@serve.zone/dcrouter 15.2.5 → 15.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/deno.json +1 -1
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/classes.dcrouter.d.ts +3 -1
- package/dist_ts/classes.dcrouter.js +6 -2
- package/dist_ts/opsserver/classes.mcpmanager.d.ts +28 -0
- package/dist_ts/opsserver/classes.mcpmanager.js +354 -0
- package/dist_ts/opsserver/classes.opsserver.d.ts +1 -0
- package/dist_ts/opsserver/classes.opsserver.js +7 -1
- package/dist_ts/opsserver/handlers/admin.handler.d.ts +1 -0
- package/dist_ts/opsserver/handlers/admin.handler.js +28 -1
- package/dist_ts/opsserver/index.d.ts +1 -0
- package/dist_ts/opsserver/index.js +2 -1
- package/dist_ts/plugins.d.ts +2 -1
- package/dist_ts/plugins.js +3 -2
- package/dist_ts_oci_container/index.js +7 -6
- package/dist_ts_web/00_commitinfo_data.js +1 -1
- package/package.json +3 -2
- package/readme.md +7 -5
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/classes.dcrouter.ts +10 -2
- package/ts/opsserver/classes.mcpmanager.ts +393 -0
- package/ts/opsserver/classes.opsserver.ts +11 -0
- package/ts/opsserver/handlers/admin.handler.ts +33 -0
- package/ts/opsserver/index.ts +1 -0
- package/ts/plugins.ts +2 -1
- package/ts/readme.md +4 -1
- package/ts_apiclient/readme.md +4 -4
- package/ts_web/00_commitinfo_data.ts +1 -1
|
@@ -455,6 +455,39 @@ export class AdminHandler {
|
|
|
455
455
|
}
|
|
456
456
|
}
|
|
457
457
|
|
|
458
|
+
public async getVerifiedAdminIdentityFromJwt(
|
|
459
|
+
jwtArg: string,
|
|
460
|
+
): Promise<interfaces.data.IIdentity> {
|
|
461
|
+
if (!jwtArg) {
|
|
462
|
+
throw new plugins.typedrequest.TypedResponseError('Valid identity required');
|
|
463
|
+
}
|
|
464
|
+
|
|
465
|
+
let jwtData: IJwtData;
|
|
466
|
+
try {
|
|
467
|
+
jwtData = await this.smartjwtInstance.verifyJWTAndGetData(jwtArg);
|
|
468
|
+
} catch {
|
|
469
|
+
throw new plugins.typedrequest.TypedResponseError('Valid identity required');
|
|
470
|
+
}
|
|
471
|
+
|
|
472
|
+
if (jwtData.status !== 'loggedIn' || jwtData.expiresAt < Date.now()) {
|
|
473
|
+
throw new plugins.typedrequest.TypedResponseError('Valid identity required');
|
|
474
|
+
}
|
|
475
|
+
|
|
476
|
+
const user = await this.resolveUser(jwtData.userId);
|
|
477
|
+
if (!user || user.role !== 'admin') {
|
|
478
|
+
throw new plugins.typedrequest.TypedResponseError('Admin access required');
|
|
479
|
+
}
|
|
480
|
+
|
|
481
|
+
return {
|
|
482
|
+
jwt: jwtArg,
|
|
483
|
+
userId: user.id,
|
|
484
|
+
name: user.name || user.username,
|
|
485
|
+
expiresAt: jwtData.expiresAt,
|
|
486
|
+
role: user.role,
|
|
487
|
+
type: 'user',
|
|
488
|
+
};
|
|
489
|
+
}
|
|
490
|
+
|
|
458
491
|
private async authenticateUser(optionsArg: {
|
|
459
492
|
username: string;
|
|
460
493
|
password: string;
|
package/ts/opsserver/index.ts
CHANGED
package/ts/plugins.ts
CHANGED
|
@@ -62,6 +62,7 @@ import * as smartguard from '@push.rocks/smartguard';
|
|
|
62
62
|
import * as smartjwt from '@push.rocks/smartjwt';
|
|
63
63
|
import * as smartlog from '@push.rocks/smartlog';
|
|
64
64
|
import * as smartmetrics from '@push.rocks/smartmetrics';
|
|
65
|
+
import * as smartmcp from '@push.rocks/smartmcp';
|
|
65
66
|
import * as smartmta from '@push.rocks/smartmta';
|
|
66
67
|
import * as smartdb from '@push.rocks/smartdb';
|
|
67
68
|
import * as smartnetwork from '@push.rocks/smartnetwork';
|
|
@@ -75,7 +76,7 @@ import * as smartrx from '@push.rocks/smartrx';
|
|
|
75
76
|
import * as smartunique from '@push.rocks/smartunique';
|
|
76
77
|
import * as taskbuffer from '@push.rocks/taskbuffer';
|
|
77
78
|
|
|
78
|
-
export { projectinfo, qenv, smartacme, smartchallenge, smartdata, smartdns, smartfs, smartguard, smartjwt, smartlog, smartmetrics, smartdb, smartmta, smartnetwork, smartpath, smartproxy, smartpromise, smartradius, smartrequest, smartrx, smartunique, smartvpn, taskbuffer };
|
|
79
|
+
export { projectinfo, qenv, smartacme, smartchallenge, smartdata, smartdns, smartfs, smartguard, smartjwt, smartlog, smartmetrics, smartmcp, smartdb, smartmta, smartnetwork, smartpath, smartproxy, smartpromise, smartradius, smartrequest, smartrx, smartunique, smartvpn, taskbuffer };
|
|
79
80
|
|
|
80
81
|
// Define SmartLog types for use in error handling
|
|
81
82
|
export type TLogLevel = 'error' | 'warn' | 'info' | 'success' | 'debug';
|
package/ts/readme.md
CHANGED
|
@@ -30,7 +30,7 @@ pnpm add @serve.zone/dcrouter
|
|
|
30
30
|
import { DcRouter } from '@serve.zone/dcrouter';
|
|
31
31
|
|
|
32
32
|
const router = new DcRouter({
|
|
33
|
-
|
|
33
|
+
coreTrafficConfig: {
|
|
34
34
|
routes: [
|
|
35
35
|
{
|
|
36
36
|
name: 'local-app',
|
|
@@ -51,6 +51,8 @@ const router = new DcRouter({
|
|
|
51
51
|
await router.start();
|
|
52
52
|
```
|
|
53
53
|
|
|
54
|
+
`coreTrafficConfig` is the preferred route configuration key. `smartProxyConfig` remains accepted as a legacy alias for existing callers.
|
|
55
|
+
|
|
54
56
|
## What `DcRouter` Manages
|
|
55
57
|
|
|
56
58
|
- SmartProxy for HTTP/HTTPS/TCP routes
|
|
@@ -59,6 +61,7 @@ await router.start();
|
|
|
59
61
|
- embedded authoritative DNS and DoH route generation from `dnsNsDomains` and `dnsScopes`
|
|
60
62
|
- VPN, RADIUS, and remote ingress services when their config blocks are enabled
|
|
61
63
|
- OpsServer and the dashboard, which start on every boot
|
|
64
|
+
- an admin-JWT authenticated read-only MCP endpoint at `/mcp` for safe route, DNS, email, RemoteIngress, and VPN summaries
|
|
62
65
|
|
|
63
66
|
## Important Runtime Behavior
|
|
64
67
|
|
package/ts_apiclient/readme.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# @serve.zone/dcrouter-apiclient
|
|
2
2
|
|
|
3
|
-
`@serve.zone/dcrouter-apiclient` is the object-oriented TypeScript client for the dcrouter OpsServer API. It wraps `/typedrequest` calls in managers, builders, and resource classes for routes, certificates, API tokens, remote ingress, email, stats, config, logs, RADIUS, and
|
|
3
|
+
`@serve.zone/dcrouter-apiclient` is the object-oriented TypeScript client for the dcrouter OpsServer API. It wraps `/typedrequest` calls in managers, builders, and resource classes for routes, certificates, API tokens, remote ingress, email, stats, config, logs, RADIUS, and gateway-client integrations.
|
|
4
4
|
|
|
5
5
|
## Issue Reporting and Security
|
|
6
6
|
|
|
@@ -68,7 +68,7 @@ const tokenClient = new DcRouterApiClient({
|
|
|
68
68
|
| `client.apiTokens` | Create, list, toggle, roll, and revoke API tokens. |
|
|
69
69
|
| `client.remoteIngress` | Manage edge registrations, statuses, ports, tags, and connection tokens. |
|
|
70
70
|
| `client.emails` | Inspect received/cached email items and trigger resend flows. |
|
|
71
|
-
| `client.
|
|
71
|
+
| `client.gatewayClients` | Manage gateway-client route, DNS, and domain integration calls. |
|
|
72
72
|
| `client.stats` | Read health, counters, summaries, and runtime status. |
|
|
73
73
|
| `client.config` | Read the current configuration view. |
|
|
74
74
|
| `client.logs` | Read recent log information. |
|
|
@@ -124,9 +124,9 @@ console.log(token.tokenValue, connectionToken);
|
|
|
124
124
|
|
|
125
125
|
- It does not start dcrouter.
|
|
126
126
|
- It does not serve or bundle the Ops dashboard.
|
|
127
|
-
- It does not replace `@serve.zone/dcrouter-interfaces` when you want raw TypedRequest contracts.
|
|
127
|
+
- It does not replace `@serve.zone/dcrouter-interfaces` when you want dcrouter-local raw TypedRequest contracts.
|
|
128
128
|
|
|
129
|
-
Use `@serve.zone/dcrouter` for the server runtime and `@serve.zone/dcrouter-interfaces` for
|
|
129
|
+
Use `@serve.zone/dcrouter` for the server runtime and `@serve.zone/dcrouter-interfaces` for dcrouter-local request/data types. The canonical machine-facing gateway client route, DNS, and domain contracts used by `client.gatewayClients` come from `@serve.zone/interfaces`.
|
|
130
130
|
|
|
131
131
|
## Development
|
|
132
132
|
|