@sentropic/h2a-cli 0.26.0 → 0.26.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/runtime/mcp-http/oauth/config.d.ts +3 -0
- package/dist/runtime/mcp-http/oauth/config.d.ts.map +1 -1
- package/dist/runtime/mcp-http/oauth/config.js +10 -0
- package/dist/runtime/mcp-http/oauth/config.js.map +1 -1
- package/dist/runtime/mcp-http/oauth/hono-oauth-router.d.ts.map +1 -1
- package/dist/runtime/mcp-http/oauth/hono-oauth-router.js +9 -0
- package/dist/runtime/mcp-http/oauth/hono-oauth-router.js.map +1 -1
- package/dist/runtime/mcp-http/serve.d.ts +1 -0
- package/dist/runtime/mcp-http/serve.d.ts.map +1 -1
- package/dist/runtime/mcp-http/serve.js +3 -0
- package/dist/runtime/mcp-http/serve.js.map +1 -1
- package/package.json +2 -2
|
@@ -14,6 +14,7 @@ export interface H2AHostedOAuthEnv {
|
|
|
14
14
|
OAUTH_ACCESS_TOKEN_TTL_SECONDS: number;
|
|
15
15
|
OAUTH_REFRESH_TOKEN_TTL_SECONDS: number;
|
|
16
16
|
OAUTH_AUTH_CODE_TTL_SECONDS: number;
|
|
17
|
+
H2A_HOSTED_ENROLLMENT_ENABLED?: string;
|
|
17
18
|
NODE_ENV?: string;
|
|
18
19
|
}
|
|
19
20
|
export interface H2AHostedOAuthConfig {
|
|
@@ -22,6 +23,7 @@ export interface H2AHostedOAuthConfig {
|
|
|
22
23
|
resourceServerUrl: URL;
|
|
23
24
|
resourceMetadataUrl: string;
|
|
24
25
|
consentSecret: string;
|
|
26
|
+
enrollmentEnabled: boolean;
|
|
25
27
|
allowedRedirectUris: readonly string[];
|
|
26
28
|
accessTokenTtlSeconds: number;
|
|
27
29
|
refreshTokenTtlSeconds: number;
|
|
@@ -29,5 +31,6 @@ export interface H2AHostedOAuthConfig {
|
|
|
29
31
|
nodeEnv: string;
|
|
30
32
|
}
|
|
31
33
|
export declare function parseOAuthCsv(value: string): string[];
|
|
34
|
+
export declare function parseHostedEnrollmentEnabled(value: string | undefined): boolean;
|
|
32
35
|
export declare function oauthConfigFromEnv(env: H2AHostedOAuthEnv): H2AHostedOAuthConfig;
|
|
33
36
|
//# sourceMappingURL=config.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,eAAO,MAAM,sBAAsB,aAAa,CAAC;AAEjD,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,2BAA2B,EAAE,MAAM,CAAC;IACpC,8BAA8B,EAAE,MAAM,CAAC;IACvC,+BAA+B,EAAE,MAAM,CAAC;IACxC,2BAA2B,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,GAAG,CAAC;IACf,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAKrD;AAED,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,iBAAiB,GAAG,oBAAoB,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,eAAO,MAAM,sBAAsB,aAAa,CAAC;AAEjD,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,2BAA2B,EAAE,MAAM,CAAC;IACpC,8BAA8B,EAAE,MAAM,CAAC;IACvC,+BAA+B,EAAE,MAAM,CAAC;IACxC,2BAA2B,EAAE,MAAM,CAAC;IACpC,6BAA6B,CAAC,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,GAAG,CAAC;IACf,aAAa,EAAE,GAAG,CAAC;IACnB,iBAAiB,EAAE,GAAG,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,mBAAmB,EAAE,SAAS,MAAM,EAAE,CAAC;IACvC,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAKrD;AAED,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAG/E;AAED,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,iBAAiB,GAAG,oBAAoB,CAoB/E"}
|
|
@@ -12,15 +12,25 @@ export function parseOAuthCsv(value) {
|
|
|
12
12
|
.map((item) => item.trim())
|
|
13
13
|
.filter((item) => item.length > 0);
|
|
14
14
|
}
|
|
15
|
+
export function parseHostedEnrollmentEnabled(value) {
|
|
16
|
+
if (value === undefined)
|
|
17
|
+
return false;
|
|
18
|
+
return ["1", "true", "yes", "on"].includes(value.trim().toLowerCase());
|
|
19
|
+
}
|
|
15
20
|
export function oauthConfigFromEnv(env) {
|
|
16
21
|
const publicBaseUrl = new URL(env.PUBLIC_BASE_URL);
|
|
17
22
|
const issuerUrl = new URL(env.OAUTH_ISSUER_URL);
|
|
23
|
+
const enrollmentEnabled = parseHostedEnrollmentEnabled(env.H2A_HOSTED_ENROLLMENT_ENABLED);
|
|
24
|
+
if (enrollmentEnabled && !env.OAUTH_CONSENT_SECRET) {
|
|
25
|
+
throw new Error("OAUTH_CONSENT_SECRET is required when H2A_HOSTED_ENROLLMENT_ENABLED=true");
|
|
26
|
+
}
|
|
18
27
|
return {
|
|
19
28
|
issuerUrl,
|
|
20
29
|
publicBaseUrl,
|
|
21
30
|
resourceServerUrl: new URL("/mcp", publicBaseUrl),
|
|
22
31
|
resourceMetadataUrl: new URL("/.well-known/oauth-protected-resource/mcp", publicBaseUrl).href,
|
|
23
32
|
consentSecret: env.OAUTH_CONSENT_SECRET ?? "local-dev-consent",
|
|
33
|
+
enrollmentEnabled,
|
|
24
34
|
allowedRedirectUris: parseOAuthCsv(env.OAUTH_ALLOWED_REDIRECT_URIS),
|
|
25
35
|
accessTokenTtlSeconds: env.OAUTH_ACCESS_TOKEN_TTL_SECONDS,
|
|
26
36
|
refreshTokenTtlSeconds: env.OAUTH_REFRESH_TOKEN_TTL_SECONDS,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAG,UAAU,CAAC;AA4BjD,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,KAAK;SACT,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;SAC1B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,KAAyB;IACpE,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACtC,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,GAAsB;IACvD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAChD,MAAM,iBAAiB,GAAG,4BAA4B,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAC1F,IAAI,iBAAiB,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;IAC9F,CAAC;IACD,OAAO;QACL,SAAS;QACT,aAAa;QACb,iBAAiB,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC;QACjD,mBAAmB,EAAE,IAAI,GAAG,CAAC,2CAA2C,EAAE,aAAa,CAAC,CAAC,IAAI;QAC7F,aAAa,EAAE,GAAG,CAAC,oBAAoB,IAAI,mBAAmB;QAC9D,iBAAiB;QACjB,mBAAmB,EAAE,aAAa,CAAC,GAAG,CAAC,2BAA2B,CAAC;QACnE,qBAAqB,EAAE,GAAG,CAAC,8BAA8B;QACzD,sBAAsB,EAAE,GAAG,CAAC,+BAA+B;QAC3D,kBAAkB,EAAE,GAAG,CAAC,2BAA2B;QACnD,OAAO,EAAE,GAAG,CAAC,QAAQ,IAAI,aAAa;KACvC,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hono-oauth-router.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAyC,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC/F,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"hono-oauth-router.d.ts","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAyC,KAAK,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAC/F,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAY7E,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,yBAAyB,EAAE,KAAK,EAAE,oBAAoB,GAAG,IAAI,CA2FvG"}
|
|
@@ -8,6 +8,12 @@ import { authenticateClient, clientRegistrationHandler, createOAuthMetadata, rev
|
|
|
8
8
|
import { OAuthError, ServerError } from "@modelcontextprotocol/sdk/server/auth/errors.js";
|
|
9
9
|
import { Hono } from "hono";
|
|
10
10
|
import { H2A_HOSTED_OAUTH_SCOPE as OAUTH_SCOPE } from "./config.js";
|
|
11
|
+
function enrollmentDisabled(c) {
|
|
12
|
+
return c.json({
|
|
13
|
+
error: "enrollment_disabled",
|
|
14
|
+
error_description: "Remote h2a enrollment is disabled by default; enable it explicitly after multi-tenant policy is configured."
|
|
15
|
+
}, 403);
|
|
16
|
+
}
|
|
11
17
|
export function buildOAuthRoutes(provider, oauth) {
|
|
12
18
|
const sdkProvider = provider;
|
|
13
19
|
const clientsStore = provider.clientsStore;
|
|
@@ -35,11 +41,14 @@ export function buildOAuthRoutes(provider, oauth) {
|
|
|
35
41
|
scopes_supported: [OAUTH_SCOPE],
|
|
36
42
|
resource_name: "h2a"
|
|
37
43
|
}));
|
|
44
|
+
router.post("/register", (c, next) => oauth.enrollmentEnabled ? next() : enrollmentDisabled(c));
|
|
38
45
|
router.post("/register", clientRegistrationHandler({ clientsStore }));
|
|
39
46
|
router.post("/token", authenticateClient({ clientsStore }), tokenHandler(sdkProvider));
|
|
40
47
|
router.post("/revoke", authenticateClient({ clientsStore }), revokeHandler(sdkProvider));
|
|
41
48
|
router.on(["GET", "POST"], "/authorize", async (c) => {
|
|
42
49
|
c.header("Cache-Control", "no-store");
|
|
50
|
+
if (!oauth.enrollmentEnabled)
|
|
51
|
+
return enrollmentDisabled(c);
|
|
43
52
|
const raw = c.req.method === "POST"
|
|
44
53
|
? (await c.req.parseBody())
|
|
45
54
|
: c.req.query();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hono-oauth-router.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,eAAe,EAChB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iDAAiD,CAAC;AAK1F,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,sBAAsB,IAAI,WAAW,EAA6B,MAAM,aAAa,CAAC;AAG/F,MAAM,UAAU,gBAAgB,CAAC,QAAmC,EAAE,KAA2B;IAC/F,MAAM,WAAW,GAAG,QAA0C,CAAC;IAC/D,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAsD,CAAC;IACrF,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAE1B,6EAA6E;IAC7E,oFAAoF;IACpF,MAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAExD,MAAM,aAAa,GAAG,mBAAmB,CAAC;QACxC,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,MAAM;QACjB,OAAO,EAAE,KAAK,CAAC,aAAa;QAC5B,eAAe,EAAE,CAAC,WAAW,CAAC;KAC/B,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CACV,GAAG,EACH,eAAe,CAAC;QACd,aAAa;QACb,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,eAAe,EAAE,CAAC,WAAW,CAAC;QAC9B,YAAY,EAAE,KAAK;KACpB,CAAC,CACH,CAAC;IAEF,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,CAAC,EAAE,EAAE,CACxD,CAAC,CAAC,IAAI,CAAC;QACL,QAAQ,EAAE,KAAK,CAAC,iBAAiB,CAAC,IAAI;QACtC,qBAAqB,EAAE,CAAC,MAAM,CAAC;QAC/B,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,aAAa,EAAE,KAAK;KACrB,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;IACtE,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;IACvF,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC;IAEzF,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnD,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QACtC,MAAM,GAAG,GACP,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM;YACrB,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,CAA4B;YACvD,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,KAAK,EAA6B,CAAC;QAEhD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3F,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzE,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;QACpC,MAAM,MAAM,GAAwB;YAClC,WAAW;YACX,aAAa,EAAE,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE;YAC1C,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;YAClD,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,IAAI,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;SACrE,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC5C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE;gBAC9D,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;gBACpB,GAAG,CAAC,aAAa,KAAK,SAAS,IAAI,EAAE,aAAa,EAAE,CAAC;aACtD,CAAC,CAAC;YACH,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACnF,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,GAAG,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChF,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
1
|
+
{"version":3,"file":"hono-oauth-router.js","sourceRoot":"","sources":["../../../../src/runtime/mcp-http/oauth/hono-oauth-router.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,eAAe,EAChB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iDAAiD,CAAC;AAK1F,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,sBAAsB,IAAI,WAAW,EAA6B,MAAM,aAAa,CAAC;AAG/F,SAAS,kBAAkB,CAAC,CAAwD;IAClF,OAAO,CAAC,CAAC,IAAI,CACX;QACE,KAAK,EAAE,qBAAqB;QAC5B,iBAAiB,EAAE,6GAA6G;KACjI,EACD,GAAG,CACJ,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,QAAmC,EAAE,KAA2B;IAC/F,MAAM,WAAW,GAAG,QAA0C,CAAC;IAC/D,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAsD,CAAC;IACrF,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAE1B,6EAA6E;IAC7E,oFAAoF;IACpF,MAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAExD,MAAM,aAAa,GAAG,mBAAmB,CAAC;QACxC,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,MAAM;QACjB,OAAO,EAAE,KAAK,CAAC,aAAa;QAC5B,eAAe,EAAE,CAAC,WAAW,CAAC;KAC/B,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CACV,GAAG,EACH,eAAe,CAAC;QACd,aAAa;QACb,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,eAAe,EAAE,CAAC,WAAW,CAAC;QAC9B,YAAY,EAAE,KAAK;KACpB,CAAC,CACH,CAAC;IAEF,kFAAkF;IAClF,MAAM,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,CAAC,EAAE,EAAE,CACxD,CAAC,CAAC,IAAI,CAAC;QACL,QAAQ,EAAE,KAAK,CAAC,iBAAiB,CAAC,IAAI;QACtC,qBAAqB,EAAE,CAAC,MAAM,CAAC;QAC/B,wBAAwB,EAAE,CAAC,QAAQ,CAAC;QACpC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,aAAa,EAAE,KAAK;KACrB,CAAC,CACH,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,CACnC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,CACzD,CAAC;IACF,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,yBAAyB,CAAC,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;IACtE,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;IACvF,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC;IAEzF,MAAM,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnD,CAAC,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,CAAC,iBAAiB;YAAE,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAE3D,MAAM,GAAG,GACP,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM;YACrB,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,CAA4B;YACvD,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,KAAK,EAA6B,CAAC;QAEhD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;QAClC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC3F,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC/D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzE,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;QACpC,MAAM,MAAM,GAAwB;YAClC,WAAW;YACX,aAAa,EAAE,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE;YAC1C,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;YAClD,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,IAAI,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;SACrE,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC5C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE;gBAC9D,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;gBACpB,GAAG,CAAC,aAAa,KAAK,SAAS,IAAI,EAAE,aAAa,EAAE,CAAC;aACtD,CAAC,CAAC;YACH,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9C,CAAC;YACD,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,uBAAuB,CAAC,CAAC;YACnF,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,GAAG,YAAY,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChF,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
@@ -8,6 +8,7 @@ export interface HostedEnv {
|
|
|
8
8
|
OAUTH_ACCESS_TOKEN_TTL_SECONDS?: string;
|
|
9
9
|
OAUTH_REFRESH_TOKEN_TTL_SECONDS?: string;
|
|
10
10
|
OAUTH_AUTH_CODE_TTL_SECONDS?: string;
|
|
11
|
+
H2A_HOSTED_ENROLLMENT_ENABLED?: string;
|
|
11
12
|
OAUTH_STORE_PATH?: string;
|
|
12
13
|
H2A_ROOT?: string;
|
|
13
14
|
PORT?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../../src/runtime/mcp-http/serve.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAElD,OAAO,EAAE,KAAK,oBAAoB,EAAsB,MAAM,mBAAmB,CAAC;AAIlF,MAAM,WAAW,SAAS;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,8BAA8B,CAAC,EAAE,MAAM,CAAC;IACxC,+BAA+B,CAAC,EAAE,MAAM,CAAC;IACzC,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAKD,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,oBAAoB,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd;AAED,yFAAyF;AACzF,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,SAAS,GAAG,YAAY,
|
|
1
|
+
{"version":3,"file":"serve.d.ts","sourceRoot":"","sources":["../../../src/runtime/mcp-http/serve.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAElD,OAAO,EAAE,KAAK,oBAAoB,EAAsB,MAAM,mBAAmB,CAAC;AAIlF,MAAM,WAAW,SAAS;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,8BAA8B,CAAC,EAAE,MAAM,CAAC;IACxC,+BAA+B,CAAC,EAAE,MAAM,CAAC;IACzC,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,6BAA6B,CAAC,EAAE,MAAM,CAAC;IACvC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAKD,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,oBAAoB,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd;AAED,yFAAyF;AACzF,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,SAAS,GAAG,YAAY,CAuBrE;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,SAAS,CAAC;IACxB,IAAI,IAAI,IAAI,CAAC;CACd;AAED,wBAAsB,iBAAiB,CAAC,GAAG,GAAE,SAAuB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAelG"}
|
|
@@ -22,6 +22,9 @@ export function buildHostedConfigFromEnv(env) {
|
|
|
22
22
|
OAUTH_ISSUER_URL: env.OAUTH_ISSUER_URL ?? publicBaseUrl,
|
|
23
23
|
OAUTH_ALLOWED_REDIRECT_URIS: env.OAUTH_ALLOWED_REDIRECT_URIS ?? DEFAULT_CLAUDE_REDIRECTS,
|
|
24
24
|
...(env.OAUTH_CONSENT_SECRET !== undefined && { OAUTH_CONSENT_SECRET: env.OAUTH_CONSENT_SECRET }),
|
|
25
|
+
...(env.H2A_HOSTED_ENROLLMENT_ENABLED !== undefined && {
|
|
26
|
+
H2A_HOSTED_ENROLLMENT_ENABLED: env.H2A_HOSTED_ENROLLMENT_ENABLED
|
|
27
|
+
}),
|
|
25
28
|
OAUTH_ACCESS_TOKEN_TTL_SECONDS: Number(env.OAUTH_ACCESS_TOKEN_TTL_SECONDS ?? 3600),
|
|
26
29
|
OAUTH_REFRESH_TOKEN_TTL_SECONDS: Number(env.OAUTH_REFRESH_TOKEN_TTL_SECONDS ?? 1_209_600),
|
|
27
30
|
OAUTH_AUTH_CODE_TTL_SECONDS: Number(env.OAUTH_AUTH_CODE_TTL_SECONDS ?? 60),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../../src/runtime/mcp-http/serve.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE1C,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EAA6B,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;
|
|
1
|
+
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../../src/runtime/mcp-http/serve.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAE1C,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EAA6B,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;AAiB9E,MAAM,wBAAwB,GAC5B,kFAAkF,CAAC;AASrF,yFAAyF;AACzF,MAAM,UAAU,wBAAwB,CAAC,GAAc;IACrD,MAAM,aAAa,GAAG,GAAG,CAAC,eAAe,CAAC;IAC1C,IAAI,CAAC,aAAa;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACnE,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IACzD,MAAM,WAAW,GAAG,kBAAkB,CAAC;QACrC,eAAe,EAAE,aAAa;QAC9B,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,IAAI,aAAa;QACvD,2BAA2B,EAAE,GAAG,CAAC,2BAA2B,IAAI,wBAAwB;QACxF,GAAG,CAAC,GAAG,CAAC,oBAAoB,KAAK,SAAS,IAAI,EAAE,oBAAoB,EAAE,GAAG,CAAC,oBAAoB,EAAE,CAAC;QACjG,GAAG,CAAC,GAAG,CAAC,6BAA6B,KAAK,SAAS,IAAI;YACrD,6BAA6B,EAAE,GAAG,CAAC,6BAA6B;SACjE,CAAC;QACF,8BAA8B,EAAE,MAAM,CAAC,GAAG,CAAC,8BAA8B,IAAI,IAAI,CAAC;QAClF,+BAA+B,EAAE,MAAM,CAAC,GAAG,CAAC,+BAA+B,IAAI,SAAS,CAAC;QACzF,2BAA2B,EAAE,MAAM,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE,CAAC;QAC1E,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,YAAY;KACvC,CAAC,CAAC;IACH,OAAO;QACL,WAAW;QACX,SAAS,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,IAAI,EAAE,oBAAoB,CAAC;QACnE,IAAI;QACJ,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC;KAC/B,CAAC;AACJ,CAAC;AAQD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAiB,OAAO,CAAC,GAAG;IAClE,MAAM,GAAG,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,IAAI,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAChD,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC;IACnB,MAAM,aAAa,GAAG,IAAI,yBAAyB,CAAC,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IACnF,MAAM,YAAY,GAAG,eAAe,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACzD,MAAM,GAAG,GAAG,eAAe,CAAC,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,YAAY,EAAE,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,KAAK,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3D,OAAO;QACL,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,YAAY;QACZ,IAAI,EAAE,GAAG,EAAE;YACR,MAAiC,CAAC,KAAK,EAAE,EAAE,CAAC;QAC/C,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sentropic/h2a-cli",
|
|
3
|
-
"version": "0.26.
|
|
3
|
+
"version": "0.26.1",
|
|
4
4
|
"description": "Unified CLI surface for h2a hosts and MCP-oriented coordination flows.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"type": "module",
|
|
@@ -43,7 +43,7 @@
|
|
|
43
43
|
"@hono/mcp": "^0.3.0",
|
|
44
44
|
"@hono/node-server": "^2.0.4",
|
|
45
45
|
"@modelcontextprotocol/sdk": "^1.29.0",
|
|
46
|
-
"@sentropic/h2a": "^0.26.
|
|
46
|
+
"@sentropic/h2a": "^0.26.1",
|
|
47
47
|
"hono": "^4.12.23"
|
|
48
48
|
},
|
|
49
49
|
"publishConfig": {
|