@sonoma-security/mcp-gateway 0.1.11 → 0.1.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/plugin-discovery.test.d.ts +12 -0
- package/dist/__tests__/plugin-discovery.test.d.ts.map +1 -0
- package/dist/__tests__/plugin-discovery.test.js +367 -0
- package/dist/__tests__/plugin-discovery.test.js.map +1 -0
- package/dist/__tests__/tool-blocking.test.d.ts +2 -0
- package/dist/__tests__/tool-blocking.test.d.ts.map +1 -0
- package/dist/__tests__/tool-blocking.test.js +256 -0
- package/dist/__tests__/tool-blocking.test.js.map +1 -0
- package/dist/auth/client.d.ts.map +1 -1
- package/dist/auth/client.js +49 -6
- package/dist/auth/client.js.map +1 -1
- package/dist/auth/keychain.d.ts +34 -0
- package/dist/auth/keychain.d.ts.map +1 -0
- package/dist/auth/keychain.js +305 -0
- package/dist/auth/keychain.js.map +1 -0
- package/dist/auth/server.d.ts +15 -3
- package/dist/auth/server.d.ts.map +1 -1
- package/dist/auth/server.js +110 -23
- package/dist/auth/server.js.map +1 -1
- package/dist/auth/storage.d.ts +5 -6
- package/dist/auth/storage.d.ts.map +1 -1
- package/dist/auth/storage.js +72 -21
- package/dist/auth/storage.js.map +1 -1
- package/dist/auth/upstream-oauth.d.ts +2 -0
- package/dist/auth/upstream-oauth.d.ts.map +1 -1
- package/dist/auth/upstream-oauth.js +58 -8
- package/dist/auth/upstream-oauth.js.map +1 -1
- package/dist/auth/upstream-token-store.d.ts +18 -6
- package/dist/auth/upstream-token-store.d.ts.map +1 -1
- package/dist/auth/upstream-token-store.js +127 -35
- package/dist/auth/upstream-token-store.js.map +1 -1
- package/dist/cli.js +16 -0
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +17 -7
- package/dist/config.js.map +1 -1
- package/dist/gateway.d.ts +17 -0
- package/dist/gateway.d.ts.map +1 -1
- package/dist/gateway.js +302 -66
- package/dist/gateway.js.map +1 -1
- package/dist/http-proxy.d.ts +76 -0
- package/dist/http-proxy.d.ts.map +1 -0
- package/dist/http-proxy.js +316 -0
- package/dist/http-proxy.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/pattern-matcher.d.ts +25 -0
- package/dist/pattern-matcher.d.ts.map +1 -1
- package/dist/pattern-matcher.js +65 -0
- package/dist/pattern-matcher.js.map +1 -1
- package/dist/prompt-guard.d.ts +24 -0
- package/dist/prompt-guard.d.ts.map +1 -0
- package/dist/prompt-guard.js +161 -0
- package/dist/prompt-guard.js.map +1 -0
- package/dist/sonoma-client.d.ts +28 -1
- package/dist/sonoma-client.d.ts.map +1 -1
- package/dist/sonoma-client.js +67 -43
- package/dist/sonoma-client.js.map +1 -1
- package/dist/types.d.ts +6 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Prompt Guard Evaluator (standalone, no server-side imports)
|
|
3
|
+
*
|
|
4
|
+
* Evaluates prompt guards against tool call content using in-memory
|
|
5
|
+
* regex matching. Used by the remote gateway to enforce guards synced
|
|
6
|
+
* from the policy endpoint.
|
|
7
|
+
*/
|
|
8
|
+
// ─── Pattern Definitions ────────────────────────────────────────────────────
|
|
9
|
+
const PII_PATTERNS = {
|
|
10
|
+
ssn: /\b\d{3}-\d{2}-\d{4}\b/,
|
|
11
|
+
"credit-card": /\b(?:\d[ -]*?){13,19}\b/,
|
|
12
|
+
phone: /\b(?:\+?1[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/,
|
|
13
|
+
email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/,
|
|
14
|
+
address: /\b\d{1,5}\s+\w+\s+(?:Street|St|Avenue|Ave|Road|Rd|Boulevard|Blvd|Drive|Dr|Lane|Ln|Court|Ct)\b/i,
|
|
15
|
+
};
|
|
16
|
+
const SECRET_PATTERNS = {
|
|
17
|
+
"api-key": /\b(?:api[_-]?key|apikey)\s*[:=]\s*['"]?[A-Za-z0-9_-]{20,}['"]?/i,
|
|
18
|
+
"bearer-token": /\bBearer\s+[A-Za-z0-9_\-.~+/]+=*\b/,
|
|
19
|
+
password: /\b(?:password|passwd|pwd)\s*[:=]\s*['"]?[^\s'"]{8,}['"]?/i,
|
|
20
|
+
"private-key": /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/,
|
|
21
|
+
"connection-string": /(?:mongodb|postgresql|mysql|redis|amqp):\/\/[^\s]+/i,
|
|
22
|
+
"aws-key": /\bAKIA[0-9A-Z]{16}\b/,
|
|
23
|
+
"github-token": /\bgh[ps]_[A-Za-z0-9_]{36,}\b/,
|
|
24
|
+
"slack-token": /\bxox[bpras]-[A-Za-z0-9-]+\b/,
|
|
25
|
+
};
|
|
26
|
+
const PROMPT_INJECTION_PATTERNS = [
|
|
27
|
+
/ignore\s+(?:all\s+)?(?:previous|above|prior)\s+instructions/i,
|
|
28
|
+
/disregard\s+(?:all\s+)?(?:previous|above|prior)\s+(?:instructions|rules|guidelines)/i,
|
|
29
|
+
/you\s+are\s+now\s+(?:a|an|in)\s+(?:new|different)/i,
|
|
30
|
+
/forget\s+(?:all\s+)?(?:previous|your|everything)/i,
|
|
31
|
+
/override\s+(?:your|all|the)\s+(?:instructions|rules|programming)/i,
|
|
32
|
+
/system\s*prompt\s*[:=]/i,
|
|
33
|
+
/\[(?:SYSTEM|INST)\]/i,
|
|
34
|
+
/<<\s*(?:SYS|SYSTEM|INSTRUCTION)/i,
|
|
35
|
+
/jailbreak/i,
|
|
36
|
+
/do\s+anything\s+now/i,
|
|
37
|
+
/pretend\s+(?:you(?:'re| are)\s+)?(?:not\s+)?(?:an?\s+)?(?:AI|chatbot|assistant)/i,
|
|
38
|
+
];
|
|
39
|
+
// ─── Evaluation Logic ───────────────────────────────────────────────────────
|
|
40
|
+
function evaluateGuard(guard, content) {
|
|
41
|
+
switch (guard.guardType) {
|
|
42
|
+
case "pii-detection": {
|
|
43
|
+
const patterns = guard.config.patterns ?? Object.keys(PII_PATTERNS);
|
|
44
|
+
for (const key of patterns) {
|
|
45
|
+
const regex = PII_PATTERNS[key];
|
|
46
|
+
if (regex && regex.test(content)) {
|
|
47
|
+
return { triggered: true, detail: `PII pattern: ${key}` };
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
return { triggered: false };
|
|
51
|
+
}
|
|
52
|
+
case "secret-detection": {
|
|
53
|
+
const patterns = guard.config.patterns ?? Object.keys(SECRET_PATTERNS);
|
|
54
|
+
for (const key of patterns) {
|
|
55
|
+
const regex = SECRET_PATTERNS[key];
|
|
56
|
+
if (regex && regex.test(content)) {
|
|
57
|
+
return { triggered: true, detail: `Secret pattern: ${key}` };
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
return { triggered: false };
|
|
61
|
+
}
|
|
62
|
+
case "prompt-injection": {
|
|
63
|
+
for (const pattern of PROMPT_INJECTION_PATTERNS) {
|
|
64
|
+
if (pattern.test(content)) {
|
|
65
|
+
return { triggered: true, detail: "Prompt injection detected" };
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
return { triggered: false };
|
|
69
|
+
}
|
|
70
|
+
case "output-validation": {
|
|
71
|
+
const checkCode = guard.config.checkCodeExecution !== false;
|
|
72
|
+
const checkExfil = guard.config.checkDataExfiltration !== false;
|
|
73
|
+
if (checkCode) {
|
|
74
|
+
const codePatterns = [/eval\s*\(/i, /exec\s*\(/i, /child_process/i];
|
|
75
|
+
for (const p of codePatterns) {
|
|
76
|
+
if (p.test(content))
|
|
77
|
+
return { triggered: true, detail: "Code execution in output" };
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
if (checkExfil) {
|
|
81
|
+
const exfilPatterns = [/fetch\s*\(\s*['"]https?:\/\//i, /navigator\.sendBeacon/i];
|
|
82
|
+
for (const p of exfilPatterns) {
|
|
83
|
+
if (p.test(content))
|
|
84
|
+
return { triggered: true, detail: "Data exfiltration in output" };
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
return { triggered: false };
|
|
88
|
+
}
|
|
89
|
+
case "topic-restriction": {
|
|
90
|
+
const topics = guard.config.topics ?? [];
|
|
91
|
+
const lower = content.toLowerCase();
|
|
92
|
+
for (const topic of topics) {
|
|
93
|
+
const trimmed = topic.trim().toLowerCase();
|
|
94
|
+
if (trimmed && lower.includes(trimmed)) {
|
|
95
|
+
return { triggered: true, detail: `Restricted topic: "${topic.trim()}"` };
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
return { triggered: false };
|
|
99
|
+
}
|
|
100
|
+
case "custom": {
|
|
101
|
+
const patterns = guard.config.patterns ?? [];
|
|
102
|
+
for (const pattern of patterns) {
|
|
103
|
+
const trimmed = pattern.trim();
|
|
104
|
+
if (!trimmed)
|
|
105
|
+
continue;
|
|
106
|
+
// Reject patterns with nested quantifiers to prevent ReDoS
|
|
107
|
+
if (/\([^)]*[+*][^)]*\)[+*{]/.test(trimmed))
|
|
108
|
+
continue;
|
|
109
|
+
if (/\([^)]*\|[^)]*\)[+*{]/.test(trimmed))
|
|
110
|
+
continue;
|
|
111
|
+
if (trimmed.length > 500)
|
|
112
|
+
continue;
|
|
113
|
+
try {
|
|
114
|
+
// Admin-supplied regex patterns are validated above to reject nested
|
|
115
|
+
// quantifiers and overlapping alternation that cause catastrophic
|
|
116
|
+
// backtracking. Content is bounded to tool call arguments.
|
|
117
|
+
// nosemgrep: javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp
|
|
118
|
+
const regex = new RegExp(trimmed, "i");
|
|
119
|
+
if (regex.test(content)) {
|
|
120
|
+
return { triggered: true, detail: `Custom pattern: ${trimmed.slice(0, 50)}` };
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
catch {
|
|
124
|
+
// Invalid regex, skip
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
return { triggered: false };
|
|
128
|
+
}
|
|
129
|
+
default:
|
|
130
|
+
return { triggered: false };
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
/**
|
|
134
|
+
* Evaluate prompt guards against serialized tool call content.
|
|
135
|
+
* Filters to only guards that run on the remote gateway.
|
|
136
|
+
*/
|
|
137
|
+
export function evaluatePromptGuards(guards, content) {
|
|
138
|
+
const applicable = guards
|
|
139
|
+
.filter((g) => g.runOnRemoteGateway)
|
|
140
|
+
.sort((a, b) => a.priority - b.priority);
|
|
141
|
+
const results = [];
|
|
142
|
+
let blocked = false;
|
|
143
|
+
let blockReason = null;
|
|
144
|
+
for (const guard of applicable) {
|
|
145
|
+
const { triggered, detail } = evaluateGuard(guard, content);
|
|
146
|
+
if (triggered) {
|
|
147
|
+
results.push({
|
|
148
|
+
guardId: guard.id,
|
|
149
|
+
guardName: guard.name,
|
|
150
|
+
action: guard.action,
|
|
151
|
+
reason: `${guard.name}: ${detail ?? "Guard triggered"}`,
|
|
152
|
+
});
|
|
153
|
+
if (guard.action === "block" && !blocked) {
|
|
154
|
+
blocked = true;
|
|
155
|
+
blockReason = `Blocked by prompt guard: ${guard.name}`;
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
return { blocked, blockReason, results };
|
|
160
|
+
}
|
|
161
|
+
//# sourceMappingURL=prompt-guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"prompt-guard.js","sourceRoot":"","sources":["../src/prompt-guard.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAeH,+EAA+E;AAE/E,MAAM,YAAY,GAA2B;IAC3C,GAAG,EAAE,uBAAuB;IAC5B,aAAa,EAAE,yBAAyB;IACxC,KAAK,EAAE,yDAAyD;IAChE,KAAK,EAAE,oDAAoD;IAC3D,OAAO,EACL,gGAAgG;CACnG,CAAC;AAEF,MAAM,eAAe,GAA2B;IAC9C,SAAS,EACP,iEAAiE;IACnE,cAAc,EAAE,oCAAoC;IACpD,QAAQ,EACN,2DAA2D;IAC7D,aAAa,EAAE,+CAA+C;IAC9D,mBAAmB,EACjB,qDAAqD;IACvD,SAAS,EAAE,sBAAsB;IACjC,cAAc,EAAE,8BAA8B;IAC9C,aAAa,EAAE,8BAA8B;CAC9C,CAAC;AAEF,MAAM,yBAAyB,GAAa;IAC1C,8DAA8D;IAC9D,sFAAsF;IACtF,oDAAoD;IACpD,mDAAmD;IACnD,mEAAmE;IACnE,yBAAyB;IACzB,sBAAsB;IACtB,kCAAkC;IAClC,YAAY;IACZ,sBAAsB;IACtB,kFAAkF;CACnF,CAAC;AAEF,+EAA+E;AAE/E,SAAS,aAAa,CACpB,KAAsB,EACtB,OAAe;IAEf,QAAQ,KAAK,CAAC,SAAS,EAAE,CAAC;QACxB,KAAK,eAAe,CAAC,CAAC,CAAC;YACrB,MAAM,QAAQ,GACX,KAAK,CAAC,MAAM,CAAC,QAAiC,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC/E,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;gBAChC,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,GAAG,EAAE,EAAE,CAAC;gBAC5D,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,KAAK,kBAAkB,CAAC,CAAC,CAAC;YACxB,MAAM,QAAQ,GACX,KAAK,CAAC,MAAM,CAAC,QAAiC,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAClF,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;gBAC3B,MAAM,KAAK,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;gBACnC,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,GAAG,EAAE,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,KAAK,kBAAkB,CAAC,CAAC,CAAC;YACxB,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;gBAChD,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;gBAClE,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,KAAK,mBAAmB,CAAC,CAAC,CAAC;YACzB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,kBAAkB,KAAK,KAAK,CAAC;YAC5D,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,qBAAqB,KAAK,KAAK,CAAC;YAChE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,YAAY,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;gBACpE,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;oBAC7B,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACjB,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;gBACnE,CAAC;YACH,CAAC;YACD,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,aAAa,GAAG,CAAC,+BAA+B,EAAE,wBAAwB,CAAC,CAAC;gBAClF,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;oBAC9B,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;wBACjB,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;gBACtE,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,KAAK,mBAAmB,CAAC,CAAC,CAAC;YACzB,MAAM,MAAM,GAAI,KAAK,CAAC,MAAM,CAAC,MAA+B,IAAI,EAAE,CAAC;YACnE,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YACpC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;gBAC3C,IAAI,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACvC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,sBAAsB,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC;gBAC5E,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,QAAQ,GAAI,KAAK,CAAC,MAAM,CAAC,QAAiC,IAAI,EAAE,CAAC;YACvE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,CAAC,OAAO;oBAAE,SAAS;gBACvB,2DAA2D;gBAC3D,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC;oBAAE,SAAS;gBACtD,IAAI,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC;oBAAE,SAAS;gBACpD,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG;oBAAE,SAAS;gBACnC,IAAI,CAAC;oBACH,qEAAqE;oBACrE,kEAAkE;oBAClE,2DAA2D;oBAC3D,gGAAgG;oBAChG,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;oBACvC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACxB,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;oBAChF,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,sBAAsB;gBACxB,CAAC;YACH,CAAC;YACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED;YACE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAyB,EACzB,OAAe;IAEf,MAAM,UAAU,GAAG,MAAM;SACtB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC;SACnC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC;IAE3C,MAAM,OAAO,GAAqC,EAAE,CAAC;IACrD,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,WAAW,GAAkB,IAAI,CAAC;IAEtC,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;QAC/B,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC5D,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,KAAK,CAAC,EAAE;gBACjB,SAAS,EAAE,KAAK,CAAC,IAAI;gBACrB,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,iBAAiB,EAAE;aACxD,CAAC,CAAC;YACH,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;gBACzC,OAAO,GAAG,IAAI,CAAC;gBACf,WAAW,GAAG,4BAA4B,KAAK,CAAC,IAAI,EAAE,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC;AAC3C,CAAC"}
|
package/dist/sonoma-client.d.ts
CHANGED
|
@@ -12,16 +12,30 @@ export interface PolicyRule {
|
|
|
12
12
|
toolPattern: string | null;
|
|
13
13
|
priority: number;
|
|
14
14
|
}
|
|
15
|
+
export interface PromptGuardRule {
|
|
16
|
+
id: string;
|
|
17
|
+
name: string;
|
|
18
|
+
guardType: string;
|
|
19
|
+
action: "block" | "warn" | "log";
|
|
20
|
+
config: Record<string, unknown>;
|
|
21
|
+
priority: number;
|
|
22
|
+
runOnLocalGateway: boolean;
|
|
23
|
+
runOnRemoteGateway: boolean;
|
|
24
|
+
}
|
|
15
25
|
export interface PolicyResponse {
|
|
16
26
|
gatewayAuthMode: "org_key" | "user_id";
|
|
17
27
|
gatewaySessionLifetimeSeconds?: number;
|
|
18
28
|
list: PolicyRule[];
|
|
29
|
+
promptGuards?: PromptGuardRule[];
|
|
30
|
+
/** Maps each identifier to other known identifiers for the same server (URL <-> packageName). */
|
|
31
|
+
identifierAliases?: Record<string, string[]>;
|
|
19
32
|
}
|
|
20
33
|
export declare class SonomaClient {
|
|
21
34
|
private endpoint;
|
|
22
35
|
private hostname;
|
|
23
36
|
private deviceId;
|
|
24
37
|
private orgApiKey;
|
|
38
|
+
private oauthFailed;
|
|
25
39
|
private pendingEvents;
|
|
26
40
|
private flushInterval;
|
|
27
41
|
private debug;
|
|
@@ -32,9 +46,16 @@ export declare class SonomaClient {
|
|
|
32
46
|
});
|
|
33
47
|
private log;
|
|
34
48
|
/**
|
|
35
|
-
* Get auth token - tries OAuth first, falls back to org API key
|
|
49
|
+
* Get auth token - tries OAuth first, falls back to org API key.
|
|
50
|
+
* If OAuth previously returned a token that got 401 from the API,
|
|
51
|
+
* skip OAuth and use the API key directly to avoid repeated failures.
|
|
36
52
|
*/
|
|
37
53
|
private getToken;
|
|
54
|
+
/**
|
|
55
|
+
* Mark OAuth as failed (e.g., token returned but got 401 from API).
|
|
56
|
+
* Subsequent getToken() calls will skip OAuth and use the API key.
|
|
57
|
+
*/
|
|
58
|
+
private markOAuthFailed;
|
|
38
59
|
/**
|
|
39
60
|
* Start periodic telemetry flush
|
|
40
61
|
*/
|
|
@@ -59,6 +80,12 @@ export declare class SonomaClient {
|
|
|
59
80
|
* Clear the disk queue
|
|
60
81
|
*/
|
|
61
82
|
private clearDiskQueue;
|
|
83
|
+
/**
|
|
84
|
+
* Fetch with automatic 401 retry using API key fallback.
|
|
85
|
+
* On first 401 when OAuth token is in use, marks OAuth as failed
|
|
86
|
+
* and retries with the org API key.
|
|
87
|
+
*/
|
|
88
|
+
private fetchWithRetry;
|
|
62
89
|
/**
|
|
63
90
|
* Queue an event for telemetry
|
|
64
91
|
* Spills to disk when memory queue exceeds limit
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sonoma-client.d.ts","sourceRoot":"","sources":["../src/sonoma-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAehD,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC1C,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,SAAS,GAAG,SAAS,CAAC;IACvC,6BAA6B,CAAC,EAAE,MAAM,CAAC;IACvC,IAAI,EAAE,UAAU,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"sonoma-client.d.ts","sourceRoot":"","sources":["../src/sonoma-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAehD,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC1C,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACjC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAED,MAAM,WAAW,cAAc;IAC7B,eAAe,EAAE,SAAS,GAAG,SAAS,CAAC;IACvC,6BAA6B,CAAC,EAAE,MAAM,CAAC;IACvC,IAAI,EAAE,UAAU,EAAE,CAAC;IACnB,YAAY,CAAC,EAAE,eAAe,EAAE,CAAC;IACjC,iGAAiG;IACjG,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;CAC9C;AAQD,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,aAAa,CAA+C;IACpE,OAAO,CAAC,KAAK,CAAU;gBAEX,OAAO,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;IAQ9E,OAAO,CAAC,GAAG;IAQX;;;;OAIG;YACW,QAAQ;IAiBtB;;;OAGG;IACH,OAAO,CAAC,eAAe;IAOvB;;OAEG;IACH,mBAAmB,CAAC,UAAU,SAAQ,GAAG,IAAI;IAe7C;;OAEG;IACH,kBAAkB,IAAI,IAAI;IAO1B;;OAEG;IACH,OAAO,CAAC,eAAe;IAMvB;;OAEG;IACH,OAAO,CAAC,WAAW;IAqBnB;;OAEG;IACH,OAAO,CAAC,YAAY;IAkBpB;;OAEG;IACH,OAAO,CAAC,cAAc;IAMtB;;;;OAIG;YACW,cAAc;IAmB5B;;;OAGG;IACH,UAAU,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI;IAWtC;;;OAGG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IAoDrC;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,cAAc,CAAC;IAmB5C;;;OAGG;IACG,WAAW,CACf,OAAO,EAAE,KAAK,CAAC;QACb,gBAAgB,EAAE,MAAM,CAAC;QACzB,UAAU,EAAE,MAAM,CAAC;QACnB,KAAK,EAAE,KAAK,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACvC,CAAC,CAAC;KACJ,CAAC,GACD,OAAO,CAAC,IAAI,CAAC;IAiChB;;;OAGG;IACH,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;CA6BjC"}
|
package/dist/sonoma-client.js
CHANGED
|
@@ -19,6 +19,7 @@ export class SonomaClient {
|
|
|
19
19
|
hostname;
|
|
20
20
|
deviceId;
|
|
21
21
|
orgApiKey = null;
|
|
22
|
+
oauthFailed = false;
|
|
22
23
|
pendingEvents = [];
|
|
23
24
|
flushInterval = null;
|
|
24
25
|
debug;
|
|
@@ -37,20 +38,34 @@ export class SonomaClient {
|
|
|
37
38
|
}
|
|
38
39
|
}
|
|
39
40
|
/**
|
|
40
|
-
* Get auth token - tries OAuth first, falls back to org API key
|
|
41
|
+
* Get auth token - tries OAuth first, falls back to org API key.
|
|
42
|
+
* If OAuth previously returned a token that got 401 from the API,
|
|
43
|
+
* skip OAuth and use the API key directly to avoid repeated failures.
|
|
41
44
|
*/
|
|
42
45
|
async getToken() {
|
|
43
|
-
//
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
this.log("Using org API key (no OAuth token)");
|
|
51
|
-
return this.orgApiKey;
|
|
46
|
+
// Skip OAuth if it previously returned an unauthorized token
|
|
47
|
+
if (!this.oauthFailed) {
|
|
48
|
+
try {
|
|
49
|
+
return await getAccessToken({ sonomaEndpoint: this.endpoint, debug: this.debug });
|
|
50
|
+
}
|
|
51
|
+
catch {
|
|
52
|
+
// OAuth token retrieval failed, fall through to API key
|
|
52
53
|
}
|
|
53
|
-
|
|
54
|
+
}
|
|
55
|
+
if (this.orgApiKey) {
|
|
56
|
+
this.log("Using org API key (no OAuth token)");
|
|
57
|
+
return this.orgApiKey;
|
|
58
|
+
}
|
|
59
|
+
throw new Error("No authentication available. Run --login or set SONOMA_API_KEY");
|
|
60
|
+
}
|
|
61
|
+
/**
|
|
62
|
+
* Mark OAuth as failed (e.g., token returned but got 401 from API).
|
|
63
|
+
* Subsequent getToken() calls will skip OAuth and use the API key.
|
|
64
|
+
*/
|
|
65
|
+
markOAuthFailed() {
|
|
66
|
+
if (!this.oauthFailed && this.orgApiKey) {
|
|
67
|
+
this.oauthFailed = true;
|
|
68
|
+
this.log("OAuth token unauthorized, falling back to org API key for future requests");
|
|
54
69
|
}
|
|
55
70
|
}
|
|
56
71
|
/**
|
|
@@ -134,6 +149,27 @@ export class SonomaClient {
|
|
|
134
149
|
unlinkSync(QUEUE_FILE);
|
|
135
150
|
}
|
|
136
151
|
}
|
|
152
|
+
/**
|
|
153
|
+
* Fetch with automatic 401 retry using API key fallback.
|
|
154
|
+
* On first 401 when OAuth token is in use, marks OAuth as failed
|
|
155
|
+
* and retries with the org API key.
|
|
156
|
+
*/
|
|
157
|
+
async fetchWithRetry(url, init) {
|
|
158
|
+
const token = await this.getToken();
|
|
159
|
+
let response = await unsafeFetch(url, {
|
|
160
|
+
...init,
|
|
161
|
+
headers: { ...init?.headers, Authorization: `Bearer ${token}` },
|
|
162
|
+
});
|
|
163
|
+
if (response.status === 401 && !this.oauthFailed && this.orgApiKey) {
|
|
164
|
+
this.markOAuthFailed();
|
|
165
|
+
const retryToken = await this.getToken();
|
|
166
|
+
response = await unsafeFetch(url, {
|
|
167
|
+
...init,
|
|
168
|
+
headers: { ...init?.headers, Authorization: `Bearer ${retryToken}` },
|
|
169
|
+
});
|
|
170
|
+
}
|
|
171
|
+
return response;
|
|
172
|
+
}
|
|
137
173
|
/**
|
|
138
174
|
* Queue an event for telemetry
|
|
139
175
|
* Spills to disk when memory queue exceeds limit
|
|
@@ -161,27 +197,24 @@ export class SonomaClient {
|
|
|
161
197
|
return;
|
|
162
198
|
}
|
|
163
199
|
try {
|
|
164
|
-
const
|
|
165
|
-
|
|
200
|
+
const body = JSON.stringify({
|
|
201
|
+
hostname: this.hostname,
|
|
202
|
+
deviceId: this.deviceId,
|
|
203
|
+
events: allEvents.map((e) => ({
|
|
204
|
+
serverName: e.serverName,
|
|
205
|
+
toolName: e.toolName,
|
|
206
|
+
timestamp: e.timestamp,
|
|
207
|
+
durationMs: e.durationMs,
|
|
208
|
+
status: e.status,
|
|
209
|
+
errorMessage: e.errorMessage,
|
|
210
|
+
argumentKeys: e.argumentKeys,
|
|
211
|
+
clientName: e.clientName,
|
|
212
|
+
})),
|
|
213
|
+
});
|
|
214
|
+
const response = await this.fetchWithRetry(`${this.endpoint}/api/mcp-visibility/telemetry`, {
|
|
166
215
|
method: "POST",
|
|
167
|
-
headers: {
|
|
168
|
-
|
|
169
|
-
Authorization: `Bearer ${token}`,
|
|
170
|
-
},
|
|
171
|
-
body: JSON.stringify({
|
|
172
|
-
hostname: this.hostname,
|
|
173
|
-
deviceId: this.deviceId,
|
|
174
|
-
events: allEvents.map((e) => ({
|
|
175
|
-
serverName: e.serverName,
|
|
176
|
-
toolName: e.toolName,
|
|
177
|
-
timestamp: e.timestamp,
|
|
178
|
-
durationMs: e.durationMs,
|
|
179
|
-
status: e.status,
|
|
180
|
-
errorMessage: e.errorMessage,
|
|
181
|
-
argumentKeys: e.argumentKeys,
|
|
182
|
-
clientName: e.clientName,
|
|
183
|
-
})),
|
|
184
|
-
}),
|
|
216
|
+
headers: { "Content-Type": "application/json" },
|
|
217
|
+
body,
|
|
185
218
|
});
|
|
186
219
|
if (!response.ok) {
|
|
187
220
|
const text = await response.text();
|
|
@@ -206,12 +239,7 @@ export class SonomaClient {
|
|
|
206
239
|
*/
|
|
207
240
|
async fetchPolicy() {
|
|
208
241
|
try {
|
|
209
|
-
const
|
|
210
|
-
const response = await unsafeFetch(`${this.endpoint}/api/mcp-visibility/policy`, {
|
|
211
|
-
headers: {
|
|
212
|
-
Authorization: `Bearer ${token}`,
|
|
213
|
-
},
|
|
214
|
-
});
|
|
242
|
+
const response = await this.fetchWithRetry(`${this.endpoint}/api/mcp-visibility/policy`);
|
|
215
243
|
if (!response.ok) {
|
|
216
244
|
const text = await response.text();
|
|
217
245
|
throw new Error(`Policy fetch failed: ${response.status} ${text}`);
|
|
@@ -238,13 +266,9 @@ export class SonomaClient {
|
|
|
238
266
|
const totalTools = servers.reduce((acc, s) => acc + s.tools.length, 0);
|
|
239
267
|
this.log(`Reporting ${totalTools} tools from ${servers.length} servers`);
|
|
240
268
|
try {
|
|
241
|
-
const
|
|
242
|
-
const response = await unsafeFetch(`${this.endpoint}/api/mcp-visibility/tools`, {
|
|
269
|
+
const response = await this.fetchWithRetry(`${this.endpoint}/api/mcp-visibility/tools`, {
|
|
243
270
|
method: "POST",
|
|
244
|
-
headers: {
|
|
245
|
-
"Content-Type": "application/json",
|
|
246
|
-
Authorization: `Bearer ${token}`,
|
|
247
|
-
},
|
|
271
|
+
headers: { "Content-Type": "application/json" },
|
|
248
272
|
body: JSON.stringify({
|
|
249
273
|
hostname: this.hostname,
|
|
250
274
|
deviceId: this.deviceId,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sonoma-client.js","sourceRoot":"","sources":["../src/sonoma-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EACL,UAAU,EACV,cAAc,EACd,YAAY,EACZ,aAAa,EACb,QAAQ,EACR,UAAU,EACV,SAAS,GACV,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"sonoma-client.js","sourceRoot":"","sources":["../src/sonoma-client.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EACL,UAAU,EACV,cAAc,EACd,YAAY,EACZ,aAAa,EACb,QAAQ,EACR,UAAU,EACV,SAAS,GACV,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AA8BpE,sBAAsB;AACtB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;AAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,uBAAuB,CAAC,CAAC;AAC7D,MAAM,gBAAgB,GAAG,IAAI,CAAC;AAC9B,MAAM,mBAAmB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO;AAErD,MAAM,OAAO,YAAY;IACf,QAAQ,CAAS;IACjB,QAAQ,CAAS;IACjB,QAAQ,CAAS;IACjB,SAAS,GAAkB,IAAI,CAAC;IAChC,WAAW,GAAG,KAAK,CAAC;IACpB,aAAa,GAAoB,EAAE,CAAC;IACpC,aAAa,GAA0C,IAAI,CAAC;IAC5D,KAAK,CAAU;IAEvB,YAAY,OAAkE;QAC5E,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACpD,IAAI,CAAC,QAAQ,GAAG,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,iBAAiB,EAAE,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;QAC3C,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC;IACtC,CAAC;IAEO,GAAG,CAAC,OAAe,EAAE,GAAG,IAAe;QAC7C,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,2DAA2D;YAC3D,oFAAoF;YACpF,OAAO,CAAC,KAAK,CAAC,mBAAmB,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,QAAQ;QACpB,6DAA6D;QAC7D,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,OAAO,MAAM,cAAc,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;YACpF,CAAC;YAAC,MAAM,CAAC;gBACP,wDAAwD;YAC1D,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,SAAS,CAAC;QACxB,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;IACpF,CAAC;IAED;;;OAGG;IACK,eAAe;QACrB,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,GAAG,CAAC,2EAA2E,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,UAAU,GAAG,KAAK;QACpC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,OAAO;QACT,CAAC;QAED,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,GAAG,EAAE;YACpC,IAAI,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBAClC,IAAI,CAAC,GAAG,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;gBAC5C,IAAI,CAAC,WAAW,CAAC,2BAA2B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClG,CAAC,CAAC,CAAC;QACL,CAAC,EAAE,UAAU,CAAC,CAAC;QAEf,IAAI,CAAC,GAAG,CAAC,iCAAiC,UAAU,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe;QACrB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,MAAuB;QACzC,IAAI,CAAC,eAAe,EAAE,CAAC;QAEvB,mCAAmC;QACnC,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;YACnC,IAAI,KAAK,CAAC,IAAI,IAAI,mBAAmB,EAAE,CAAC;gBACtC,IAAI,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;gBAC3D,yDAAyD;gBACzD,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAC5E,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC5D,aAAa,CAAC,UAAU,EAAE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QACrE,cAAc,CAAC,UAAU,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACnD,IAAI,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,iBAAiB,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACK,YAAY;QAClB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,OAAO;iBACnB,KAAK,CAAC,IAAI,CAAC;iBACX,MAAM,CAAC,OAAO,CAAC;iBACf,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAkB,CAAC,CAAC;YACpD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YAC9C,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,cAAc;QACpB,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,UAAU,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,IAAkB;QAC1D,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,IAAI,QAAQ,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE;YACpC,GAAG,IAAI;YACP,OAAO,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;SAChE,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnE,IAAI,CAAC,eAAe,EAAE,CAAC;YACvB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzC,QAAQ,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE;gBAChC,GAAG,IAAI;gBACP,OAAO,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,aAAa,EAAE,UAAU,UAAU,EAAE,EAAE;aACrE,CAAC,CAAC;QACL,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,KAAoB;QAC7B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEhE,wCAAwC;QACxC,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/E,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,cAAc;QAClB,uCAAuC;QACvC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,EAAE,CAAC;QAExB,MAAM,SAAS,GAAG,CAAC,GAAG,UAAU,EAAE,GAAG,YAAY,CAAC,CAAC;QACnD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;gBAC1B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,MAAM,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5B,UAAU,EAAE,CAAC,CAAC,UAAU;oBACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,SAAS,EAAE,CAAC,CAAC,SAAS;oBACtB,UAAU,EAAE,CAAC,CAAC,UAAU;oBACxB,MAAM,EAAE,CAAC,CAAC,MAAM;oBAChB,YAAY,EAAE,CAAC,CAAC,YAAY;oBAC5B,YAAY,EAAE,CAAC,CAAC,YAAY;oBAC5B,UAAU,EAAE,CAAC,CAAC,UAAU;iBACzB,CAAC,CAAC;aACJ,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,QAAQ,+BAA+B,EAAE;gBAC1F,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI;aACL,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;YAClE,CAAC;YAED,6BAA6B;YAC7B,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,IAAI,CAAC,GAAG,CAAC,WAAW,SAAS,CAAC,MAAM,sBAAsB,UAAU,CAAC,MAAM,eAAe,YAAY,CAAC,MAAM,eAAe,CAAC,CAAC;QAChI,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,+DAA+D;YAC/D,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,GAAG,YAAY,CAAC,CAAC;YAC5C,6CAA6C;YAC7C,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;YAC/B,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,QAAQ,4BAA4B,CAAC,CAAC;YAEzF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;YACrE,CAAC;YAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAmB,CAAC;YACzD,IAAI,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,CAAC;YACxD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;YAC3C,6CAA6C;YAC7C,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;QAClD,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CACf,OAQE;QAEF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC/B,OAAO;QACT,CAAC;QAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,GAAG,CAAC,aAAa,UAAU,eAAe,OAAO,CAAC,MAAM,UAAU,CAAC,CAAC;QAEzE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,QAAQ,2BAA2B,EAAE;gBACtF,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO;iBACR,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;YACrE,CAAC;YAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgD,CAAC;YACtF,IAAI,CAAC,GAAG,CAAC,gCAAgC,MAAM,CAAC,aAAa,iBAAiB,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,+BAA+B;YAC/B,IAAI,CAAC,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,WAAW,CAAC,KAAa;QACvB,MAAM,OAAO,GAAG;YACd,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK;YACL,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,EAAE;aACZ,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CACd,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,2BAA2B,EAAE;YACvD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,KAAK,EAAE;aACjC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SAC9B,CAAC,CACH;aACA,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;YACb,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;gBACb,IAAI,CAAC,GAAG,CAAC,wBAAwB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YAClD,CAAC;QACH,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,IAAI,CAAC,GAAG,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;IACP,CAAC;CACF"}
|
package/dist/types.d.ts
CHANGED
|
@@ -39,6 +39,12 @@ export interface GatewayConfig {
|
|
|
39
39
|
sonomaApiKey?: string;
|
|
40
40
|
/** Enable debug logging */
|
|
41
41
|
debug?: boolean;
|
|
42
|
+
/**
|
|
43
|
+
* Port for the HTTP proxy server. When set, the gateway exposes per-server
|
|
44
|
+
* HTTP endpoints at http://localhost:{port}/proxy/{serverName}/mcp.
|
|
45
|
+
* This allows plugins to keep skills active while traffic flows through the gateway.
|
|
46
|
+
*/
|
|
47
|
+
httpProxyPort?: number;
|
|
42
48
|
}
|
|
43
49
|
export interface ToolCallEvent {
|
|
44
50
|
serverName: string;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,eAAe;IAC9B,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,4BAA4B;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,wBAAwB;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,0EAA0E;IAC1E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0DAA0D;IAC1D,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,8EAA8E;IAC9E,KAAK,CAAC,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;IACF;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CACzD;AAED,MAAM,WAAW,aAAa;IAC5B,oCAAoC;IACpC,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gFAAgF;IAChF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,eAAe;IAC9B,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,4BAA4B;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,wBAAwB;IACxB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,0EAA0E;IAC1E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0DAA0D;IAC1D,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,8EAA8E;IAC9E,KAAK,CAAC,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;IACF;;;;OAIG;IACH,eAAe,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CACzD;AAED,MAAM,WAAW,aAAa;IAC5B,oCAAoC;IACpC,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gFAAgF;IAChF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;IACxC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,eAAe,CAAC;IACxB,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;CACpB"}
|