@sonoma-security/mcp-gateway 0.1.12 → 0.1.14

package/dist/__tests__/tool-blocking.test.js

@@ -0,0 +1,256 @@
+import { describe, it, expect } from "vitest";
+import { isToolBlockedByPolicy, matchesToolPattern, getPatternSpecificity, } from "../pattern-matcher.js";
+// ---------------------------------------------------------------------------
+// matchesToolPattern
+// ---------------------------------------------------------------------------
+describe("matchesToolPattern", () => {
+    it("matches exact tool name", () => {
+        expect(matchesToolPattern("read_file", "read_file")).toBe(true);
+    });
+    it("rejects non-matching exact name", () => {
+        expect(matchesToolPattern("write_file", "read_file")).toBe(false);
+    });
+    it("matches prefix wildcard", () => {
+        expect(matchesToolPattern("read_file", "read_*")).toBe(true);
+        expect(matchesToolPattern("read_directory", "read_*")).toBe(true);
+    });
+    it("rejects non-matching prefix wildcard", () => {
+        expect(matchesToolPattern("write_file", "read_*")).toBe(false);
+    });
+    it("matches suffix wildcard", () => {
+        expect(matchesToolPattern("user_delete", "*_delete")).toBe(true);
+        expect(matchesToolPattern("file_delete", "*_delete")).toBe(true);
+    });
+    it("matches infix wildcard", () => {
+        expect(matchesToolPattern("get_user_info", "get_*_info")).toBe(true);
+        expect(matchesToolPattern("get_file_info", "get_*_info")).toBe(true);
+    });
+    it("matches universal wildcard", () => {
+        expect(matchesToolPattern("anything", "*")).toBe(true);
+    });
+});
+// ---------------------------------------------------------------------------
+// getPatternSpecificity
+// ---------------------------------------------------------------------------
+describe("getPatternSpecificity", () => {
+    it("returns 0 for server-level (null)", () => {
+        expect(getPatternSpecificity(null)).toBe(0);
+    });
+    it("returns 1 for universal wildcard", () => {
+        expect(getPatternSpecificity("*")).toBe(1);
+    });
+    it("returns 100 for exact name", () => {
+        expect(getPatternSpecificity("read_file")).toBe(100);
+    });
+    it("orders wildcard patterns by non-wildcard character count", () => {
+        // "r*" has 1 non-wildcard char, "read_*" has 5
+        expect(getPatternSpecificity("r*")).toBeLessThan(getPatternSpecificity("read_*"));
+    });
+});
+// ---------------------------------------------------------------------------
+// isToolBlockedByPolicy
+// ---------------------------------------------------------------------------
+describe("isToolBlockedByPolicy", () => {
+    // -----------------------------------------------------------------------
+    // Basics
+    // -----------------------------------------------------------------------
+    it("returns false when policy list is empty", () => {
+        expect(isToolBlockedByPolicy([], "slack", "search", null)).toBe(false);
+    });
+    it("returns false when no rules match the server", () => {
+        const rules = [
+            { identifier: "github", status: "blocked", toolPattern: null, priority: 0 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "search", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Server-level blocking
+    // -----------------------------------------------------------------------
+    it("blocks all tools when server-level rule is blocked", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: null, priority: 0 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "search", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "send_message", null)).toBe(true);
+    });
+    it("allows all tools when server-level rule is allowed", () => {
+        const rules = [
+            { identifier: "slack", status: "allowed", toolPattern: null, priority: 0 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "search", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Tool-level blocking (exact name)
+    // -----------------------------------------------------------------------
+    it("blocks a specific tool by exact name", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null)).toBe(true);
+    });
+    it("does not block other tools when only one tool is blocked", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Tool-level blocking (wildcard patterns)
+    // -----------------------------------------------------------------------
+    it("blocks tools matching a wildcard pattern", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_*", priority: 10 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Package name matching
+    // -----------------------------------------------------------------------
+    it("matches rules by packageName when provided", () => {
+        const rules = [
+            { identifier: "@anthropic/slack-mcp", status: "blocked", toolPattern: "slack_search_*", priority: 10 },
+        ];
+        // Server name doesn't match, but packageName does
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", "@anthropic/slack-mcp")).toBe(true);
+    });
+    it("falls back to server name when packageName doesn't match", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: null, priority: 0 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "search", "@some/other-package")).toBe(true);
+    });
+    // -----------------------------------------------------------------------
+    // Global wildcard identifier
+    // -----------------------------------------------------------------------
+    it("blocks tools from any server when identifier is *", () => {
+        const rules = [
+            { identifier: "*", status: "blocked", toolPattern: "dangerous_*", priority: 10 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "dangerous_delete", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "github", "dangerous_reset", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "safe_read", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Priority resolution
+    // -----------------------------------------------------------------------
+    it("higher priority rule wins over lower priority", () => {
+        const rules = [
+            // Server-level: allowed at priority 0
+            { identifier: "slack", status: "allowed", toolPattern: null, priority: 0 },
+            // Tool-level: blocked at priority 20 (higher, wins)
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null)).toBe(true);
+        // Other tools still allowed
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null)).toBe(false);
+    });
+    it("tool-level allow overrides server-level block at higher priority", () => {
+        const rules = [
+            // Server-level: blocked at priority 0
+            { identifier: "slack", status: "blocked", toolPattern: null, priority: 0 },
+            // Tool-level: allowed at priority 20 (higher, wins)
+            { identifier: "slack", status: "allowed", toolPattern: "slack_send_message", priority: 20 },
+        ];
+        // The allowed tool is not blocked
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null)).toBe(false);
+        // Other tools still blocked by server-level rule
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", null)).toBe(true);
+    });
+    // -----------------------------------------------------------------------
+    // Deny wins at same priority
+    // -----------------------------------------------------------------------
+    it("deny wins when two rules have the same priority and specificity", () => {
+        const rules = [
+            { identifier: "slack", status: "allowed", toolPattern: "slack_search_public", priority: 20 },
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_public", priority: 20 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", null)).toBe(true);
+    });
+    // -----------------------------------------------------------------------
+    // Specificity resolution
+    // -----------------------------------------------------------------------
+    it("more specific pattern wins at same priority", () => {
+        const rules = [
+            // Wildcard pattern: block all search tools (less specific)
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_*", priority: 10 },
+            // Exact name: allow this specific search tool (more specific)
+            { identifier: "slack", status: "allowed", toolPattern: "slack_search_public", priority: 10 },
+        ];
+        // Exact name (specificity 100) wins over wildcard (specificity ~22)
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", null)).toBe(false);
+        // Other search tools still blocked
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_private", null)).toBe(true);
+    });
+    // -----------------------------------------------------------------------
+    // Multiple tool blocks on same server
+    // -----------------------------------------------------------------------
+    it("blocks multiple specific tools on the same server", () => {
+        const rules = [
+            { identifier: "slack", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+            { identifier: "slack", status: "blocked", toolPattern: "slack_send_message", priority: 20 },
+        ];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_read_channel", null)).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // URL-based identifier matching
+    // -----------------------------------------------------------------------
+    it("matches rules by URL when server name and packageName don't match", () => {
+        const rules = [
+            { identifier: "https://mcp.slack.com/mcp", status: "blocked", toolPattern: "slack_search_*", priority: 10 },
+        ];
+        // Server name "slack" and packageName don't match, but URL does
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public", null, "https://mcp.slack.com/mcp")).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null, "https://mcp.slack.com/mcp")).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Real-world Slack scenario: policy uses packageName, gateway has URL
+    // -----------------------------------------------------------------------
+    it("blocks Slack tools matching the real-world policy shape", () => {
+        // Mirrors the actual policy returned by the Sonoma API
+        const rules = [
+            { identifier: "https://mcp.slack.com/mcp", status: "gateway", toolPattern: null, priority: 0 },
+            { identifier: "slack-mcp-server", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+            { identifier: "slack-mcp-server", status: "blocked", toolPattern: "slack_send_message", priority: 20 },
+        ];
+        // Gateway config: server name "slack", no packageName, URL "https://mcp.slack.com/mcp"
+        // The tool-level rules use "slack-mcp-server" which doesn't match server name or URL,
+        // but if packageName is resolved to "slack-mcp-server" it will match
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", "slack-mcp-server", "https://mcp.slack.com/mcp")).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", "slack-mcp-server", "https://mcp.slack.com/mcp")).toBe(true);
+        // Unblocked tools are still allowed
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_read_channel", "slack-mcp-server", "https://mcp.slack.com/mcp")).toBe(false);
+    });
+    // -----------------------------------------------------------------------
+    // Extra identifiers (alias resolution from policy)
+    // -----------------------------------------------------------------------
+    it("matches rules via extraIdentifiers (alias resolution)", () => {
+        // Tool-level rules use the canonical package name
+        const rules = [
+            { identifier: "slack-mcp-server", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+        ];
+        // Gateway only knows server name "slack" and URL, but aliases resolve
+        // "slack-mcp-server" from the identifierAliases map
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null, "https://mcp.slack.com/mcp", ["slack-mcp-server"])).toBe(true);
+        // Non-blocked tools still allowed
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_read_channel", null, "https://mcp.slack.com/mcp", ["slack-mcp-server"])).toBe(false);
+    });
+    it("matches the exact real-world scenario: gateway has URL, policy has packageName", () => {
+        // Real policy from the Sonoma API
+        const rules = [
+            { identifier: "https://mcp.slack.com/mcp", status: "gateway", toolPattern: null, priority: 0 },
+            { identifier: "slack-mcp-server", status: "blocked", toolPattern: "slack_search_public_and_private", priority: 20 },
+            { identifier: "slack-mcp-server", status: "blocked", toolPattern: "slack_send_message", priority: 20 },
+        ];
+        // Gateway: name="slack", no packageName, url="https://mcp.slack.com/mcp"
+        // identifierAliases from policy: {"https://mcp.slack.com/mcp": ["slack-mcp-server"]}
+        const aliases = ["slack-mcp-server"];
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_search_public_and_private", null, "https://mcp.slack.com/mcp", aliases)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_send_message", null, "https://mcp.slack.com/mcp", aliases)).toBe(true);
+        expect(isToolBlockedByPolicy(rules, "slack", "slack_read_channel", null, "https://mcp.slack.com/mcp", aliases)).toBe(false);
+    });
+});
+//# sourceMappingURL=tool-blocking.test.js.map

package/dist/__tests__/tool-blocking.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-blocking.test.js","sourceRoot":"","sources":["../../src/__tests__/tool-blocking.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,qBAAqB,GAEtB,MAAM,uBAAuB,CAAC;AAE/B,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAC9E,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACjC,MAAM,CAAC,kBAAkB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,CAAC,kBAAkB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACjC,MAAM,CAAC,kBAAkB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7D,MAAM,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,CAAC,kBAAkB,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACjC,MAAM,CAAC,kBAAkB,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjE,MAAM,CAAC,kBAAkB,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,CAAC,kBAAkB,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrE,MAAM,CAAC,kBAAkB,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,kBAAkB,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,wBAAwB;AACxB,8EAA8E;AAC9E,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;QAClE,+CAA+C;QAC/C,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY,CAC9C,qBAAqB,CAAC,QAAQ,CAAC,CAChC,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,wBAAwB;AACxB,8EAA8E;AAC9E,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,0EAA0E;IAC1E,SAAS;IACT,0EAA0E;IAC1E,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,CAAC,qBAAqB,CAAC,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;SAC5E,CAAC;QACF,MAAM,CAAC,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,wBAAwB;IACxB,0EAA0E;IAC1E,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;SAC3E,CAAC;QACF,MAAM,CAAC,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzE,MAAM,CAAC,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;SAC3E,CAAC;QACF,MAAM,CAAC,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,mCAAmC;IACnC,0EAA0E;IAC1E,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;SACzG,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,CAAC,CAC/E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;QAClE,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;SACzG,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,0CAA0C;IAC1C,0EAA0E;IAC1E,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,gBAAgB,EAAE,QAAQ,EAAE,EAAE,EAAE;SACxF,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,CAAC,CACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,CAAC,CAC/E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,wBAAwB;IACxB,0EAA0E;IAC1E,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,sBAAsB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,gBAAgB,EAAE,QAAQ,EAAE,EAAE,EAAE;SACvG,CAAC;QACF,kDAAkD;QAClD,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,CAAC,CACrF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;QAClE,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;SAC3E,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CACvE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,6BAA6B;IAC7B,0EAA0E;IAC1E,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,aAAa,EAAE,QAAQ,EAAE,EAAE,EAAE;SACjF,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,CAAC,CAChE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,QAAQ,EAAE,iBAAiB,EAAE,IAAI,CAAC,CAChE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,CACzD,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,sBAAsB;IACtB,0EAA0E;IAC1E,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,KAAK,GAA4B;YACrC,sCAAsC;YACtC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;YAC1E,oDAAoD;YACpD,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;SACzG,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,CAAC,CAC/E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,4BAA4B;QAC5B,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kEAAkE,EAAE,GAAG,EAAE;QAC1E,MAAM,KAAK,GAA4B;YACrC,sCAAsC;YACtC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;YAC1E,oDAAoD;YACpD,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,EAAE,EAAE;SAC5F,CAAC;QACF,kCAAkC;QAClC,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,iDAAiD;QACjD,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,CAAC,CACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,6BAA6B;IAC7B,0EAA0E;IAC1E,EAAE,CAAC,iEAAiE,EAAE,GAAG,EAAE;QACzE,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,qBAAqB,EAAE,QAAQ,EAAE,EAAE,EAAE;YAC5F,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,qBAAqB,EAAE,QAAQ,EAAE,EAAE,EAAE;SAC7F,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,CAAC,CACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,yBAAyB;IACzB,0EAA0E;IAC1E,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,KAAK,GAA4B;YACrC,2DAA2D;YAC3D,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,gBAAgB,EAAE,QAAQ,EAAE,EAAE,EAAE;YACvF,8DAA8D;YAC9D,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,qBAAqB,EAAE,QAAQ,EAAE,EAAE,EAAE;SAC7F,CAAC;QACF,oEAAoE;QACpE,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,CAAC,CACnE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,mCAAmC;QACnC,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,CAAC,CACpE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,sCAAsC;IACtC,0EAA0E;IAC1E,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;YACxG,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,EAAE,EAAE;SAC5F,CAAC;QACF,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,CAAC,CAC/E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAClE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,gCAAgC;IAChC,0EAA0E;IAC1E,EAAE,CAAC,mEAAmE,EAAE,GAAG,EAAE;QAC3E,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,2BAA2B,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,gBAAgB,EAAE,QAAQ,EAAE,EAAE,EAAE;SAC5G,CAAC;QACF,gEAAgE;QAChE,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,CAAC,CAChG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,2BAA2B,CAAC,CAC/F,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,sEAAsE;IACtE,0EAA0E;IAC1E,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;QACjE,uDAAuD;QACvD,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,2BAA2B,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;YAC9F,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;YACnH,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,EAAE,EAAE;SACvG,CAAC;QACF,uFAAuF;QACvF,sFAAsF;QACtF,qEAAqE;QACrE,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,kBAAkB,EAAE,2BAA2B,CAAC,CAC1H,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,2BAA2B,CAAC,CAC7G,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,oCAAoC;QACpC,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,2BAA2B,CAAC,CAC7G,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,0EAA0E;IAC1E,mDAAmD;IACnD,0EAA0E;IAC1E,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;QAC/D,kDAAkD;QAClD,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;SACpH,CAAC;QACF,sEAAsE;QACtE,oDAAoD;QACpD,MAAM,CACJ,qBAAqB,CACnB,KAAK,EAAE,OAAO,EAAE,iCAAiC,EACjD,IAAI,EAAE,2BAA2B,EACjC,CAAC,kBAAkB,CAAC,CACrB,CACF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,kCAAkC;QAClC,MAAM,CACJ,qBAAqB,CACnB,KAAK,EAAE,OAAO,EAAE,oBAAoB,EACpC,IAAI,EAAE,2BAA2B,EACjC,CAAC,kBAAkB,CAAC,CACrB,CACF,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gFAAgF,EAAE,GAAG,EAAE;QACxF,kCAAkC;QAClC,MAAM,KAAK,GAA4B;YACrC,EAAE,UAAU,EAAE,2BAA2B,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;YAC9F,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,EAAE,EAAE;YACnH,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,EAAE,EAAE;SACvG,CAAC;QACF,yEAAyE;QACzE,qFAAqF;QACrF,MAAM,OAAO,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAErC,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,2BAA2B,EAAE,OAAO,CAAC,CACrH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,2BAA2B,EAAE,OAAO,CAAC,CACxG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACb,MAAM,CACJ,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,2BAA2B,EAAE,OAAO,CAAC,CACxG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/auth/keychain.d.ts

@@ -0,0 +1,34 @@
+/**
+ * OS Keychain abstraction for secure credential storage.
+ *
+ * Uses native OS credential stores via CLI tools (no native modules needed):
+ * - macOS: Keychain Access via `security` CLI
+ * - Windows: Credential Manager via PowerShell
+ * - Linux/other: Falls back to encrypted file storage (existing behavior)
+ *
+ * All credentials are stored as JSON strings, keyed by (service, account).
+ */
+/**
+ * Store a credential in the OS keychain.
+ * @param account - Unique key within the service (e.g., "sonoma-auth", "upstream:https://mcp.slack.com")
+ * @param data - Credential data (will be JSON-stringified)
+ */
+export declare function keychainSet(account: string, data: unknown): void;
+/**
+ * Retrieve a credential from the OS keychain.
+ * @returns Parsed JSON data, or null if not found
+ */
+export declare function keychainGet<T = unknown>(account: string): T | null;
+/**
+ * Delete a credential from the OS keychain.
+ */
+export declare function keychainDelete(account: string): void;
+/**
+ * Delete all credentials for the service from the OS keychain.
+ */
+export declare function keychainDeleteAll(): void;
+/**
+ * Check whether OS keychain is available on this platform.
+ */
+export declare function keychainAvailable(): boolean;
+//# sourceMappingURL=keychain.d.ts.map

package/dist/auth/keychain.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"keychain.d.ts","sourceRoot":"","sources":["../../src/auth/keychain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAQH;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI,CAWhE;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,GAAG,OAAO,EAAE,OAAO,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI,CAmBlE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAUpD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,IAAI,CAUxC;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAM3C"}

package/dist/auth/keychain.js

@@ -0,0 +1,305 @@
+/**
+ * OS Keychain abstraction for secure credential storage.
+ *
+ * Uses native OS credential stores via CLI tools (no native modules needed):
+ * - macOS: Keychain Access via `security` CLI
+ * - Windows: Credential Manager via PowerShell
+ * - Linux/other: Falls back to encrypted file storage (existing behavior)
+ *
+ * All credentials are stored as JSON strings, keyed by (service, account).
+ */
+import { execSync } from "node:child_process";
+const SERVICE_NAME = "sonoma-mcp-gateway";
+/**
+ * Store a credential in the OS keychain.
+ * @param account - Unique key within the service (e.g., "sonoma-auth", "upstream:https://mcp.slack.com")
+ * @param data - Credential data (will be JSON-stringified)
+ */
+export function keychainSet(account, data) {
+    const json = JSON.stringify(data);
+    const platform = process.platform;
+    if (platform === "darwin") {
+        macosSet(account, json);
+    }
+    else if (platform === "win32") {
+        windowsSet(account, json);
+    }
+    else {
+        throw new Error(`Keychain not supported on ${platform}`);
+    }
+}
+/**
+ * Retrieve a credential from the OS keychain.
+ * @returns Parsed JSON data, or null if not found
+ */
+export function keychainGet(account) {
+    const platform = process.platform;
+    let json;
+    if (platform === "darwin") {
+        json = macosGet(account);
+    }
+    else if (platform === "win32") {
+        json = windowsGet(account);
+    }
+    else {
+        throw new Error(`Keychain not supported on ${platform}`);
+    }
+    if (json === null)
+        return null;
+    try {
+        return JSON.parse(json);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Delete a credential from the OS keychain.
+ */
+export function keychainDelete(account) {
+    const platform = process.platform;
+    if (platform === "darwin") {
+        macosDelete(account);
+    }
+    else if (platform === "win32") {
+        windowsDelete(account);
+    }
+    else {
+        throw new Error(`Keychain not supported on ${platform}`);
+    }
+}
+/**
+ * Delete all credentials for the service from the OS keychain.
+ */
+export function keychainDeleteAll() {
+    const platform = process.platform;
+    if (platform === "darwin") {
+        macosDeleteAll();
+    }
+    else if (platform === "win32") {
+        windowsDeleteAll();
+    }
+    else {
+        throw new Error(`Keychain not supported on ${platform}`);
+    }
+}
+/**
+ * Check whether OS keychain is available on this platform.
+ */
+export function keychainAvailable() {
+    const platform = process.platform;
+    if (platform === "darwin" || platform === "win32") {
+        return true;
+    }
+    return false;
+}
+// ---------------------------------------------------------------------------
+// macOS Keychain via `security` CLI
+// ---------------------------------------------------------------------------
+function macosSet(account, password) {
+    // -U = update if exists, -s = service, -a = account, -w = password
+    // Accepted risk: macOS `security` CLI requires -w <password> as a CLI argument,
+    // which briefly exposes it in the process list. There is no stdin alternative for
+    // add-generic-password. The exposure window is sub-second and local-only.
+    execSync(`/usr/bin/security add-generic-password -s ${shellEscape(SERVICE_NAME)} -a ${shellEscape(account)} -U -w ${shellEscape(password)}`, { stdio: "pipe" });
+}
+function macosGet(account) {
+    try {
+        const result = execSync(`/usr/bin/security find-generic-password -s ${shellEscape(SERVICE_NAME)} -a ${shellEscape(account)} -w`, { stdio: "pipe", encoding: "utf-8" });
+        return result.trim();
+    }
+    catch {
+        // Not found (exit code 44) or other error
+        return null;
+    }
+}
+function macosDelete(account) {
+    try {
+        execSync(`/usr/bin/security delete-generic-password -s ${shellEscape(SERVICE_NAME)} -a ${shellEscape(account)}`, { stdio: "pipe" });
+    }
+    catch {
+        // Ignore if not found
+    }
+}
+function macosDeleteAll() {
+    // Delete entries one at a time until none remain
+    for (let i = 0; i < 100; i++) {
+        try {
+            execSync(`/usr/bin/security delete-generic-password -s ${shellEscape(SERVICE_NAME)}`, { stdio: "pipe" });
+        }
+        catch {
+            break; // No more entries
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Windows Credential Manager via PowerShell
+// ---------------------------------------------------------------------------
+function windowsTargetName(account) {
+    return `${SERVICE_NAME}:${account}`;
+}
+function windowsSet(account, password) {
+    const target = windowsTargetName(account);
+    // Use CredWrite via .NET interop for arbitrary credential storage.
+    // Base64-encode the password to avoid escaping issues in PowerShell.
+    const b64 = Buffer.from(password, "utf-8").toString("base64");
+    const ps = `
+$ErrorActionPreference='Stop'
+Add-Type -TypeDefinition @"
+using System;
+using System.Runtime.InteropServices;
+using System.Text;
+
+public class CredManager {
+    [DllImport("advapi32.dll", SetLastError=true, CharSet=CharSet.Unicode)]
+    public static extern bool CredWriteW(ref CREDENTIAL cred, uint flags);
+    [DllImport("advapi32.dll", SetLastError=true)]
+    public static extern bool CredFree(IntPtr buffer);
+
+    [StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
+    public struct CREDENTIAL {
+        public uint Flags;
+        public uint Type;
+        public string TargetName;
+        public string Comment;
+        public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
+        public uint CredentialBlobSize;
+        public IntPtr CredentialBlob;
+        public uint Persist;
+        public uint AttributeCount;
+        public IntPtr Attributes;
+        public string TargetAlias;
+        public string UserName;
+    }
+
+    public static void Write(string target, string secret) {
+        byte[] bytes = Encoding.UTF8.GetBytes(secret);
+        IntPtr blob = Marshal.AllocHGlobal(bytes.Length);
+        Marshal.Copy(bytes, 0, blob, bytes.Length);
+        CREDENTIAL cred = new CREDENTIAL();
+        cred.Type = 1; // CRED_TYPE_GENERIC
+        cred.TargetName = target;
+        cred.CredentialBlobSize = (uint)bytes.Length;
+        cred.CredentialBlob = blob;
+        cred.Persist = 2; // CRED_PERSIST_LOCAL_MACHINE
+        cred.UserName = "sonoma-gateway";
+        bool ok = CredWriteW(ref cred, 0);
+        Marshal.FreeHGlobal(blob);
+        if (!ok) throw new Exception("CredWrite failed: " + Marshal.GetLastWin32Error());
+    }
+}
+"@
+$targetB64 = '${Buffer.from(target, "utf-8").toString("base64")}'
+$target = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($targetB64))
+$secret = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${b64}'))
+[CredManager]::Write($target, $secret)
+`;
+    execSync(`powershell -NoProfile -NonInteractive -Command "${ps.replace(/"/g, '\\"')}"`, {
+        stdio: "pipe",
+        windowsHide: true,
+    });
+}
+function windowsGet(account) {
+    const target = windowsTargetName(account);
+    const ps = `
+$ErrorActionPreference='Stop'
+Add-Type -TypeDefinition @"
+using System;
+using System.Runtime.InteropServices;
+using System.Text;
+
+public class CredReader {
+    [DllImport("advapi32.dll", SetLastError=true, CharSet=CharSet.Unicode)]
+    public static extern bool CredReadW(string target, uint type, uint flags, out IntPtr cred);
+    [DllImport("advapi32.dll", SetLastError=true)]
+    public static extern bool CredFree(IntPtr buffer);
+
+    [StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
+    public struct CREDENTIAL {
+        public uint Flags;
+        public uint Type;
+        public string TargetName;
+        public string Comment;
+        public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
+        public uint CredentialBlobSize;
+        public IntPtr CredentialBlob;
+        public uint Persist;
+        public uint AttributeCount;
+        public IntPtr Attributes;
+        public string TargetAlias;
+        public string UserName;
+    }
+
+    public static string Read(string target) {
+        IntPtr credPtr;
+        bool ok = CredReadW(target, 1, 0, out credPtr);
+        if (!ok) return null;
+        CREDENTIAL cred = (CREDENTIAL)Marshal.PtrToStructure(credPtr, typeof(CREDENTIAL));
+        byte[] bytes = new byte[cred.CredentialBlobSize];
+        Marshal.Copy(cred.CredentialBlob, bytes, 0, bytes.Length);
+        CredFree(credPtr);
+        return Encoding.UTF8.GetString(bytes);
+    }
+}
+"@
+$targetB64 = '${Buffer.from(target, "utf-8").toString("base64")}'
+$t = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($targetB64))
+$result = [CredReader]::Read($t)
+if ($result -eq $null) { exit 1 }
+[Console]::Write($result)
+`;
+    try {
+        return execSync(`powershell -NoProfile -NonInteractive -Command "${ps.replace(/"/g, '\\"')}"`, { stdio: "pipe", encoding: "utf-8", windowsHide: true });
+    }
+    catch {
+        return null;
+    }
+}
+function windowsDelete(account) {
+    const target = windowsTargetName(account);
+    try {
+        execSync(`cmdkey /delete:${target}`, { stdio: "pipe", windowsHide: true });
+    }
+    catch {
+        // Ignore if not found
+    }
+}
+function windowsDeleteAll() {
+    // List all credentials matching our service prefix and delete them
+    try {
+        const output = execSync("cmdkey /list", {
+            stdio: "pipe",
+            encoding: "utf-8",
+            windowsHide: true,
+        });
+        const prefix = `${SERVICE_NAME}:`;
+        for (const line of output.split("\n")) {
+            const match = line.match(/Target:\s*(.+)/i);
+            if (match) {
+                const target = match[1].trim();
+                if (target.startsWith(prefix)) {
+                    try {
+                        execSync(`cmdkey /delete:${target}`, { stdio: "pipe", windowsHide: true });
+                    }
+                    catch {
+                        // Ignore individual delete failures
+                    }
+                }
+            }
+        }
+    }
+    catch {
+        // Ignore errors
+    }
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+/**
+ * Shell-escape a string for use in a command argument.
+ * Wraps in single quotes and escapes embedded single quotes.
+ */
+function shellEscape(s) {
+    return `'${s.replace(/'/g, "'\\''")}'`;
+}
+//# sourceMappingURL=keychain.js.map

package/dist/auth/keychain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keychain.js","sourceRoot":"","sources":["../../src/auth/keychain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,MAAM,YAAY,GAAG,oBAAoB,CAAC;AAI1C;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,IAAa;IACxD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAoB,CAAC;IAE9C,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC1B,CAAC;SAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAc,OAAe;IACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAoB,CAAC;IAE9C,IAAI,IAAmB,CAAC;IACxB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;SAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,IAAI,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,IAAI,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAE/B,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAM,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAoB,CAAC;IAE9C,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,WAAW,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;SAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,aAAa,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAoB,CAAC;IAE9C,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,cAAc,EAAE,CAAC;IACnB,CAAC;SAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,gBAAgB,EAAE,CAAC;IACrB,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAoB,CAAC;IAC9C,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E,SAAS,QAAQ,CAAC,OAAe,EAAE,QAAgB;IACjD,mEAAmE;IACnE,gFAAgF;IAChF,kFAAkF;IAClF,0EAA0E;IAC1E,QAAQ,CACN,6CAA6C,WAAW,CAAC,YAAY,CAAC,OAAO,WAAW,CAAC,OAAO,CAAC,UAAU,WAAW,CAAC,QAAQ,CAAC,EAAE,EAClI,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,OAAe;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CACrB,8CAA8C,WAAW,CAAC,YAAY,CAAC,OAAO,WAAW,CAAC,OAAO,CAAC,KAAK,EACvG,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,CACrC,CAAC;QACF,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,0CAA0C;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,OAAe;IAClC,IAAI,CAAC;QACH,QAAQ,CACN,gDAAgD,WAAW,CAAC,YAAY,CAAC,OAAO,WAAW,CAAC,OAAO,CAAC,EAAE,EACtG,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,sBAAsB;IACxB,CAAC;AACH,CAAC;AAED,SAAS,cAAc;IACrB,iDAAiD;IACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,QAAQ,CACN,gDAAgD,WAAW,CAAC,YAAY,CAAC,EAAE,EAC3E,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,CAAC,kBAAkB;QAC3B,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,4CAA4C;AAC5C,8EAA8E;AAE9E,SAAS,iBAAiB,CAAC,OAAe;IACxC,OAAO,GAAG,YAAY,IAAI,OAAO,EAAE,CAAC;AACtC,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,QAAgB;IACnD,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,mEAAmE;IACnE,qEAAqE;IACrE,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;gBA8CG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;;uFAEwB,GAAG;;CAEzF,CAAC;IACA,QAAQ,CAAC,mDAAmD,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,EAAE;QACtF,KAAK,EAAE,MAAM;QACb,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU,CAAC,OAAe;IACjC,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;gBAyCG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;;;;;CAK9D,CAAC;IACA,IAAI,CAAC;QACH,OAAO,QAAQ,CACb,mDAAmD,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,EAC7E,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,CACxD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACpC,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,CAAC;QACH,QAAQ,CACN,kBAAkB,MAAM,EAAE,EAC1B,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,CACrC,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,sBAAsB;IACxB,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB;IACvB,mEAAmE;IACnE,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,cAAc,EAAE;YACtC,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,OAAO;YACjB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,GAAG,YAAY,GAAG,CAAC;QAClC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;YAC5C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC/B,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9B,IAAI,CAAC;wBACH,QAAQ,CAAC,kBAAkB,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC7E,CAAC;oBAAC,MAAM,CAAC;wBACP,oCAAoC;oBACtC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gBAAgB;IAClB,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;GAGG;AACH,SAAS,WAAW,CAAC,CAAS;IAC5B,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC;AACzC,CAAC"}