@slashfi/agents-sdk 0.8.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent-definitions/auth.d.ts +17 -0
- package/dist/agent-definitions/auth.d.ts.map +1 -1
- package/dist/agent-definitions/auth.js +135 -1
- package/dist/agent-definitions/auth.js.map +1 -1
- package/dist/agent-definitions/integrations.d.ts +19 -0
- package/dist/agent-definitions/integrations.d.ts.map +1 -1
- package/dist/agent-definitions/integrations.js +218 -5
- package/dist/agent-definitions/integrations.js.map +1 -1
- package/dist/index.d.ts +9 -4
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -2
- package/dist/index.js.map +1 -1
- package/dist/integration-interface.d.ts +37 -0
- package/dist/integration-interface.d.ts.map +1 -0
- package/dist/integration-interface.js +94 -0
- package/dist/integration-interface.js.map +1 -0
- package/dist/integrations-store.d.ts +33 -0
- package/dist/integrations-store.d.ts.map +1 -0
- package/dist/integrations-store.js +50 -0
- package/dist/integrations-store.js.map +1 -0
- package/dist/jwt.d.ts +86 -17
- package/dist/jwt.d.ts.map +1 -1
- package/dist/jwt.js +140 -17
- package/dist/jwt.js.map +1 -1
- package/dist/registry.d.ts +7 -0
- package/dist/registry.d.ts.map +1 -1
- package/dist/registry.js +8 -21
- package/dist/registry.js.map +1 -1
- package/dist/secret-collection.d.ts +37 -0
- package/dist/secret-collection.d.ts.map +1 -0
- package/dist/secret-collection.js +37 -0
- package/dist/secret-collection.js.map +1 -0
- package/dist/server.d.ts +41 -44
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +236 -592
- package/dist/server.js.map +1 -1
- package/dist/types.d.ts +7 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +5 -2
- package/src/agent-definitions/auth.ts +187 -1
- package/src/agent-definitions/integrations.ts +260 -5
- package/src/index.ts +18 -4
- package/src/integration-interface.ts +118 -0
- package/src/integrations-store.ts +84 -0
- package/src/jwt.ts +233 -65
- package/src/registry.ts +17 -2
- package/src/secret-collection.ts +66 -0
- package/src/server.ts +272 -681
- package/src/types.ts +8 -1
- package/dist/slack-oauth.d.ts +0 -27
- package/dist/slack-oauth.d.ts.map +0 -1
- package/dist/slack-oauth.js +0 -48
- package/dist/slack-oauth.js.map +0 -1
- package/dist/web-pages.d.ts +0 -8
- package/dist/web-pages.d.ts.map +0 -1
- package/dist/web-pages.js +0 -169
- package/dist/web-pages.js.map +0 -1
- package/src/slack-oauth.ts +0 -66
- package/src/web-pages.ts +0 -178
package/dist/jwt.js
CHANGED
|
@@ -1,9 +1,141 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* JWT utilities for auth tokens.
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
4
|
+
* Supports two modes:
|
|
5
|
+
* - ES256 (asymmetric) — for production / cross-registry trust
|
|
6
|
+
* - HS256 (HMAC) — for backward compat / simple single-server setups
|
|
7
|
+
*
|
|
8
|
+
* Uses `jose` library for all crypto operations.
|
|
9
|
+
*/
|
|
10
|
+
import { SignJWT, jwtVerify, generateKeyPair, exportJWK, importJWK, createRemoteJWKSet, } from "jose";
|
|
11
|
+
// ============================================
|
|
12
|
+
// Key Generation
|
|
13
|
+
// ============================================
|
|
14
|
+
/**
|
|
15
|
+
* Generate a new ES256 signing key pair.
|
|
16
|
+
*/
|
|
17
|
+
export async function generateSigningKey(kid) {
|
|
18
|
+
const { privateKey, publicKey } = await generateKeyPair("ES256");
|
|
19
|
+
return {
|
|
20
|
+
kid: kid ?? `key-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
|
|
21
|
+
privateKey,
|
|
22
|
+
publicKey,
|
|
23
|
+
alg: "ES256",
|
|
24
|
+
status: "active",
|
|
25
|
+
createdAt: Date.now(),
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Export a signing key to JWK format (for storage).
|
|
30
|
+
*/
|
|
31
|
+
export async function exportSigningKey(key) {
|
|
32
|
+
const privateKeyJwk = await exportJWK(key.privateKey);
|
|
33
|
+
const publicKeyJwk = await exportJWK(key.publicKey);
|
|
34
|
+
return {
|
|
35
|
+
kid: key.kid,
|
|
36
|
+
alg: key.alg,
|
|
37
|
+
privateKeyJwk,
|
|
38
|
+
publicKeyJwk,
|
|
39
|
+
status: key.status,
|
|
40
|
+
createdAt: key.createdAt,
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
/**
|
|
44
|
+
* Import a signing key from stored JWK format.
|
|
45
|
+
*/
|
|
46
|
+
export async function importSigningKey(exported) {
|
|
47
|
+
const privateKey = await importJWK(exported.privateKeyJwk, exported.alg);
|
|
48
|
+
const publicKey = await importJWK(exported.publicKeyJwk, exported.alg);
|
|
49
|
+
return {
|
|
50
|
+
kid: exported.kid,
|
|
51
|
+
privateKey,
|
|
52
|
+
publicKey,
|
|
53
|
+
alg: exported.alg,
|
|
54
|
+
status: exported.status,
|
|
55
|
+
createdAt: exported.createdAt,
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Build a JWKS (JSON Web Key Set) from signing keys.
|
|
60
|
+
* Only includes public keys.
|
|
61
|
+
*/
|
|
62
|
+
export async function buildJwks(keys) {
|
|
63
|
+
const jwks = [];
|
|
64
|
+
for (const key of keys) {
|
|
65
|
+
if (key.status === "revoked")
|
|
66
|
+
continue;
|
|
67
|
+
const jwk = await exportJWK(key.publicKey);
|
|
68
|
+
jwk.kid = key.kid;
|
|
69
|
+
jwk.alg = key.alg;
|
|
70
|
+
jwk.use = "sig";
|
|
71
|
+
jwks.push(jwk);
|
|
72
|
+
}
|
|
73
|
+
return { keys: jwks };
|
|
74
|
+
}
|
|
75
|
+
// ============================================
|
|
76
|
+
// Signing (ES256)
|
|
77
|
+
// ============================================
|
|
78
|
+
/**
|
|
79
|
+
* Sign a JWT with ES256 using the server's private key.
|
|
80
|
+
*/
|
|
81
|
+
export async function signJwtES256(payload, privateKey, kid, issuer, expiresIn) {
|
|
82
|
+
let builder = new SignJWT(payload)
|
|
83
|
+
.setProtectedHeader({ alg: "ES256", kid })
|
|
84
|
+
.setIssuedAt();
|
|
85
|
+
if (issuer)
|
|
86
|
+
builder = builder.setIssuer(issuer);
|
|
87
|
+
if (payload.sub)
|
|
88
|
+
builder = builder.setSubject(payload.sub);
|
|
89
|
+
if (expiresIn) {
|
|
90
|
+
builder = builder.setExpirationTime(expiresIn);
|
|
91
|
+
}
|
|
92
|
+
else if (payload.exp) {
|
|
93
|
+
builder = builder.setExpirationTime(payload.exp);
|
|
94
|
+
}
|
|
95
|
+
else {
|
|
96
|
+
builder = builder.setExpirationTime("1h");
|
|
97
|
+
}
|
|
98
|
+
return builder.sign(privateKey);
|
|
99
|
+
}
|
|
100
|
+
// ============================================
|
|
101
|
+
// Verification
|
|
102
|
+
// ============================================
|
|
103
|
+
/**
|
|
104
|
+
* Verify a JWT against a local public key.
|
|
6
105
|
*/
|
|
106
|
+
export async function verifyJwtLocal(token, publicKey) {
|
|
107
|
+
try {
|
|
108
|
+
const { payload } = await jwtVerify(token, publicKey);
|
|
109
|
+
return payload;
|
|
110
|
+
}
|
|
111
|
+
catch {
|
|
112
|
+
return null;
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
/** JWKS cache for remote issuers */
|
|
116
|
+
const jwksCache = new Map();
|
|
117
|
+
/**
|
|
118
|
+
* Verify a JWT against a remote issuer's JWKS.
|
|
119
|
+
* Fetches and caches the JWKS from the issuer's /.well-known/jwks.json
|
|
120
|
+
*/
|
|
121
|
+
export async function verifyJwtFromIssuer(token, issuerUrl) {
|
|
122
|
+
try {
|
|
123
|
+
const jwksUrl = issuerUrl.replace(/\/$/, "") + "/.well-known/jwks.json";
|
|
124
|
+
let jwks = jwksCache.get(jwksUrl);
|
|
125
|
+
if (!jwks) {
|
|
126
|
+
jwks = createRemoteJWKSet(new URL(jwksUrl));
|
|
127
|
+
jwksCache.set(jwksUrl, jwks);
|
|
128
|
+
}
|
|
129
|
+
const { payload } = await jwtVerify(token, jwks);
|
|
130
|
+
return payload;
|
|
131
|
+
}
|
|
132
|
+
catch {
|
|
133
|
+
return null;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
// ============================================
|
|
137
|
+
// Legacy HMAC (backward compat)
|
|
138
|
+
// ============================================
|
|
7
139
|
const encoder = new TextEncoder();
|
|
8
140
|
function base64UrlEncode(data) {
|
|
9
141
|
const str = btoa(String.fromCharCode(...data));
|
|
@@ -24,11 +156,8 @@ async function hmacVerify(data, signature, secret) {
|
|
|
24
156
|
return crypto.subtle.verify("HMAC", key, signature.buffer, encoder.encode(data));
|
|
25
157
|
}
|
|
26
158
|
/**
|
|
27
|
-
* Sign a JWT with HMAC-SHA256.
|
|
28
|
-
*
|
|
29
|
-
* @param payload - JWT payload (client_id, scopes, etc.)
|
|
30
|
-
* @param secret - Signing secret (the client's secret hash)
|
|
31
|
-
* @returns Signed JWT string
|
|
159
|
+
* Sign a JWT with HMAC-SHA256 (legacy).
|
|
160
|
+
* @deprecated Use signJwtES256 for new code.
|
|
32
161
|
*/
|
|
33
162
|
export async function signJwt(payload, secret) {
|
|
34
163
|
const header = { alg: "HS256", typ: "JWT" };
|
|
@@ -36,15 +165,11 @@ export async function signJwt(payload, secret) {
|
|
|
36
165
|
const payloadB64 = base64UrlEncode(encoder.encode(JSON.stringify(payload)));
|
|
37
166
|
const signingInput = `${headerB64}.${payloadB64}`;
|
|
38
167
|
const signature = await hmacSign(signingInput, secret);
|
|
39
|
-
|
|
40
|
-
return `${signingInput}.${signatureB64}`;
|
|
168
|
+
return `${signingInput}.${base64UrlEncode(signature)}`;
|
|
41
169
|
}
|
|
42
170
|
/**
|
|
43
|
-
* Verify and decode a JWT.
|
|
44
|
-
*
|
|
45
|
-
* @param token - JWT string
|
|
46
|
-
* @param secret - Signing secret to verify against
|
|
47
|
-
* @returns Decoded payload, or null if invalid/expired
|
|
171
|
+
* Verify and decode a JWT (HMAC-SHA256, legacy).
|
|
172
|
+
* @deprecated Use verifyJwtLocal or verifyJwtFromIssuer for new code.
|
|
48
173
|
*/
|
|
49
174
|
export async function verifyJwt(token, secret) {
|
|
50
175
|
const parts = token.split(".");
|
|
@@ -58,10 +183,8 @@ export async function verifyJwt(token, secret) {
|
|
|
58
183
|
if (!valid)
|
|
59
184
|
return null;
|
|
60
185
|
const payload = JSON.parse(new TextDecoder().decode(base64UrlDecode(payloadB64)));
|
|
61
|
-
|
|
62
|
-
if (payload.exp && payload.exp < Date.now() / 1000) {
|
|
186
|
+
if (payload.exp && payload.exp < Date.now() / 1000)
|
|
63
187
|
return null;
|
|
64
|
-
}
|
|
65
188
|
return payload;
|
|
66
189
|
}
|
|
67
190
|
catch {
|
package/dist/jwt.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EACL,OAAO,EACP,SAAS,EACT,eAAe,EACf,SAAS,EACT,SAAS,EACT,kBAAkB,GAInB,MAAM,MAAM,CAAC;AAsDd,+CAA+C;AAC/C,iBAAiB;AACjB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAY;IACnD,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC;IACjE,OAAO;QACL,GAAG,EAAE,GAAG,IAAI,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;QACzE,UAAU;QACV,SAAS;QACT,GAAG,EAAE,OAAO;QACZ,MAAM,EAAE,QAAQ;QAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;KACtB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAe;IACpD,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACpD,OAAO;QACL,GAAG,EAAE,GAAG,CAAC,GAAG;QACZ,GAAG,EAAE,GAAG,CAAC,GAAG;QACZ,aAAa;QACb,YAAY;QACZ,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,SAAS,EAAE,GAAG,CAAC,SAAS;KACzB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAyB;IAC9D,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,QAAQ,CAAC,GAAG,CAAc,CAAC;IACtF,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,GAAG,CAAc,CAAC;IACpF,OAAO;QACL,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,UAAU;QACV,SAAS;QACT,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,SAAS,EAAE,QAAQ,CAAC,SAAS;KAC9B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,IAAkB;IAChD,MAAM,IAAI,GAAU,EAAE,CAAC;IACvB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS;YAAE,SAAS;QACvC,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;QAClB,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;QAClB,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC;QAChB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAED,+CAA+C;AAC/C,kBAAkB;AAClB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAA8E,EAC9E,UAAqB,EACrB,GAAW,EACX,MAAe,EACf,SAAkB;IAElB,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,OAAgC,CAAC;SACxD,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;SACzC,WAAW,EAAE,CAAC;IAEjB,IAAI,MAAM;QAAE,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAChD,IAAI,OAAO,CAAC,GAAG;QAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC3D,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;IACjD,CAAC;SAAM,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QACvB,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAClC,CAAC;AAED,+CAA+C;AAC/C,eAAe;AACf,+CAA+C;AAE/C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAAa,EACb,SAAoB;IAEpB,IAAI,CAAC;QACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QACtD,OAAO,OAAqC,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,oCAAoC;AACpC,MAAM,SAAS,GAAG,IAAI,GAAG,EAAiD,CAAC;AAE3E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,KAAa,EACb,SAAiB;IAEjB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,wBAAwB,CAAC;QACxE,IAAI,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;YAC5C,SAAS,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACjD,OAAO,OAAqC,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,+CAA+C;AAC/C,gCAAgC;AAChC,+CAA+C;AAE/C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;AAElC,SAAS,eAAe,CAAC,IAAgB;IACvC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IAC/C,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC5B,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AACzD,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,IAAY,EAAE,MAAc;IAClD,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAC7B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,CAAC,MAAM,CAAC,CACnD,CAAC;IACF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IACxE,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,IAAY,EAAE,SAAqB,EAAE,MAAc;IAC3E,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAC7B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,CAAC,CACrD,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,CAAC,MAAqB,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAClG,CAAC;AAKD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,OAAwB,EACxB,MAAc;IAEd,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;IAC5C,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC1E,MAAM,UAAU,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,YAAY,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;IAClD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IACvD,OAAO,GAAG,YAAY,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC;AACzD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,KAAa,EACb,MAAc;IAEd,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;IACpD,MAAM,YAAY,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;IAClD,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;QAChE,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CACxB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CACnC,CAAC;QACrB,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI;YAAE,OAAO,IAAI,CAAC;QAChE,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
package/dist/registry.d.ts
CHANGED
|
@@ -10,6 +10,8 @@ import type { AgentDefinition, CallAgentRequest, CallAgentResponse, Visibility }
|
|
|
10
10
|
export interface AgentRegistryOptions {
|
|
11
11
|
/** Default visibility for agents without explicit visibility */
|
|
12
12
|
defaultVisibility?: Visibility;
|
|
13
|
+
/** Factory to enrich ToolContext with application-specific data */
|
|
14
|
+
contextFactory?: ContextFactory;
|
|
13
15
|
}
|
|
14
16
|
/**
|
|
15
17
|
* Agent registry interface.
|
|
@@ -44,5 +46,10 @@ export interface AgentRegistry {
|
|
|
44
46
|
* });
|
|
45
47
|
* ```
|
|
46
48
|
*/
|
|
49
|
+
/**
|
|
50
|
+
* Factory function that enriches the base ToolContext with application-specific data.
|
|
51
|
+
* Called before every tool execution.
|
|
52
|
+
*/
|
|
53
|
+
export type ContextFactory = (baseCtx: import("./types.js").ToolContext) => import("./types.js").ToolContext;
|
|
47
54
|
export declare function createAgentRegistry(options?: AgentRegistryOptions): AgentRegistry;
|
|
48
55
|
//# sourceMappingURL=registry.d.ts.map
|
package/dist/registry.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAEV,eAAe,EAMf,gBAAgB,EAChB,iBAAiB,EAIjB,UAAU,EACX,MAAM,YAAY,CAAC;AAapB;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,gEAAgE;IAChE,iBAAiB,CAAC,EAAE,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAEV,eAAe,EAMf,gBAAgB,EAChB,iBAAiB,EAIjB,UAAU,EACX,MAAM,YAAY,CAAC;AAapB;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,gEAAgE;IAChE,iBAAiB,CAAC,EAAE,UAAU,CAAC;IAC/B,mEAAmE;IACnE,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,wBAAwB;IACxB,QAAQ,CAAC,KAAK,EAAE,eAAe,GAAG,IAAI,CAAC;IAEvC,2BAA2B;IAC3B,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAAC;IAE/C,+BAA+B;IAC/B,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAE3B,iCAAiC;IACjC,IAAI,IAAI,eAAe,EAAE,CAAC;IAE1B,sCAAsC;IACtC,SAAS,IAAI,MAAM,EAAE,CAAC;IAEtB,qCAAqC;IACrC,IAAI,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;CAC7D;AAMD;;;;;;;;;;;;;;;GAeG;AACH;;;GAGG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,OAAO,YAAY,EAAE,WAAW,KAAK,OAAO,YAAY,EAAE,WAAW,CAAC;AAE7G,wBAAgB,mBAAmB,CACjC,OAAO,GAAE,oBAAyB,GACjC,aAAa,CAyUf"}
|
package/dist/registry.js
CHANGED
|
@@ -9,25 +9,6 @@ const DEFAULT_SUPPORTED_ACTIONS = [
|
|
|
9
9
|
"describe_tools",
|
|
10
10
|
"load",
|
|
11
11
|
];
|
|
12
|
-
// ============================================
|
|
13
|
-
// Create Registry
|
|
14
|
-
// ============================================
|
|
15
|
-
/**
|
|
16
|
-
* Create an agent registry.
|
|
17
|
-
*
|
|
18
|
-
* @example
|
|
19
|
-
* ```typescript
|
|
20
|
-
* const registry = createAgentRegistry();
|
|
21
|
-
* registry.register(myAgent);
|
|
22
|
-
*
|
|
23
|
-
* const result = await registry.call({
|
|
24
|
-
* action: 'execute_tool',
|
|
25
|
-
* path: '@my-agent',
|
|
26
|
-
* tool: 'greet',
|
|
27
|
-
* params: { name: 'World' }
|
|
28
|
-
* });
|
|
29
|
-
* ```
|
|
30
|
-
*/
|
|
31
12
|
export function createAgentRegistry(options = {}) {
|
|
32
13
|
const { defaultVisibility = "internal" } = options;
|
|
33
14
|
const agents = new Map();
|
|
@@ -87,6 +68,8 @@ export function createAgentRegistry(options = {}) {
|
|
|
87
68
|
return true;
|
|
88
69
|
case "internal":
|
|
89
70
|
return (callerType === "agent" || (callerType != null && callerId != null));
|
|
71
|
+
case "authenticated":
|
|
72
|
+
return callerId != null && callerId !== "anonymous";
|
|
90
73
|
case "private":
|
|
91
74
|
return callerId === agent.path;
|
|
92
75
|
default:
|
|
@@ -173,17 +156,21 @@ export function createAgentRegistry(options = {}) {
|
|
|
173
156
|
if (!checkToolAccess(agent, request.tool, request.callerId, request.callerType)) {
|
|
174
157
|
return {
|
|
175
158
|
success: false,
|
|
176
|
-
error: `Access denied to tool: ${request.tool}`,
|
|
159
|
+
error: `Access denied to tool: ${request.tool} (visibility=${tool.visibility}, callerId=${request.callerId}, callerType=${request.callerType})`,
|
|
177
160
|
code: "ACCESS_DENIED",
|
|
178
161
|
};
|
|
179
162
|
}
|
|
180
|
-
|
|
163
|
+
let ctx = {
|
|
181
164
|
tenantId: "default",
|
|
182
165
|
agentPath: agent.path,
|
|
183
166
|
callerId: request.callerId ?? "unknown",
|
|
184
167
|
callerType: request.callerType ?? "system",
|
|
185
168
|
metadata: request.metadata,
|
|
186
169
|
};
|
|
170
|
+
// Apply contextFactory if provided
|
|
171
|
+
if (options.contextFactory) {
|
|
172
|
+
ctx = options.contextFactory(ctx);
|
|
173
|
+
}
|
|
187
174
|
try {
|
|
188
175
|
if (!tool.execute) {
|
|
189
176
|
return {
|
package/dist/registry.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAkBH,iDAAiD;AACjD,MAAM,yBAAyB,GAAkB;IAC/C,cAAc;IACd,gBAAgB;IAChB,MAAM;CACP,CAAC;
|
|
1
|
+
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAkBH,iDAAiD;AACjD,MAAM,yBAAyB,GAAkB;IAC/C,cAAc;IACd,gBAAgB;IAChB,MAAM;CACP,CAAC;AAiEF,MAAM,UAAU,mBAAmB,CACjC,UAAgC,EAAE;IAElC,MAAM,EAAE,iBAAiB,GAAG,UAAU,EAAE,GAAG,OAAO,CAAC;IACnD,MAAM,MAAM,GAAG,IAAI,GAAG,EAA2B,CAAC;IAElD;;OAEG;IACH,SAAS,oBAAoB,CAC3B,KAAsB,EACtB,MAAmB;QAEnB,MAAM,SAAS,GACb,KAAK,CAAC,MAAM,EAAE,gBAAgB,IAAI,yBAAyB,CAAC;QAC9D,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,SAAS,gBAAgB,CACvB,KAAsB,EACtB,QAAiB,EACjB,UAAmB;QAEnB,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,iBAAiB,CAAC;QAEzD,uCAAuC;QACvC,IAAI,UAAU,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEzC,iCAAiC;QACjC,IAAI,KAAK,CAAC,cAAc,IAAI,QAAQ,EAAE,CAAC;YACrC,IAAI,KAAK,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC3D,CAAC;QAED,mBAAmB;QACnB,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC;YACd,KAAK,UAAU;gBACb,qEAAqE;gBACrE,OAAO,CACL,UAAU,KAAK,OAAO,IAAI,CAAC,UAAU,IAAI,IAAI,IAAI,QAAQ,IAAI,IAAI,CAAC,CACnE,CAAC;YACJ,KAAK,SAAS;gBACZ,uBAAuB;gBACvB,OAAO,QAAQ,KAAK,KAAK,CAAC,IAAI,CAAC;YACjC;gBACE,OAAO,KAAK,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,SAAS,eAAe,CACtB,KAAsB,EACtB,QAAgB,EAChB,QAAiB,EACjB,UAAmB;QAEnB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,QAAQ,CAAC;QAE/C,uCAAuC;QACvC,IAAI,UAAU,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEzC,iCAAiC;QACjC,IAAI,IAAI,CAAC,cAAc,IAAI,QAAQ,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC1D,CAAC;QAED,mBAAmB;QACnB,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC;YACd,KAAK,UAAU;gBACb,OAAO,CACL,UAAU,KAAK,OAAO,IAAI,CAAC,UAAU,IAAI,IAAI,IAAI,QAAQ,IAAI,IAAI,CAAC,CACnE,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO,QAAQ,IAAI,IAAI,IAAI,QAAQ,KAAK,WAAW,CAAC;YACtD,KAAK,SAAS;gBACZ,OAAO,QAAQ,KAAK,KAAK,CAAC,IAAI,CAAC;YACjC;gBACE,OAAO,KAAK,CAAC;QACjB,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAkB;QAC9B,QAAQ,CAAC,KAAsB;YAC7B,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAChC,CAAC;QAED,GAAG,CAAC,IAAY;YACd,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;QAED,GAAG,CAAC,IAAY;YACd,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;QAED,IAAI;YACF,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACrC,CAAC;QAED,SAAS;YACP,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,OAAyB;YAClC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAEvC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,oBAAoB,OAAO,CAAC,IAAI,EAAE;oBACzC,IAAI,EAAE,iBAAiB;iBACE,CAAC;YAC9B,CAAC;YAED,qBAAqB;YACrB,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnE,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,2BAA2B,OAAO,CAAC,IAAI,EAAE;oBAChD,IAAI,EAAE,eAAe;iBACI,CAAC;YAC9B,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjD,MAAM,SAAS,GACb,KAAK,CAAC,MAAM,EAAE,gBAAgB,IAAI,yBAAyB,CAAC;gBAC9D,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,WAAW,OAAO,CAAC,MAAM,wCAAwC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAC9F,IAAI,EAAE,sBAAsB;iBACH,CAAC;YAC9B,CAAC;YAED,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,QAAQ,CAAC;gBACd,KAAK,KAAK,CAAC,CAAC,CAAC;oBACX,2BAA2B;oBAC3B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;oBAElC,gCAAgC;oBAChC,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;wBACtB,MAAM,OAAO,CAAC,QAAQ,CAAC;4BACrB,QAAQ,EAAE,SAAS;4BACnB,SAAS,EAAE,OAAO,CAAC,IAAI;4BACvB,MAAM,EAAE,OAAO,CAAC,MAAM;4BACtB,SAAS,EAAE,OAAO,CAAC,SAAS;4BAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,SAAS;4BACvC,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,QAAQ;4BAC1C,QAAQ,EAAE,OAAO,CAAC,QAAQ;yBAC3B,CAAC,CAAC;oBACL,CAAC;oBAED,sEAAsE;oBACtE,0EAA0E;oBAC1E,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,WAAW,OAAO,CAAC,MAAM,oEAAoE;wBACpG,IAAI,EAAE,kBAAkB;qBACC,CAAC;gBAC9B,CAAC;gBAED,KAAK,cAAc,CAAC,CAAC,CAAC;oBACpB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAC3B,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAC/C,CAAC;oBAEF,IAAI,CAAC,IAAI,EAAE,CAAC;wBACV,OAAO;4BACL,OAAO,EAAE,KAAK;4BACd,KAAK,EAAE,mBAAmB,OAAO,CAAC,IAAI,EAAE;4BACxC,IAAI,EAAE,gBAAgB;yBACG,CAAC;oBAC9B,CAAC;oBAED,oBAAoB;oBACpB,IACE,CAAC,eAAe,CACd,KAAK,EACL,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,UAAU,CACnB,EACD,CAAC;wBACD,OAAO;4BACL,OAAO,EAAE,KAAK;4BACd,KAAK,EAAE,0BAA0B,OAAO,CAAC,IAAI,gBAAgB,IAAI,CAAC,UAAU,cAAc,OAAO,CAAC,QAAQ,gBAAgB,OAAO,CAAC,UAAU,GAAG;4BAC/I,IAAI,EAAE,eAAe;yBACI,CAAC;oBAC9B,CAAC;oBAED,IAAI,GAAG,GAAgB;wBACrB,QAAQ,EAAE,SAAS;wBACnB,SAAS,EAAE,KAAK,CAAC,IAAI;wBACrB,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,SAAS;wBACvC,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,QAAQ;wBAC1C,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC;oBAEF,mCAAmC;oBACnC,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;wBAC3B,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;oBACpC,CAAC;oBAED,IAAI,CAAC;wBACH,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;4BAClB,OAAO;gCACL,OAAO,EAAE,KAAK;gCACd,KAAK,EAAE,QAAQ,OAAO,CAAC,IAAI,0BAA0B;6BAC5B,CAAC;wBAC9B,CAAC;wBACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;wBACvD,OAAO;4BACL,OAAO,EAAE,IAAI;4BACb,MAAM;yBACyB,CAAC;oBACpC,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,OAAO;4BACL,OAAO,EAAE,KAAK;4BACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;4BACvD,IAAI,EAAE,sBAAsB;yBACH,CAAC;oBAC9B,CAAC;gBACH,CAAC;gBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;oBACtB,MAAM,WAAW,GAAiB,KAAK,CAAC,KAAK;yBAC1C,MAAM,CAAC,CAAC,CAAiB,EAAE,EAAE,CAC5B,eAAe,CACb,KAAK,EACL,CAAC,CAAC,IAAI,EACN,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,UAAU,CACnB,CACF;yBACA,MAAM,CAAC,CAAC,CAAiB,EAAE,EAAE,CAC5B,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CACtD;yBACA,GAAG,CAAC,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC;wBAC3B,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,WAAW,EAAE,CAAC,CAAC,WAAW;wBAC1B,WAAW,EAAE,CAAC,CAAC,WAAW;wBAC1B,GAAG,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,CAAC;qBACxD,CAAC,CAAC,CAAC;oBAEN,OAAO;wBACL,OAAO,EAAE,IAAI;wBACb,KAAK,EAAE,WAAW;qBACe,CAAC;gBACtC,CAAC;gBAED,KAAK,MAAM,CAAC,CAAC,CAAC;oBACZ,MAAM,WAAW,GAAiB,KAAK,CAAC,KAAK;yBAC1C,MAAM,CAAC,CAAC,CAAiB,EAAE,EAAE,CAC5B,eAAe,CACb,KAAK,EACL,CAAC,CAAC,IAAI,EACN,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,UAAU,CACnB,CACF;yBACA,GAAG,CAAC,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC;wBAC3B,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,WAAW,EAAE,CAAC,CAAC,WAAW;wBAC1B,WAAW,EAAE,CAAC,CAAC,WAAW;wBAC1B,GAAG,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,CAAC;qBACxD,CAAC,CAAC,CAAC;oBAEN,OAAO;wBACL,OAAO,EAAE,IAAI;wBACb,MAAM,EAAE;4BACN,IAAI,EAAE,KAAK,CAAC,IAAI;4BAChB,UAAU,EAAE,KAAK,CAAC,UAAU;4BAC5B,MAAM,EAAE,KAAK,CAAC,MAAM;4BACpB,KAAK,EAAE,WAAW;yBACnB;qBACuB,CAAC;gBAC7B,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,2BAA2B;oBAC3B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;oBAElC,+BAA+B;oBAC/B,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;wBACrB,MAAM,OAAO,CAAC,OAAO,CAAC;4BACpB,QAAQ,EAAE,SAAS;4BACnB,SAAS,EAAE,OAAO,CAAC,IAAI;4BACvB,OAAO,EAAE,OAAO,CAAC,OAAO;4BACxB,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,SAAS;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,SAAS;yBACxC,CAAC,CAAC;wBAEH,OAAO;4BACL,OAAO,EAAE,IAAI;4BACb,MAAM,EAAE,QAAQ;yBACS,CAAC;oBAC9B,CAAC;oBAED,yCAAyC;oBACzC,OAAO;wBACL,OAAO,EAAE,IAAI;wBACb,MAAM,EAAE,SAAS;qBACQ,CAAC;gBAC9B,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,kCAAkC;oBAClC,MAAM,WAAW,GAAU,OAAO,CAAC;oBACnC,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,mBAAoB,WAAgC,CAAC,MAAM,EAAE;wBACpE,IAAI,EAAE,gBAAgB;qBACG,CAAC;gBAC9B,CAAC;YACH,CAAC;QACH,CAAC;KACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secret Collection
|
|
3
|
+
*
|
|
4
|
+
* Manages pending secret collection forms (one-time tokens).
|
|
5
|
+
* Used by @integrations collect_secrets and the server's /secrets/collect endpoint.
|
|
6
|
+
*
|
|
7
|
+
* Exported for use in custom server implementations.
|
|
8
|
+
*/
|
|
9
|
+
export interface PendingCollectionField {
|
|
10
|
+
name: string;
|
|
11
|
+
description?: string;
|
|
12
|
+
required: boolean;
|
|
13
|
+
secret: boolean;
|
|
14
|
+
}
|
|
15
|
+
export interface PendingCollection {
|
|
16
|
+
agent: string;
|
|
17
|
+
tool: string;
|
|
18
|
+
params: Record<string, unknown>;
|
|
19
|
+
fields: PendingCollectionField[];
|
|
20
|
+
auth?: {
|
|
21
|
+
callerId: string;
|
|
22
|
+
callerType: string;
|
|
23
|
+
scopes?: string[];
|
|
24
|
+
isRoot?: boolean;
|
|
25
|
+
};
|
|
26
|
+
createdAt: number;
|
|
27
|
+
}
|
|
28
|
+
/** Pending secret collection forms, keyed by one-time token */
|
|
29
|
+
export declare const pendingCollections: Map<string, PendingCollection>;
|
|
30
|
+
/** Generate a random one-time token for secret collection */
|
|
31
|
+
export declare function generateCollectionToken(): string;
|
|
32
|
+
/**
|
|
33
|
+
* Clean up expired pending collections.
|
|
34
|
+
* Call this periodically or before lookups.
|
|
35
|
+
*/
|
|
36
|
+
export declare function cleanupExpiredCollections(): void;
|
|
37
|
+
//# sourceMappingURL=secret-collection.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secret-collection.d.ts","sourceRoot":"","sources":["../src/secret-collection.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,MAAM,EAAE,sBAAsB,EAAE,CAAC;IACjC,IAAI,CAAC,EAAE;QACL,QAAQ,EAAE,MAAM,CAAC;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AASD,+DAA+D;AAC/D,eAAO,MAAM,kBAAkB,gCAAuC,CAAC;AAEvE,6DAA6D;AAC7D,wBAAgB,uBAAuB,IAAI,MAAM,CAOhD;AAED;;;GAGG;AACH,wBAAgB,yBAAyB,IAAI,IAAI,CAOhD"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secret Collection
|
|
3
|
+
*
|
|
4
|
+
* Manages pending secret collection forms (one-time tokens).
|
|
5
|
+
* Used by @integrations collect_secrets and the server's /secrets/collect endpoint.
|
|
6
|
+
*
|
|
7
|
+
* Exported for use in custom server implementations.
|
|
8
|
+
*/
|
|
9
|
+
// ============================================
|
|
10
|
+
// Storage (with TTL cleanup)
|
|
11
|
+
// ============================================
|
|
12
|
+
/** Default TTL for pending collections: 15 minutes */
|
|
13
|
+
const COLLECTION_TTL_MS = 15 * 60 * 1000;
|
|
14
|
+
/** Pending secret collection forms, keyed by one-time token */
|
|
15
|
+
export const pendingCollections = new Map();
|
|
16
|
+
/** Generate a random one-time token for secret collection */
|
|
17
|
+
export function generateCollectionToken() {
|
|
18
|
+
const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
|
|
19
|
+
let token = "";
|
|
20
|
+
for (let i = 0; i < 48; i++) {
|
|
21
|
+
token += chars[Math.floor(Math.random() * chars.length)];
|
|
22
|
+
}
|
|
23
|
+
return token;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* Clean up expired pending collections.
|
|
27
|
+
* Call this periodically or before lookups.
|
|
28
|
+
*/
|
|
29
|
+
export function cleanupExpiredCollections() {
|
|
30
|
+
const now = Date.now();
|
|
31
|
+
for (const [token, pending] of pendingCollections) {
|
|
32
|
+
if (now - pending.createdAt > COLLECTION_TTL_MS) {
|
|
33
|
+
pendingCollections.delete(token);
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
//# sourceMappingURL=secret-collection.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secret-collection.js","sourceRoot":"","sources":["../src/secret-collection.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA2BH,+CAA+C;AAC/C,6BAA6B;AAC7B,+CAA+C;AAE/C,sDAAsD;AACtD,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAEzC,+DAA+D;AAC/D,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAA6B,CAAC;AAEvE,6DAA6D;AAC7D,MAAM,UAAU,uBAAuB;IACrC,MAAM,KAAK,GAAG,gEAAgE,CAAC;IAC/E,IAAI,KAAK,GAAG,EAAE,CAAC;IACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,yBAAyB;IACvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,kBAAkB,EAAE,CAAC;QAClD,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,GAAG,iBAAiB,EAAE,CAAC;YAChD,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;AACH,CAAC"}
|
package/dist/server.d.ts
CHANGED
|
@@ -1,33 +1,34 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Agent Server (MCP over HTTP)
|
|
3
3
|
*
|
|
4
|
-
* JSON-RPC server implementing the MCP protocol for agent interaction.
|
|
5
|
-
*
|
|
4
|
+
* Minimal JSON-RPC server implementing the MCP protocol for agent interaction.
|
|
5
|
+
* Handles only core SDK concerns:
|
|
6
|
+
* - MCP protocol (initialize, tools/list, tools/call)
|
|
7
|
+
* - Agent registry routing (call_agent, list_agents)
|
|
8
|
+
* - Auth resolution (Bearer tokens, root key, JWT)
|
|
9
|
+
* - OAuth2 token exchange (client_credentials)
|
|
10
|
+
* - Health check
|
|
11
|
+
* - CORS
|
|
6
12
|
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
* - tools/list → List available MCP tools (call_agent, list_agents)
|
|
10
|
-
* - tools/call → Execute an MCP tool
|
|
13
|
+
* Application-specific routes (web UI, OAuth callbacks, tenant management)
|
|
14
|
+
* should be built on top using the exported `fetch` handler.
|
|
11
15
|
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
14
|
-
*
|
|
16
|
+
* @example
|
|
17
|
+
* ```typescript
|
|
18
|
+
* // Standalone usage
|
|
19
|
+
* const server = createAgentServer(registry, { port: 3000 });
|
|
20
|
+
* await server.start();
|
|
15
21
|
*
|
|
16
|
-
*
|
|
17
|
-
*
|
|
18
|
-
*
|
|
19
|
-
*
|
|
20
|
-
* - GET /health → Health check
|
|
21
|
-
*
|
|
22
|
-
* Auth Integration:
|
|
23
|
-
* When an `@auth` agent is registered, the server automatically:
|
|
24
|
-
* - Validates Bearer tokens on requests
|
|
25
|
-
* - Resolves tokens to identity + scopes
|
|
26
|
-
* - Populates caller context from headers (X-Atlas-Actor-Id, etc.)
|
|
27
|
-
* - Recognizes the root key for admin access
|
|
22
|
+
* // Composable with any HTTP framework
|
|
23
|
+
* const server = createAgentServer(registry);
|
|
24
|
+
* app.all('/mcp/*', (req) => server.fetch(req));
|
|
25
|
+
* ```
|
|
28
26
|
*/
|
|
27
|
+
import type { AuthStore } from "./agent-definitions/auth.js";
|
|
29
28
|
import { type SecretStore } from "./agent-definitions/secrets.js";
|
|
29
|
+
import type { SigningKey } from "./jwt.js";
|
|
30
30
|
import type { AgentRegistry } from "./registry.js";
|
|
31
|
+
import type { AgentDefinition } from "./types.js";
|
|
31
32
|
export interface AgentServerOptions {
|
|
32
33
|
/** Port to listen on (default: 3000) */
|
|
33
34
|
port?: number;
|
|
@@ -43,43 +44,39 @@ export interface AgentServerOptions {
|
|
|
43
44
|
serverVersion?: string;
|
|
44
45
|
/** Secret store for handling secret: refs in tool params */
|
|
45
46
|
secretStore?: SecretStore;
|
|
47
|
+
/** URLs of trusted registries for cross-registry JWT verification */
|
|
48
|
+
trustedIssuers?: string[];
|
|
49
|
+
/** Pre-generated signing key (if not provided, one is generated on start) */
|
|
50
|
+
signingKey?: SigningKey;
|
|
46
51
|
}
|
|
47
52
|
export interface AgentServer {
|
|
48
53
|
/** Start the server */
|
|
49
54
|
start(): Promise<void>;
|
|
50
55
|
/** Stop the server */
|
|
51
56
|
stop(): Promise<void>;
|
|
52
|
-
/** Handle a request (for custom integrations) */
|
|
57
|
+
/** Handle a request (for custom integrations / framework composition) */
|
|
53
58
|
fetch(req: Request): Promise<Response>;
|
|
54
59
|
/** Get the server URL (only available after start) */
|
|
55
60
|
url: string | null;
|
|
61
|
+
/** The agent registry this server uses */
|
|
62
|
+
registry: AgentRegistry;
|
|
63
|
+
}
|
|
64
|
+
export interface AuthConfig {
|
|
65
|
+
store: AuthStore;
|
|
66
|
+
rootKey: string;
|
|
67
|
+
tokenTtl: number;
|
|
56
68
|
}
|
|
57
|
-
interface ResolvedAuth {
|
|
69
|
+
export interface ResolvedAuth {
|
|
58
70
|
callerId: string;
|
|
59
71
|
callerType: "agent" | "user" | "system";
|
|
60
72
|
scopes: string[];
|
|
61
73
|
isRoot: boolean;
|
|
62
74
|
}
|
|
63
|
-
export
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
/** Auth context from original request */
|
|
70
|
-
auth: ResolvedAuth | null;
|
|
71
|
-
/** Fields the form needs to collect */
|
|
72
|
-
fields: Array<{
|
|
73
|
-
name: string;
|
|
74
|
-
description?: string;
|
|
75
|
-
secret: boolean;
|
|
76
|
-
required: boolean;
|
|
77
|
-
}>;
|
|
78
|
-
/** Created timestamp for expiry */
|
|
79
|
-
createdAt: number;
|
|
80
|
-
}
|
|
81
|
-
export declare const pendingCollections: Map<string, PendingCollection>;
|
|
82
|
-
export declare function generateCollectionToken(): string;
|
|
75
|
+
export declare function detectAuth(registry: AgentRegistry): AuthConfig | null;
|
|
76
|
+
export declare function resolveAuth(req: Request, authConfig: AuthConfig, jwksOptions?: {
|
|
77
|
+
signingKeys?: SigningKey[];
|
|
78
|
+
trustedIssuers?: string[];
|
|
79
|
+
}): Promise<ResolvedAuth | null>;
|
|
80
|
+
export declare function canSeeAgent(agent: AgentDefinition, auth: ResolvedAuth | null): boolean;
|
|
83
81
|
export declare function createAgentServer(registry: AgentRegistry, options?: AgentServerOptions): AgentServer;
|
|
84
|
-
export {};
|
|
85
82
|
//# sourceMappingURL=server.d.ts.map
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EACL,KAAK,WAAW,EAEjB,MAAM,gCAAgC,CAAC;AAExC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAE3C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,eAAe,EAAgC,MAAM,YAAY,CAAC;AAMhF,MAAM,WAAW,kBAAkB;IACjC,wCAAwC;IACxC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,iDAAiD;IACjD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,qEAAqE;IACrE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mEAAmE;IACnE,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,4DAA4D;IAC5D,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,qEAAqE;IACrE,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,6EAA6E;IAC7E,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,WAAW;IAC1B,uBAAuB;IACvB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,sBAAsB;IACtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACtB,yEAAyE;IACzE,KAAK,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,sDAAsD;IACtD,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,0CAA0C;IAC1C,QAAQ,EAAE,aAAa,CAAC;CACzB;AAwBD,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,SAAS,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,OAAO,GAAG,MAAM,GAAG,QAAQ,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;CACjB;AAqED,wBAAgB,UAAU,CAAC,QAAQ,EAAE,aAAa,GAAG,UAAU,GAAG,IAAI,CAgBrE;AAED,wBAAsB,WAAW,CAC/B,GAAG,EAAE,OAAO,EACZ,UAAU,EAAE,UAAU,EACtB,WAAW,CAAC,EAAE;IAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GACtE,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAkG9B;AAED,wBAAgB,WAAW,CACzB,KAAK,EAAE,eAAe,EACtB,IAAI,EAAE,YAAY,GAAG,IAAI,GACxB,OAAO,CAQT;AA4DD,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,aAAa,EACvB,OAAO,GAAE,kBAAuB,GAC/B,WAAW,CA+Zb"}
|