
|
|
126
|
+
...(settings.useRefreshTokens && {
|
|
127
|
+
refresh_token: {
|
|
128
|
+
rotation_type: settings.refreshTokenRotation
|
|
129
|
+
? "rotating"
|
|
130
|
+
: "non-rotating",
|
|
131
|
+
expiration_type: "expiring",
|
|
132
|
+
},
|
|
133
|
+
}),
|
|
134
|
+
});
|
|
135
|
+
logger.success(` Application created: ${newApp.name} (${newApp.client_id})`);
|
|
136
|
+
return {
|
|
137
|
+
clientKey,
|
|
138
|
+
clientId: newApp.client_id,
|
|
139
|
+
action: "created",
|
|
140
|
+
applicationType: settings.appType,
|
|
141
|
+
tokenEndpointAuthMethod: settings.tokenEndpointAuthMethod,
|
|
142
|
+
secretPlaceholderRequired: isConfidential(settings),
|
|
143
|
+
};
|
|
144
|
+
}
|
|
145
|
+
function resolveSettings(ecosystem, client, descriptor) {
|
|
146
|
+
const profileDef = ecosystem.defaults.client_profiles?.[client.profile];
|
|
147
|
+
const appType = mapProfileToAppType(client.profile);
|
|
148
|
+
const grantTypes = resolveGrantTypes(client.profile, descriptor);
|
|
149
|
+
const tokenEndpointAuthMethod = client.application_settings?.token_endpoint_auth_method ??
|
|
150
|
+
profileDef?.token_endpoint_auth_method ??
|
|
151
|
+
(isPublicProfile(client.profile) ? "none" : "client_secret_post");
|
|
152
|
+
const callbackUrls = client.application_settings?.callback_urls ??
|
|
153
|
+
descriptor?.callback_urls ??
|
|
154
|
+
[];
|
|
155
|
+
const logoutUrls = client.application_settings?.logout_urls ??
|
|
156
|
+
descriptor?.logout_urls ??
|
|
157
|
+
[];
|
|
158
|
+
const webOrigins = client.application_settings?.web_origins ??
|
|
159
|
+
descriptor?.web_origins ??
|
|
160
|
+
[];
|
|
161
|
+
const useRefreshTokens = client.token_settings?.use_refresh_tokens ??
|
|
162
|
+
descriptor?.requires_refresh_tokens ??
|
|
163
|
+
profileDef?.use_refresh_tokens ??
|
|
164
|
+
false;
|
|
165
|
+
const refreshTokenRotation = client.token_settings?.refresh_token_rotation ??
|
|
166
|
+
descriptor?.requires_refresh_token_rotation ??
|
|
167
|
+
profileDef?.refresh_token_rotation ??
|
|
168
|
+
false;
|
|
169
|
+
const accessMode = profileDef?.access_mode ?? descriptor?.access_mode ?? "user";
|
|
170
|
+
return {
|
|
171
|
+
appType,
|
|
172
|
+
grantTypes,
|
|
173
|
+
tokenEndpointAuthMethod,
|
|
174
|
+
callbackUrls,
|
|
175
|
+
logoutUrls,
|
|
176
|
+
webOrigins,
|
|
177
|
+
useRefreshTokens,
|
|
178
|
+
refreshTokenRotation,
|
|
179
|
+
accessMode,
|
|
180
|
+
};
|
|
181
|
+
}
|
|
182
|
+
function mapProfileToAppType(profile) {
|
|
183
|
+
const map = {
|
|
184
|
+
native_interactive: "native",
|
|
185
|
+
spa_interactive: "spa",
|
|
186
|
+
regular_web_interactive: "regular_web",
|
|
187
|
+
service_m2m: "non_interactive",
|
|
188
|
+
};
|
|
189
|
+
return map[profile];
|
|
190
|
+
}
|
|
191
|
+
function resolveGrantTypes(profile, descriptor) {
|
|
192
|
+
const grants = [];
|
|
193
|
+
switch (profile) {
|
|
194
|
+
case "native_interactive":
|
|
195
|
+
grants.push("authorization_code", "refresh_token");
|
|
196
|
+
if (descriptor?.supports_device_flow)
|
|
197
|
+
grants.push("urn:ietf:params:oauth:grant-type:device_code");
|
|
198
|
+
break;
|
|
199
|
+
case "spa_interactive":
|
|
200
|
+
grants.push("authorization_code", "refresh_token");
|
|
201
|
+
break;
|
|
202
|
+
case "regular_web_interactive":
|
|
203
|
+
grants.push("authorization_code", "refresh_token");
|
|
204
|
+
break;
|
|
205
|
+
case "service_m2m":
|
|
206
|
+
grants.push("client_credentials");
|
|
207
|
+
break;
|
|
208
|
+
}
|
|
209
|
+
return grants;
|
|
210
|
+
}
|
|
211
|
+
function isPublicProfile(profile) {
|
|
212
|
+
return profile === "native_interactive" || profile === "spa_interactive";
|
|
213
|
+
}
|
|
214
|
+
function isConfidential(settings) {
|
|
215
|
+
return settings.tokenEndpointAuthMethod !== "none";
|
|
216
|
+
}
|
|
217
|
+
function checkCompatibility(existing, desired) {
|
|
218
|
+
if (existing.app_type !== desired.appType) {
|
|
219
|
+
return {
|
|
220
|
+
compatible: false,
|
|
221
|
+
reason: `App type mismatch: existing="${existing.app_type}", desired="${desired.appType}"`,
|
|
222
|
+
};
|
|
223
|
+
}
|
|
224
|
+
if (existing.token_endpoint_auth_method !== desired.tokenEndpointAuthMethod) {
|
|
225
|
+
return {
|
|
226
|
+
compatible: false,
|
|
227
|
+
reason: `Token endpoint auth method mismatch: existing="${existing.token_endpoint_auth_method}", desired="${desired.tokenEndpointAuthMethod}"`,
|
|
228
|
+
};
|
|
229
|
+
}
|
|
230
|
+
for (const url of desired.callbackUrls) {
|
|
231
|
+
if (!existing.callbacks?.includes(url)) {
|
|
232
|
+
return {
|
|
233
|
+
compatible: false,
|
|
234
|
+
reason: `Missing callback URL: ${url}`,
|
|
235
|
+
};
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
for (const url of desired.logoutUrls) {
|
|
239
|
+
if (!existing.allowed_logout_urls?.includes(url)) {
|
|
240
|
+
return {
|
|
241
|
+
compatible: false,
|
|
242
|
+
reason: `Missing logout URL: ${url}`,
|
|
243
|
+
};
|
|
244
|
+
}
|
|
245
|
+
}
|
|
246
|
+
for (const url of desired.webOrigins) {
|
|
247
|
+
if (!existing.web_origins?.includes(url)) {
|
|
248
|
+
return {
|
|
249
|
+
compatible: false,
|
|
250
|
+
reason: `Missing web origin: ${url}`,
|
|
251
|
+
};
|
|
252
|
+
}
|
|
253
|
+
}
|
|
254
|
+
return { compatible: true };
|
|
255
|
+
}
|
|
256
|
+
function resolveReusePolicy(client, descriptor) {
|
|
257
|
+
if (descriptor?.reuse_policy)
|
|
258
|
+
return descriptor.reuse_policy;
|
|
259
|
+
if (client.profile === "service_m2m")
|
|
260
|
+
return "never_share";
|
|
261
|
+
return "share_if_exact_match";
|
|
262
|
+
}
|
|
263
|
+
async function patchApplication(auth0, existing, settings, ecosystem, clientConfig) {
|
|
264
|
+
const patch = {};
|
|
265
|
+
const mergedCallbacks = mergeArrays(existing.callbacks ?? [], settings.callbackUrls);
|
|
266
|
+
if (mergedCallbacks.length > (existing.callbacks?.length ?? 0)) {
|
|
267
|
+
patch.callbacks = mergedCallbacks;
|
|
268
|
+
}
|
|
269
|
+
const mergedLogout = mergeArrays(existing.allowed_logout_urls ?? [], settings.logoutUrls);
|
|
270
|
+
if (mergedLogout.length > (existing.allowed_logout_urls?.length ?? 0)) {
|
|
271
|
+
patch.allowed_logout_urls = mergedLogout;
|
|
272
|
+
}
|
|
273
|
+
const mergedOrigins = mergeArrays(existing.web_origins ?? [], settings.webOrigins);
|
|
274
|
+
if (mergedOrigins.length > (existing.web_origins?.length ?? 0)) {
|
|
275
|
+
patch.web_origins = mergedOrigins;
|
|
276
|
+
}
|
|
277
|
+
patch.client_metadata = {
|
|
278
|
+
...existing.client_metadata,
|
|
279
|
+
ecosystem: ecosystem.ecosystem_name,
|
|
280
|
+
client_key: clientConfig.client_key,
|
|
281
|
+
descriptor: clientConfig.descriptor ?? "",
|
|
282
|
+
profile: clientConfig.profile,
|
|
283
|
+
managed_by: "mcp-ecosystem-script",
|
|
284
|
+
};
|
|
285
|
+
if (Object.keys(patch).length > 0) {
|
|
286
|
+
await auth0.updateApplication(existing.client_id, patch);
|
|
287
|
+
}
|
|
288
|
+
}
|
|
289
|
+
function mergeArrays(existing, desired) {
|
|
290
|
+
const set = new Set(existing);
|
|
291
|
+
for (const item of desired)
|
|
292
|
+
set.add(item);
|
|
293
|
+
return [...set];
|
|
294
|
+
}
|
|
295
|
+
//# sourceMappingURL=reconcile-client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reconcile-client.js","sourceRoot":"","sources":["../../src/commands/reconcile-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AA+B3C,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,GAAmB,EACnB,SAAiB;IAEjB,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IACtC,MAAM,YAAY,GAAG,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,GAAG,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,UAAU,GAAG,YAAY,CAAC,UAAU;QACxC,CAAC,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,UAAU,CAAC;QACvD,CAAC,CAAC,SAAS,CAAC;IAEd,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAE7E,MAAM,CAAC,IAAI,CAAC,uBAAuB,YAAY,CAAC,YAAY,KAAK,SAAS,GAAG,CAAC,CAAC;IAC/E,MAAM,CAAC,KAAK,CAAC,cAAc,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC;IACnD,MAAM,CAAC,KAAK,CAAC,eAAe,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;IAChD,MAAM,CAAC,KAAK,CAAC,kBAAkB,QAAQ,CAAC,uBAAuB,EAAE,CAAC,CAAC;IAEnE,IAAI,YAAY,CAAC,KAAK,CAAC,kBAAkB,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CACT,+BAA+B,YAAY,CAAC,KAAK,CAAC,kBAAkB,EAAE,CACvE,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,CACzC,YAAY,CAAC,KAAK,CAAC,kBAAkB,CACtC,CAAC;QACF,MAAM,KAAK,GAAG,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACrD,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YACtB,MAAM,CAAC,IAAI,CACT,mDAAmD,KAAK,CAAC,MAAM,EAAE,CAClE,CAAC;YACF,MAAM,MAAM,GAAG,UAAU,EAAE,YAAY,IAAI,sBAAsB,CAAC;YAClE,IAAI,MAAM,KAAK,eAAe,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC1C,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;gBAC1C,MAAM,gBAAgB,CAAC,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;gBAClF,MAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;gBACzC,OAAO;oBACL,SAAS;oBACT,QAAQ,EAAE,QAAQ,CAAC,SAAS;oBAC5B,MAAM,EAAE,SAAS;oBACjB,eAAe,EAAE,QAAQ,CAAC,OAAO;oBACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;oBACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;iBACpD,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QACnE,CAAC;QACD,OAAO;YACL,SAAS;YACT,QAAQ,EAAE,QAAQ,CAAC,SAAS;YAC5B,MAAM,EAAE,QAAQ;YAChB,eAAe,EAAE,QAAQ,CAAC,OAAO;YACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;YACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;SACpD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;IACzE,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,yBAAyB,CACvD,YAAY,EACZ,SAAS,CACV,CAAC;IAEF,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CACT,iCAAiC,WAAW,CAAC,IAAI,KAAK,WAAW,CAAC,SAAS,GAAG,CAC/E,CAAC;QACF,MAAM,KAAK,GAAG,kBAAkB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACxD,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;YACxD,OAAO;gBACL,SAAS;gBACT,QAAQ,EAAE,WAAW,CAAC,SAAS;gBAC/B,MAAM,EAAE,QAAQ;gBAChB,eAAe,EAAE,QAAQ,CAAC,OAAO;gBACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;gBACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;aACpD,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,6CAA6C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,kBAAkB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAC5D,IAAI,MAAM,KAAK,eAAe,EAAE,CAAC;YAC/B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;gBAC7D,OAAO;oBACL,SAAS;oBACT,QAAQ,EAAE,WAAW,CAAC,SAAS;oBAC/B,MAAM,EAAE,SAAS;oBACjB,eAAe,EAAE,QAAQ,CAAC,OAAO;oBACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;oBACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;iBACpD,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;YAClD,MAAM,gBAAgB,CAAC,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACrF,MAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;YACzC,OAAO;gBACL,SAAS;gBACT,QAAQ,EAAE,WAAW,CAAC,SAAS;gBAC/B,MAAM,EAAE,SAAS;gBACjB,eAAe,EAAE,QAAQ,CAAC,OAAO;gBACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;gBACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;aACpD,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,KAAK,sBAAsB,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAClD,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,8CAA8C,SAAS,mCAAmC,CAC3F,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QACjE,OAAO;YACL,SAAS;YACT,QAAQ,EAAE,aAAa;YACvB,MAAM,EAAE,SAAS;YACjB,eAAe,EAAE,QAAQ,CAAC,OAAO;YACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;YACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;SACpD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;QAC3C,IAAI,EAAE,YAAY,CAAC,YAAY;QAC/B,QAAQ,EAAE,QAAQ,CAAC,OAAO;QAC1B,0BAA0B,EAAE,QAAQ,CAAC,uBAAuB;QAC5D,WAAW,EAAE,QAAQ,CAAC,UAAU;QAChC,SAAS,EAAE,QAAQ,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;QAC/E,mBAAmB,EACjB,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAClE,WAAW,EACT,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAClE,eAAe,EAAE;YACf,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,cAAc;YAC1C,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,YAAY,CAAC,UAAU,IAAI,EAAE;YACzC,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,UAAU,EAAE,uBAAuB;SACpC;QACD,GAAG,CAAC,QAAQ,CAAC,gBAAgB,IAAI;YAC/B,aAAa,EAAE;gBACb,aAAa,EAAE,QAAQ,CAAC,oBAAoB;oBAC1C,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,cAAc;gBAClB,eAAe,EAAE,UAAU;aAC5B;SACF,CAAC;KACH,CAAC,CAAC;IAEH,MAAM,CAAC,OAAO,CACZ,0BAA0B,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,SAAS,GAAG,CAC9D,CAAC;IAEF,OAAO;QACL,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,SAAS;QAC1B,MAAM,EAAE,SAAS;QACjB,eAAe,EAAE,QAAQ,CAAC,OAAO;QACjC,uBAAuB,EAAE,QAAQ,CAAC,uBAAuB;QACzD,yBAAyB,EAAE,cAAc,CAAC,QAAQ,CAAC;KACpD,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CACtB,SAA0B,EAC1B,MAAoB,EACpB,UAA6B;IAE7B,MAAM,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAExE,MAAM,OAAO,GAAG,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IACjE,MAAM,uBAAuB,GAC3B,MAAM,CAAC,oBAAoB,EAAE,0BAA0B;QACvD,UAAU,EAAE,0BAA0B;QACtC,CAAC,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAEpE,MAAM,YAAY,GAChB,MAAM,CAAC,oBAAoB,EAAE,aAAa;QAC1C,UAAU,EAAE,aAAa;QACzB,EAAE,CAAC;IACL,MAAM,UAAU,GACd,MAAM,CAAC,oBAAoB,EAAE,WAAW;QACxC,UAAU,EAAE,WAAW;QACvB,EAAE,CAAC;IACL,MAAM,UAAU,GACd,MAAM,CAAC,oBAAoB,EAAE,WAAW;QACxC,UAAU,EAAE,WAAW;QACvB,EAAE,CAAC;IAEL,MAAM,gBAAgB,GACpB,MAAM,CAAC,cAAc,EAAE,kBAAkB;QACzC,UAAU,EAAE,uBAAuB;QACnC,UAAU,EAAE,kBAAkB;QAC9B,KAAK,CAAC;IAER,MAAM,oBAAoB,GACxB,MAAM,CAAC,cAAc,EAAE,sBAAsB;QAC7C,UAAU,EAAE,+BAA+B;QAC3C,UAAU,EAAE,sBAAsB;QAClC,KAAK,CAAC;IAER,MAAM,UAAU,GAAG,UAAU,EAAE,WAAW,IAAI,UAAU,EAAE,WAAW,IAAI,MAAM,CAAC;IAEhF,OAAO;QACL,OAAO;QACP,UAAU;QACV,uBAAuB;QACvB,YAAY;QACZ,UAAU;QACV,UAAU;QACV,gBAAgB;QAChB,oBAAoB;QACpB,UAAU;KACX,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAsB;IACjD,MAAM,GAAG,GAAkC;QACzC,kBAAkB,EAAE,QAAQ;QAC5B,eAAe,EAAE,KAAK;QACtB,uBAAuB,EAAE,aAAa;QACtC,WAAW,EAAE,iBAAiB;KAC/B,CAAC;IACF,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,iBAAiB,CACxB,OAAsB,EACtB,UAA6B;IAE7B,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,oBAAoB;YACvB,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;YACnD,IAAI,UAAU,EAAE,oBAAoB;gBAAE,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;YAClG,MAAM;QACR,KAAK,iBAAiB;YACpB,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;YACnD,MAAM;QACR,KAAK,yBAAyB;YAC5B,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC,CAAC;YACnD,MAAM;QACR,KAAK,aAAa;YAChB,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAClC,MAAM;IACV,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,OAAsB;IAC7C,OAAO,OAAO,KAAK,oBAAoB,IAAI,OAAO,KAAK,iBAAiB,CAAC;AAC3E,CAAC;AAED,SAAS,cAAc,CAAC,QAAgC;IACtD,OAAO,QAAQ,CAAC,uBAAuB,KAAK,MAAM,CAAC;AACrD,CAAC;AAOD,SAAS,kBAAkB,CACzB,QAA0B,EAC1B,OAA+B;IAE/B,IAAI,QAAQ,CAAC,QAAQ,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC;QAC1C,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,MAAM,EAAE,gCAAgC,QAAQ,CAAC,QAAQ,eAAe,OAAO,CAAC,OAAO,GAAG;SAC3F,CAAC;IACJ,CAAC;IAED,IACE,QAAQ,CAAC,0BAA0B,KAAK,OAAO,CAAC,uBAAuB,EACvE,CAAC;QACD,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,MAAM,EAAE,kDAAkD,QAAQ,CAAC,0BAA0B,eAAe,OAAO,CAAC,uBAAuB,GAAG;SAC/I,CAAC;IACJ,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACvC,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACvC,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,yBAAyB,GAAG,EAAE;aACvC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjD,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,uBAAuB,GAAG,EAAE;aACrC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACzC,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,uBAAuB,GAAG,EAAE;aACrC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,kBAAkB,CACzB,MAAoB,EACpB,UAA6B;IAE7B,IAAI,UAAU,EAAE,YAAY;QAAE,OAAO,UAAU,CAAC,YAAY,CAAC;IAC7D,IAAI,MAAM,CAAC,OAAO,KAAK,aAAa;QAAE,OAAO,aAAa,CAAC;IAC3D,OAAO,sBAAsB,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,KAA2G,EAC3G,QAA0B,EAC1B,QAAgC,EAChC,SAA0B,EAC1B,YAA0B;IAE1B,MAAM,KAAK,GAA8B,EAAE,CAAC;IAE5C,MAAM,eAAe,GAAG,WAAW,CACjC,QAAQ,CAAC,SAAS,IAAI,EAAE,EACxB,QAAQ,CAAC,YAAY,CACtB,CAAC;IACF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,EAAE,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,CAAC,SAAS,GAAG,eAAe,CAAC;IACpC,CAAC;IAED,MAAM,YAAY,GAAG,WAAW,CAC9B,QAAQ,CAAC,mBAAmB,IAAI,EAAE,EAClC,QAAQ,CAAC,UAAU,CACpB,CAAC;IACF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,QAAQ,CAAC,mBAAmB,EAAE,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,KAAK,CAAC,mBAAmB,GAAG,YAAY,CAAC;IAC3C,CAAC;IAED,MAAM,aAAa,GAAG,WAAW,CAC/B,QAAQ,CAAC,WAAW,IAAI,EAAE,EAC1B,QAAQ,CAAC,UAAU,CACpB,CAAC;IACF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,CAAC,WAAW,GAAG,aAAa,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,eAAe,GAAG;QACtB,GAAG,QAAQ,CAAC,eAAe;QAC3B,SAAS,EAAE,SAAS,CAAC,cAAc;QACnC,UAAU,EAAE,YAAY,CAAC,UAAU;QACnC,UAAU,EAAE,YAAY,CAAC,UAAU,IAAI,EAAE;QACzC,OAAO,EAAE,YAAY,CAAC,OAAO;QAC7B,UAAU,EAAE,sBAAsB;KACnC,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,KAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,QAAkB,EAAE,OAAiB;IACxD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,OAAO;QAAE,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC;AAClB,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { CommandContext } from "../utils/index.js";
|
|
2
|
+
export interface ReconcileServerResult {
|
|
3
|
+
slug: string;
|
|
4
|
+
apiIdentifier: string;
|
|
5
|
+
auth0ApiId: string;
|
|
6
|
+
action: "created" | "updated" | "unchanged" | "dry_run";
|
|
7
|
+
scopes: string[];
|
|
8
|
+
grantResults: GrantResult[];
|
|
9
|
+
}
|
|
10
|
+
export interface GrantResult {
|
|
11
|
+
clientKey: string;
|
|
12
|
+
clientId: string;
|
|
13
|
+
action: "created" | "updated" | "unchanged" | "dry_run";
|
|
14
|
+
scopes: string[];
|
|
15
|
+
subjectType: string;
|
|
16
|
+
}
|
|
17
|
+
export declare function reconcileServer(ctx: CommandContext, serverSlug: string): Promise<ReconcileServerResult>;
|
|
18
|
+
//# sourceMappingURL=reconcile-server.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reconcile-server.d.ts","sourceRoot":"","sources":["../../src/commands/reconcile-server.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAkBxD,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IACxD,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,YAAY,EAAE,WAAW,EAAE,CAAC;CAC7B;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;IACxD,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,wBAAsB,eAAe,CACnC,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,qBAAqB,CAAC,CAmGhC"}
|