@stackmemoryai/stackmemory 0.2.4 → 0.2.6

package/dist/src/runway/auth/auth-middleware.d.ts

@@ -0,0 +1,66 @@
+/**
+ * Production Authentication Middleware for Runway MCP Server
+ * Implements JWT validation with Auth0, refresh tokens, and rate limiting
+ */
+import { Request, Response, NextFunction } from 'express';
+import { RateLimiterRes } from 'rate-limiter-flexible';
+export interface AuthUser {
+    id: string;
+    email: string;
+    sub: string;
+    name?: string;
+    picture?: string;
+    tier: 'free' | 'pro' | 'enterprise';
+    organizations?: string[];
+    permissions: string[];
+    metadata?: Record<string, any>;
+}
+export interface AuthRequest extends Request {
+    user?: AuthUser;
+    rateLimitInfo?: RateLimiterRes;
+}
+export declare class AuthMiddleware {
+    private config;
+    private jwksClient;
+    private redis;
+    private rateLimiters;
+    private blacklistedTokens;
+    constructor(config: {
+        auth0Domain: string;
+        auth0Audience: string;
+        redisUrl: string;
+        jwtSecret?: string;
+        bypassAuth?: boolean;
+    });
+    private initializeRateLimiters;
+    private setupTokenBlacklistSync;
+    private getSigningKey;
+    /**
+     * Main authentication middleware
+     */
+    authenticate: (req: AuthRequest, res: Response, next: NextFunction) => Promise<void>;
+    /**
+     * WebSocket authentication handler
+     */
+    authenticateWebSocket: (token: string) => Promise<AuthUser | null>;
+    /**
+     * Permission checking middleware
+     */
+    requirePermission: (permission: string) => (req: AuthRequest, res: Response, next: NextFunction) => Response<any, Record<string, any>>;
+    /**
+     * Organization access middleware
+     */
+    requireOrganization: (req: AuthRequest, res: Response, next: NextFunction) => Response<any, Record<string, any>>;
+    private extractToken;
+    private loadUser;
+    private getMockUser;
+    /**
+     * Revoke a token (add to blacklist)
+     */
+    revokeToken(token: string): Promise<void>;
+    /**
+     * Cleanup resources
+     */
+    close(): Promise<void>;
+}
+//# sourceMappingURL=auth-middleware.d.ts.map

package/dist/src/runway/auth/auth-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-middleware.d.ts","sourceRoot":"","sources":["../../../../src/runway/auth/auth-middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAoB,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAKzE,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,YAAY,CAAC;IACpC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,IAAI,CAAC,EAAE,QAAQ,CAAC;IAChB,aAAa,CAAC,EAAE,cAAc,CAAC;CAChC;AAED,qBAAa,cAAc;IAOvB,OAAO,CAAC,MAAM;IANhB,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,KAAK,CAAQ;IACrB,OAAO,CAAC,YAAY,CAAgC;IACpD,OAAO,CAAC,iBAAiB,CAA0B;gBAGzC,MAAM,EAAE;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,UAAU,CAAC,EAAE,OAAO,CAAC;KACtB;IAeH,OAAO,CAAC,sBAAsB;IAoC9B,OAAO,CAAC,uBAAuB;YAgBjB,aAAa;IAiB3B;;OAEG;IACI,YAAY,GACjB,KAAK,WAAW,EAChB,KAAK,QAAQ,EACb,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAgId;IAEF;;OAEG;IACI,qBAAqB,GAAU,OAAO,MAAM,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAmB5E;IAEF;;OAEG;IACI,iBAAiB,GAAI,YAAY,MAAM,MACpC,KAAK,WAAW,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wCAmB3D;IAEF;;OAEG;IACI,mBAAmB,GAAI,KAAK,WAAW,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wCAkB/E;IAEF,OAAO,CAAC,YAAY;YAUN,QAAQ;IAwBtB,OAAO,CAAC,WAAW;IAYnB;;OAEG;IACU,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IActD;;OAEG;IACU,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAGpC"}

package/dist/src/runway/auth/auth-middleware.js

@@ -0,0 +1,337 @@
+/**
+ * Production Authentication Middleware for Runway MCP Server
+ * Implements JWT validation with Auth0, refresh tokens, and rate limiting
+ */
+import jwt from 'jsonwebtoken';
+import jwksRsa from 'jwks-rsa';
+import { RateLimiterRedis } from 'rate-limiter-flexible';
+import Redis from 'ioredis';
+import { logger } from '../monitoring/logger.js';
+import { metrics } from '../monitoring/metrics.js';
+export class AuthMiddleware {
+    config;
+    jwksClient;
+    redis;
+    rateLimiters;
+    blacklistedTokens = new Set();
+    constructor(config) {
+        this.config = config;
+        this.redis = new Redis(config.redisUrl);
+        this.jwksClient = jwksRsa({
+            jwksUri: `https://${config.auth0Domain}/.well-known/jwks.json`,
+            cache: true,
+            cacheMaxAge: 600000, // 10 minutes
+            rateLimit: true,
+            jwksRequestsPerMinute: 5
+        });
+        this.initializeRateLimiters();
+        this.setupTokenBlacklistSync();
+    }
+    initializeRateLimiters() {
+        // Different rate limits for different tiers
+        this.rateLimiters = new Map([
+            ['free', new RateLimiterRedis({
+                    storeClient: this.redis,
+                    keyPrefix: 'rl:free',
+                    points: 100, // requests
+                    duration: 900, // per 15 minutes
+                    blockDuration: 900 // block for 15 minutes
+                })],
+            ['pro', new RateLimiterRedis({
+                    storeClient: this.redis,
+                    keyPrefix: 'rl:pro',
+                    points: 1000,
+                    duration: 900,
+                    blockDuration: 300
+                })],
+            ['enterprise', new RateLimiterRedis({
+                    storeClient: this.redis,
+                    keyPrefix: 'rl:enterprise',
+                    points: 10000,
+                    duration: 900,
+                    blockDuration: 60
+                })]
+        ]);
+        // Special rate limiter for auth endpoints
+        this.rateLimiters.set('auth', new RateLimiterRedis({
+            storeClient: this.redis,
+            keyPrefix: 'rl:auth',
+            points: 10, // Only 10 auth attempts
+            duration: 900,
+            blockDuration: 3600 // Block for 1 hour on excessive auth attempts
+        }));
+    }
+    setupTokenBlacklistSync() {
+        // Subscribe to token revocation events
+        const subscriber = new Redis(this.config.redisUrl);
+        subscriber.subscribe('token:revoked');
+        subscriber.on('message', (channel, token) => {
+            if (channel === 'token:revoked') {
+                this.blacklistedTokens.add(token);
+                // Clean up old tokens periodically
+                if (this.blacklistedTokens.size > 10000) {
+                    this.blacklistedTokens.clear();
+                }
+            }
+        });
+    }
+    async getSigningKey(kid) {
+        return new Promise((resolve, reject) => {
+            this.jwksClient.getSigningKey(kid, (err, key) => {
+                if (err) {
+                    reject(err);
+                }
+                else {
+                    const signingKey = key?.getPublicKey();
+                    if (!signingKey) {
+                        reject(new Error('No signing key found'));
+                    }
+                    else {
+                        resolve(signingKey);
+                    }
+                }
+            });
+        });
+    }
+    /**
+     * Main authentication middleware
+     */
+    authenticate = async (req, res, next) => {
+        const startTime = Date.now();
+        try {
+            // Bypass auth for health checks
+            if (req.path === '/health' || req.path === '/metrics') {
+                return next();
+            }
+            // Development bypass
+            if (this.config.bypassAuth && process.env.NODE_ENV === 'development') {
+                req.user = this.getMockUser();
+                return next();
+            }
+            // Extract token
+            const token = this.extractToken(req);
+            if (!token) {
+                metrics.increment('auth.missing_token');
+                return res.status(401).json({
+                    error: 'Authentication required',
+                    code: 'MISSING_TOKEN'
+                });
+            }
+            // Check blacklist
+            if (this.blacklistedTokens.has(token)) {
+                metrics.increment('auth.blacklisted_token');
+                return res.status(401).json({
+                    error: 'Token has been revoked',
+                    code: 'TOKEN_REVOKED'
+                });
+            }
+            // Decode and verify token
+            const decoded = jwt.decode(token, { complete: true });
+            if (!decoded) {
+                metrics.increment('auth.invalid_token');
+                return res.status(401).json({
+                    error: 'Invalid token format',
+                    code: 'INVALID_TOKEN'
+                });
+            }
+            // Get signing key and verify
+            const signingKey = await this.getSigningKey(decoded.header.kid);
+            const verified = jwt.verify(token, signingKey, {
+                algorithms: ['RS256'],
+                audience: this.config.auth0Audience,
+                issuer: `https://${this.config.auth0Domain}/`
+            });
+            // Load user from database or cache
+            const user = await this.loadUser(verified.sub);
+            if (!user) {
+                metrics.increment('auth.user_not_found');
+                return res.status(403).json({
+                    error: 'User not found',
+                    code: 'USER_NOT_FOUND'
+                });
+            }
+            // Check user suspension
+            if (user.metadata?.suspended) {
+                metrics.increment('auth.user_suspended');
+                return res.status(403).json({
+                    error: 'Account suspended',
+                    code: 'ACCOUNT_SUSPENDED'
+                });
+            }
+            // Apply rate limiting
+            const rateLimiter = this.rateLimiters.get(user.tier) || this.rateLimiters.get('free');
+            try {
+                const rateLimitRes = await rateLimiter.consume(user.id);
+                req.rateLimitInfo = rateLimitRes;
+                // Add rate limit headers
+                res.setHeader('X-RateLimit-Limit', rateLimiter.points.toString());
+                res.setHeader('X-RateLimit-Remaining', rateLimitRes.remainingPoints.toString());
+                res.setHeader('X-RateLimit-Reset', new Date(Date.now() + rateLimitRes.msBeforeNext).toISOString());
+            }
+            catch (rateLimitError) {
+                metrics.increment('auth.rate_limited');
+                res.setHeader('Retry-After', Math.round(rateLimitError.msBeforeNext / 1000).toString());
+                return res.status(429).json({
+                    error: 'Too many requests',
+                    code: 'RATE_LIMITED',
+                    retryAfter: rateLimitError.msBeforeNext
+                });
+            }
+            // Attach user to request
+            req.user = user;
+            // Track metrics
+            metrics.increment('auth.success', { tier: user.tier });
+            metrics.timing('auth.duration', Date.now() - startTime);
+            logger.info('Authentication successful', {
+                userId: user.id,
+                tier: user.tier,
+                path: req.path
+            });
+            next();
+        }
+        catch (error) {
+            metrics.increment('auth.error');
+            logger.error('Authentication error', error);
+            if (error.name === 'TokenExpiredError') {
+                return res.status(401).json({
+                    error: 'Token expired',
+                    code: 'TOKEN_EXPIRED'
+                });
+            }
+            if (error.name === 'JsonWebTokenError') {
+                return res.status(401).json({
+                    error: 'Invalid token',
+                    code: 'INVALID_TOKEN'
+                });
+            }
+            res.status(500).json({
+                error: 'Authentication failed',
+                code: 'AUTH_ERROR'
+            });
+        }
+    };
+    /**
+     * WebSocket authentication handler
+     */
+    authenticateWebSocket = async (token) => {
+        try {
+            const decoded = jwt.decode(token, { complete: true });
+            if (!decoded || this.blacklistedTokens.has(token)) {
+                return null;
+            }
+            const signingKey = await this.getSigningKey(decoded.header.kid);
+            const verified = jwt.verify(token, signingKey, {
+                algorithms: ['RS256'],
+                audience: this.config.auth0Audience,
+                issuer: `https://${this.config.auth0Domain}/`
+            });
+            return await this.loadUser(verified.sub);
+        }
+        catch (error) {
+            logger.error('WebSocket authentication failed', error);
+            return null;
+        }
+    };
+    /**
+     * Permission checking middleware
+     */
+    requirePermission = (permission) => {
+        return (req, res, next) => {
+            if (!req.user) {
+                return res.status(401).json({
+                    error: 'Authentication required',
+                    code: 'NOT_AUTHENTICATED'
+                });
+            }
+            if (!req.user.permissions.includes(permission)) {
+                metrics.increment('auth.permission_denied', { permission });
+                return res.status(403).json({
+                    error: 'Insufficient permissions',
+                    code: 'PERMISSION_DENIED',
+                    required: permission
+                });
+            }
+            next();
+        };
+    };
+    /**
+     * Organization access middleware
+     */
+    requireOrganization = (req, res, next) => {
+        const orgId = req.params.orgId || req.query.orgId;
+        if (!req.user || !orgId) {
+            return res.status(401).json({
+                error: 'Authentication required',
+                code: 'NOT_AUTHENTICATED'
+            });
+        }
+        if (!req.user.organizations?.includes(orgId)) {
+            return res.status(403).json({
+                error: 'Organization access denied',
+                code: 'ORG_ACCESS_DENIED'
+            });
+        }
+        next();
+    };
+    extractToken(req) {
+        const authHeader = req.headers.authorization;
+        if (authHeader?.startsWith('Bearer ')) {
+            return authHeader.substring(7);
+        }
+        // Also check cookie for web clients
+        return req.cookies?.access_token || null;
+    }
+    async loadUser(sub) {
+        // Try cache first
+        const cached = await this.redis.get(`user:${sub}`);
+        if (cached) {
+            return JSON.parse(cached);
+        }
+        // Load from database (implement your database logic)
+        // This is a placeholder - implement actual database loading
+        const user = {
+            id: sub,
+            sub,
+            email: `${sub}@example.com`,
+            tier: 'free',
+            permissions: ['read', 'write'],
+            organizations: []
+        };
+        // Cache for 5 minutes
+        await this.redis.setex(`user:${sub}`, 300, JSON.stringify(user));
+        return user;
+    }
+    getMockUser() {
+        return {
+            id: 'mock-user-id',
+            sub: 'mock-sub',
+            email: 'test@example.com',
+            name: 'Test User',
+            tier: 'pro',
+            permissions: ['read', 'write', 'admin'],
+            organizations: ['test-org']
+        };
+    }
+    /**
+     * Revoke a token (add to blacklist)
+     */
+    async revokeToken(token) {
+        this.blacklistedTokens.add(token);
+        await this.redis.publish('token:revoked', token);
+        // Also store in Redis with TTL matching token expiry
+        const decoded = jwt.decode(token);
+        if (decoded?.exp) {
+            const ttl = decoded.exp - Math.floor(Date.now() / 1000);
+            if (ttl > 0) {
+                await this.redis.setex(`blacklist:${token}`, ttl, '1');
+            }
+        }
+    }
+    /**
+     * Cleanup resources
+     */
+    async close() {
+        await this.redis.quit();
+    }
+}
+//# sourceMappingURL=auth-middleware.js.map

package/dist/src/runway/auth/auth-middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-middleware.js","sourceRoot":"","sources":["../../../../src/runway/auth/auth-middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,OAAO,MAAM,UAAU,CAAC;AAE/B,OAAO,EAAE,gBAAgB,EAAkB,MAAM,uBAAuB,CAAC;AACzE,OAAO,KAAK,MAAM,SAAS,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAmBnD,MAAM,OAAO,cAAc;IAOf;IANF,UAAU,CAAqB;IAC/B,KAAK,CAAQ;IACb,YAAY,CAAgC;IAC5C,iBAAiB,GAAgB,IAAI,GAAG,EAAE,CAAC;IAEnD,YACU,MAMP;QANO,WAAM,GAAN,MAAM,CAMb;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC;YACxB,OAAO,EAAE,WAAW,MAAM,CAAC,WAAW,wBAAwB;YAC9D,KAAK,EAAE,IAAI;YACX,WAAW,EAAE,MAAM,EAAE,aAAa;YAClC,SAAS,EAAE,IAAI;YACf,qBAAqB,EAAE,CAAC;SACzB,CAAC,CAAC;QAEH,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAC9B,IAAI,CAAC,uBAAuB,EAAE,CAAC;IACjC,CAAC;IAEO,sBAAsB;QAC5B,4CAA4C;QAC5C,IAAI,CAAC,YAAY,GAAG,IAAI,GAAG,CAAC;YAC1B,CAAC,MAAM,EAAE,IAAI,gBAAgB,CAAC;oBAC5B,WAAW,EAAE,IAAI,CAAC,KAAK;oBACvB,SAAS,EAAE,SAAS;oBACpB,MAAM,EAAE,GAAG,EAAE,WAAW;oBACxB,QAAQ,EAAE,GAAG,EAAE,iBAAiB;oBAChC,aAAa,EAAE,GAAG,CAAC,uBAAuB;iBAC3C,CAAC,CAAC;YACH,CAAC,KAAK,EAAE,IAAI,gBAAgB,CAAC;oBAC3B,WAAW,EAAE,IAAI,CAAC,KAAK;oBACvB,SAAS,EAAE,QAAQ;oBACnB,MAAM,EAAE,IAAI;oBACZ,QAAQ,EAAE,GAAG;oBACb,aAAa,EAAE,GAAG;iBACnB,CAAC,CAAC;YACH,CAAC,YAAY,EAAE,IAAI,gBAAgB,CAAC;oBAClC,WAAW,EAAE,IAAI,CAAC,KAAK;oBACvB,SAAS,EAAE,eAAe;oBAC1B,MAAM,EAAE,KAAK;oBACb,QAAQ,EAAE,GAAG;oBACb,aAAa,EAAE,EAAE;iBAClB,CAAC,CAAC;SACJ,CAAC,CAAC;QAEH,0CAA0C;QAC1C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,gBAAgB,CAAC;YACjD,WAAW,EAAE,IAAI,CAAC,KAAK;YACvB,SAAS,EAAE,SAAS;YACpB,MAAM,EAAE,EAAE,EAAE,wBAAwB;YACpC,QAAQ,EAAE,GAAG;YACb,aAAa,EAAE,IAAI,CAAC,8CAA8C;SACnE,CAAC,CAAC,CAAC;IACN,CAAC;IAEO,uBAAuB;QAC7B,uCAAuC;QACvC,MAAM,UAAU,GAAG,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnD,UAAU,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAEtC,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE;YAC1C,IAAI,OAAO,KAAK,eAAe,EAAE,CAAC;gBAChC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAClC,mCAAmC;gBACnC,IAAI,IAAI,CAAC,iBAAiB,CAAC,IAAI,GAAG,KAAK,EAAE,CAAC;oBACxC,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,CAAC;gBACjC,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,GAAW;QACrC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;gBAC9C,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC;qBAAM,CAAC;oBACN,MAAM,UAAU,GAAG,GAAG,EAAE,YAAY,EAAE,CAAC;oBACvC,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;oBAC5C,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,UAAU,CAAC,CAAC;oBACtB,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,YAAY,GAAG,KAAK,EACzB,GAAgB,EAChB,GAAa,EACb,IAAkB,EACH,EAAE;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,gCAAgC;YAChC,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;gBACtD,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,qBAAqB;YACrB,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;gBACrE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC9B,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,gBAAgB;YAChB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;gBACxC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,yBAAyB;oBAChC,IAAI,EAAE,eAAe;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,kBAAkB;YAClB,IAAI,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtC,OAAO,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;gBAC5C,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,wBAAwB;oBAC/B,IAAI,EAAE,eAAe;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,0BAA0B;YAC1B,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAQ,CAAC;YAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;gBACxC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,sBAAsB;oBAC7B,IAAI,EAAE,eAAe;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,6BAA6B;YAC7B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE;gBAC7C,UAAU,EAAE,CAAC,OAAO,CAAC;gBACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;gBACnC,MAAM,EAAE,WAAW,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG;aAC9C,CAAQ,CAAC;YAEV,mCAAmC;YACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YAC/C,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;gBACzC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,gBAAgB;oBACvB,IAAI,EAAE,gBAAgB;iBACvB,CAAC,CAAC;YACL,CAAC;YAED,wBAAwB;YACxB,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC;gBAC7B,OAAO,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;gBACzC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,mBAAmB;oBAC1B,IAAI,EAAE,mBAAmB;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,sBAAsB;YACtB,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC;YACvF,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACxD,GAAG,CAAC,aAAa,GAAG,YAAY,CAAC;gBAEjC,yBAAyB;gBACzB,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAClE,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,YAAY,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAChF,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YACrG,CAAC;YAAC,OAAO,cAAmB,EAAE,CAAC;gBAC7B,OAAO,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;gBACvC,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACxF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,mBAAmB;oBAC1B,IAAI,EAAE,cAAc;oBACpB,UAAU,EAAE,cAAc,CAAC,YAAY;iBACxC,CAAC,CAAC;YACL,CAAC;YAED,yBAAyB;YACzB,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;YAEhB,gBAAgB;YAChB,OAAO,CAAC,SAAS,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;YAExD,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;gBACvC,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,GAAG,CAAC,IAAI;aACf,CAAC,CAAC;YAEH,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;YAE5C,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACvC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,eAAe;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACvC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,eAAe;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,uBAAuB;gBAC9B,IAAI,EAAE,YAAY;aACnB,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;IAEF;;OAEG;IACI,qBAAqB,GAAG,KAAK,EAAE,KAAa,EAA4B,EAAE;QAC/E,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAQ,CAAC;YAC7D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBAClD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE;gBAC7C,UAAU,EAAE,CAAC,OAAO,CAAC;gBACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;gBACnC,MAAM,EAAE,WAAW,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG;aAC9C,CAAQ,CAAC;YAEV,OAAO,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC,CAAC;IAEF;;OAEG;IACI,iBAAiB,GAAG,CAAC,UAAkB,EAAE,EAAE;QAChD,OAAO,CAAC,GAAgB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC7D,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACd,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,yBAAyB;oBAChC,IAAI,EAAE,mBAAmB;iBAC1B,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,SAAS,CAAC,wBAAwB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;gBAC5D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,KAAK,EAAE,0BAA0B;oBACjC,IAAI,EAAE,mBAAmB;oBACzB,QAAQ,EAAE,UAAU;iBACrB,CAAC,CAAC;YACL,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC,CAAC;IACJ,CAAC,CAAC;IAEF;;OAEG;IACI,mBAAmB,GAAG,CAAC,GAAgB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QACnF,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC;QAElD,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACxB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,KAAK,EAAE,yBAAyB;gBAChC,IAAI,EAAE,mBAAmB;aAC1B,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,KAAe,CAAC,EAAE,CAAC;YACvD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,KAAK,EAAE,4BAA4B;gBACnC,IAAI,EAAE,mBAAmB;aAC1B,CAAC,CAAC;QACL,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;IAEM,YAAY,CAAC,GAAY;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,OAAO,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACjC,CAAC;QAED,oCAAoC;QACpC,OAAO,GAAG,CAAC,OAAO,EAAE,YAAY,IAAI,IAAI,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,GAAW;QAChC,kBAAkB;QAClB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,GAAG,EAAE,CAAC,CAAC;QACnD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;QAED,qDAAqD;QACrD,4DAA4D;QAC5D,MAAM,IAAI,GAAa;YACrB,EAAE,EAAE,GAAG;YACP,GAAG;YACH,KAAK,EAAE,GAAG,GAAG,cAAc;YAC3B,IAAI,EAAE,MAAM;YACZ,WAAW,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;YAC9B,aAAa,EAAE,EAAE;SAClB,CAAC;QAEF,sBAAsB;QACtB,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,GAAG,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QAEjE,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,WAAW;QACjB,OAAO;YACL,EAAE,EAAE,cAAc;YAClB,GAAG,EAAE,UAAU;YACf,KAAK,EAAE,kBAAkB;YACzB,IAAI,EAAE,WAAW;YACjB,IAAI,EAAE,KAAK;YACX,WAAW,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC;YACvC,aAAa,EAAE,CAAC,UAAU,CAAC;SAC5B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CAAC,KAAa;QACpC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;QAEjD,qDAAqD;QACrD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAQ,CAAC;QACzC,IAAI,OAAO,EAAE,GAAG,EAAE,CAAC;YACjB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YACxD,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;gBACZ,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,KAAK;QAChB,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;CACF"}

package/dist/src/runway/server/runway-mcp-server.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Runway MCP Server Implementation
+ * Production-ready MCP server with authentication, WebSocket support, and monitoring
+ */
+export declare class RunwayMCPServer {
+    private config;
+    private app;
+    private httpServer;
+    private wss;
+    private mcpServer;
+    private connections;
+    private auth;
+    private db;
+    private cache;
+    private queue;
+    private monitoring;
+    private circuitBreaker;
+    constructor(config: {
+        port: number;
+        auth0Domain: string;
+        auth0Audience: string;
+        databaseUrl: string;
+        redisUrl: string;
+        environment: 'development' | 'staging' | 'production';
+    });
+    private initializeServices;
+    private setupExpress;
+    private setupRoutes;
+    private createAPIRouter;
+    private setupWebSocket;
+    private handleWebSocketMessage;
+    private setupMCPServer;
+    private registerMCPTools;
+    private setupMCPHandlers;
+    private executeTool;
+    private startHealthChecks;
+    private getHealthStatus;
+    private getAllowedOrigins;
+    private getProjectLimit;
+    private generateRequestId;
+    private generateConnectionId;
+    private findConnectionId;
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}
+//# sourceMappingURL=runway-mcp-server.d.ts.map

package/dist/src/runway/server/runway-mcp-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"runway-mcp-server.d.ts","sourceRoot":"","sources":["../../../../src/runway/server/runway-mcp-server.ts"],"names":[],"mappings":"AAAA;;;GAGG;AA2BH,qBAAa,eAAe;IAcd,OAAO,CAAC,MAAM;IAb1B,OAAO,CAAC,GAAG,CAAc;IACzB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,GAAG,CAAkB;IAC7B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,WAAW,CAAyC;IAE5D,OAAO,CAAC,IAAI,CAAiB;IAC7B,OAAO,CAAC,EAAE,CAAkB;IAC5B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,UAAU,CAAoB;IACtC,OAAO,CAAC,cAAc,CAAiB;gBAEnB,MAAM,EAAE;QAC1B,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,aAAa,GAAG,SAAS,GAAG,YAAY,CAAC;KACvD;IAQD,OAAO,CAAC,kBAAkB;IAsC1B,OAAO,CAAC,YAAY;IAkFpB,OAAO,CAAC,WAAW;IAiBnB,OAAO,CAAC,eAAe;IAgJvB,OAAO,CAAC,cAAc;YAoFR,sBAAsB;IAsDpC,OAAO,CAAC,cAAc;IAgBtB,OAAO,CAAC,gBAAgB;IAmCxB,OAAO,CAAC,gBAAgB;YAmCV,WAAW;IAkBzB,OAAO,CAAC,iBAAiB;YAaX,eAAe;IA0C7B,OAAO,CAAC,iBAAiB;IAYzB,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IAIzB,OAAO,CAAC,oBAAoB;IAI5B,OAAO,CAAC,gBAAgB;IASX,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAatB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAmBnC"}