@structured-world/gitlab-mcp 6.27.0 → 6.28.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/entities/milestones/registry.js +11 -18
- package/dist/src/entities/milestones/registry.js.map +1 -1
- package/dist/src/entities/milestones/schema-readonly.d.ts +4 -8
- package/dist/src/entities/milestones/schema-readonly.js +2 -29
- package/dist/src/entities/milestones/schema-readonly.js.map +1 -1
- package/dist/src/entities/milestones/schema.d.ts +3 -6
- package/dist/src/entities/milestones/schema.js +2 -28
- package/dist/src/entities/milestones/schema.js.map +1 -1
- package/dist/src/middleware/oauth-auth.js +7 -0
- package/dist/src/middleware/oauth-auth.js.map +1 -1
- package/dist/src/middleware/rate-limiter.js +40 -2
- package/dist/src/middleware/rate-limiter.js.map +1 -1
- package/dist/src/oauth/endpoints/authorize.js +21 -24
- package/dist/src/oauth/endpoints/authorize.js.map +1 -1
- package/dist/src/oauth/endpoints/token.js +22 -14
- package/dist/src/oauth/endpoints/token.js.map +1 -1
- package/dist/src/server.js +4 -4
- package/dist/src/server.js.map +1 -1
- package/dist/src/utils/request-logger.d.ts +24 -0
- package/dist/src/utils/request-logger.js +56 -0
- package/dist/src/utils/request-logger.js.map +1 -0
- package/dist/structured-world-gitlab-mcp-6.28.0.tgz +0 -0
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/dist/structured-world-gitlab-mcp-6.27.0.tgz +0 -0
|
@@ -64,28 +64,24 @@ exports.milestonesToolRegistry = new Map([
|
|
|
64
64
|
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones`, { query });
|
|
65
65
|
}
|
|
66
66
|
case "get": {
|
|
67
|
-
|
|
68
|
-
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${milestoneIdentifier}`);
|
|
67
|
+
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${input.milestone_id}`);
|
|
69
68
|
}
|
|
70
69
|
case "issues": {
|
|
71
|
-
const { action: _action, namespace: _namespace, milestone_id,
|
|
72
|
-
const milestoneIdentifier = iid ?? milestone_id;
|
|
70
|
+
const { action: _action, namespace: _namespace, milestone_id, ...rest } = input;
|
|
73
71
|
const query = (0, gitlab_api_1.toQuery)(rest, []);
|
|
74
|
-
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${
|
|
72
|
+
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${milestone_id}/issues`, {
|
|
75
73
|
query,
|
|
76
74
|
});
|
|
77
75
|
}
|
|
78
76
|
case "merge_requests": {
|
|
79
|
-
const { action: _action, namespace: _namespace, milestone_id,
|
|
80
|
-
const milestoneIdentifier = iid ?? milestone_id;
|
|
77
|
+
const { action: _action, namespace: _namespace, milestone_id, ...rest } = input;
|
|
81
78
|
const query = (0, gitlab_api_1.toQuery)(rest, []);
|
|
82
|
-
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${
|
|
79
|
+
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${milestone_id}/merge_requests`, { query });
|
|
83
80
|
}
|
|
84
81
|
case "burndown": {
|
|
85
|
-
const { action: _action, namespace: _namespace, milestone_id,
|
|
86
|
-
const milestoneIdentifier = iid ?? milestone_id;
|
|
82
|
+
const { action: _action, namespace: _namespace, milestone_id, ...rest } = input;
|
|
87
83
|
const query = (0, gitlab_api_1.toQuery)(rest, []);
|
|
88
|
-
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${
|
|
84
|
+
return gitlab_api_1.gitlab.get(`${entityType}/${encodedPath}/milestones/${milestone_id}/burndown_events`, { query });
|
|
89
85
|
}
|
|
90
86
|
default:
|
|
91
87
|
throw new Error(`Unknown action: ${input.action}`);
|
|
@@ -115,24 +111,21 @@ exports.milestonesToolRegistry = new Map([
|
|
|
115
111
|
});
|
|
116
112
|
}
|
|
117
113
|
case "update": {
|
|
118
|
-
const { action: _action, namespace: _namespace, milestone_id,
|
|
119
|
-
|
|
120
|
-
return gitlab_api_1.gitlab.put(`${entityType}/${encodedPath}/milestones/${milestoneIdentifier}`, {
|
|
114
|
+
const { action: _action, namespace: _namespace, milestone_id, ...body } = input;
|
|
115
|
+
return gitlab_api_1.gitlab.put(`${entityType}/${encodedPath}/milestones/${milestone_id}`, {
|
|
121
116
|
body,
|
|
122
117
|
contentType: "json",
|
|
123
118
|
});
|
|
124
119
|
}
|
|
125
120
|
case "delete": {
|
|
126
|
-
|
|
127
|
-
await gitlab_api_1.gitlab.delete(`${entityType}/${encodedPath}/milestones/${milestoneIdentifier}`);
|
|
121
|
+
await gitlab_api_1.gitlab.delete(`${entityType}/${encodedPath}/milestones/${input.milestone_id}`);
|
|
128
122
|
return { deleted: true };
|
|
129
123
|
}
|
|
130
124
|
case "promote": {
|
|
131
125
|
if (entityType !== "projects") {
|
|
132
126
|
throw new Error("Milestone promotion is only available for projects, not groups");
|
|
133
127
|
}
|
|
134
|
-
|
|
135
|
-
return gitlab_api_1.gitlab.post(`projects/${encodedPath}/milestones/${milestoneIdentifier}/promote`);
|
|
128
|
+
return gitlab_api_1.gitlab.post(`projects/${encodedPath}/milestones/${input.milestone_id}/promote`);
|
|
136
129
|
}
|
|
137
130
|
default:
|
|
138
131
|
throw new Error(`Unknown action: ${input.action}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../../../src/entities/milestones/registry.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../../../src/entities/milestones/registry.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiKA,wEAEC;AAKD,oEAEC;AAKD,gEAUC;AAzLD,uCAAyB;AACzB,uDAA2D;AAC3D,qCAAiD;AACjD,uDAAyD;AACzD,qDAA+D;AAG/D,yCAA8C;AAQjC,QAAA,sBAAsB,GAAiB,IAAI,GAAG,CAAiC;IAK1F;QACE,mBAAmB;QACnB;YACE,IAAI,EAAE,mBAAmB;YACzB,WAAW,EACT,yNAAyN;YAC3N,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,wCAAsB,CAAC;YACnD,IAAI,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,YAAY,EAAE,IAAI,EAAE;YACrD,OAAO,EAAE,KAAK,EAAE,IAAa,EAAE,EAAE;gBAC/B,MAAM,KAAK,GAAG,wCAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAGjD,IAAI,IAAA,uBAAc,EAAC,mBAAmB,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,WAAW,KAAK,CAAC,MAAM,6CAA6C,CAAC,CAAC;gBACxF,CAAC;gBAED,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,kCAAsB,EAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAElF,QAAQ,KAAK,CAAC,MAAM,EAAE,CAAC;oBACrB,KAAK,MAAM,CAAC,CAAC,CAAC;wBACZ,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAClE,MAAM,KAAK,GAAG,IAAA,oBAAO,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAEhC,OAAO,mBAAM,CAAC,GAAG,CAAC,GAAG,UAAU,IAAI,WAAW,aAAa,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;oBAC1E,CAAC;oBAED,KAAK,KAAK,CAAC,CAAC,CAAC;wBAEX,OAAO,mBAAM,CAAC,GAAG,CAAC,GAAG,UAAU,IAAI,WAAW,eAAe,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;oBACrF,CAAC;oBAED,KAAK,QAAQ,CAAC,CAAC,CAAC;wBAEd,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAChF,MAAM,KAAK,GAAG,IAAA,oBAAO,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAEhC,OAAO,mBAAM,CAAC,GAAG,CAAC,GAAG,UAAU,IAAI,WAAW,eAAe,YAAY,SAAS,EAAE;4BAClF,KAAK;yBACN,CAAC,CAAC;oBACL,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBAEtB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAChF,MAAM,KAAK,GAAG,IAAA,oBAAO,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAEhC,OAAO,mBAAM,CAAC,GAAG,CACf,GAAG,UAAU,IAAI,WAAW,eAAe,YAAY,iBAAiB,EACxE,EAAE,KAAK,EAAE,CACV,CAAC;oBACJ,CAAC;oBAED,KAAK,UAAU,CAAC,CAAC,CAAC;wBAEhB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAChF,MAAM,KAAK,GAAG,IAAA,oBAAO,EAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAEhC,OAAO,mBAAM,CAAC,GAAG,CACf,GAAG,UAAU,IAAI,WAAW,eAAe,YAAY,kBAAkB,EACzE,EAAE,KAAK,EAAE,CACV,CAAC;oBACJ,CAAC;oBAGD;wBACE,MAAM,IAAI,KAAK,CAAC,mBAAoB,KAA4B,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;SACF;KACF;IAMD;QACE,kBAAkB;QAClB;YACE,IAAI,EAAE,kBAAkB;YACxB,WAAW,EACT,oLAAoL;YACtL,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,8BAAqB,CAAC;YAClD,IAAI,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,YAAY,EAAE,IAAI,EAAE;YACrD,OAAO,EAAE,KAAK,EAAE,IAAa,EAAE,EAAE;gBAC/B,MAAM,KAAK,GAAG,8BAAqB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAGhD,IAAI,IAAA,uBAAc,EAAC,kBAAkB,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;oBACrD,MAAM,IAAI,KAAK,CAAC,WAAW,KAAK,CAAC,MAAM,4CAA4C,CAAC,CAAC;gBACvF,CAAC;gBAED,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,kCAAsB,EAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAElF,QAAQ,KAAK,CAAC,MAAM,EAAE,CAAC;oBACrB,KAAK,QAAQ,CAAC,CAAC,CAAC;wBAEd,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAElE,OAAO,mBAAM,CAAC,IAAI,CAAC,GAAG,UAAU,IAAI,WAAW,aAAa,EAAE;4BAC5D,IAAI;4BACJ,WAAW,EAAE,MAAM;yBACpB,CAAC,CAAC;oBACL,CAAC;oBAED,KAAK,QAAQ,CAAC,CAAC,CAAC;wBAEd,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;wBAEhF,OAAO,mBAAM,CAAC,GAAG,CAAC,GAAG,UAAU,IAAI,WAAW,eAAe,YAAY,EAAE,EAAE;4BAC3E,IAAI;4BACJ,WAAW,EAAE,MAAM;yBACpB,CAAC,CAAC;oBACL,CAAC;oBAED,KAAK,QAAQ,CAAC,CAAC,CAAC;wBAEd,MAAM,mBAAM,CAAC,MAAM,CAAC,GAAG,UAAU,IAAI,WAAW,eAAe,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;wBACrF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;oBAC3B,CAAC;oBAED,KAAK,SAAS,CAAC,CAAC,CAAC;wBAEf,IAAI,UAAU,KAAK,UAAU,EAAE,CAAC;4BAC9B,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;wBACpF,CAAC;wBAED,OAAO,mBAAM,CAAC,IAAI,CAAC,YAAY,WAAW,eAAe,KAAK,CAAC,YAAY,UAAU,CAAC,CAAC;oBACzF,CAAC;oBAGD;wBACE,MAAM,IAAI,KAAK,CAAC,mBAAoB,KAA4B,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;SACF;KACF;CACF,CAAC,CAAC;AAKH,SAAgB,8BAA8B;IAC5C,OAAO,CAAC,mBAAmB,CAAC,CAAC;AAC/B,CAAC;AAKD,SAAgB,4BAA4B;IAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,8BAAsB,CAAC,MAAM,EAAE,CAAC,CAAC;AACrD,CAAC;AAKD,SAAgB,0BAA0B,CACxC,eAAwB,KAAK;IAE7B,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,aAAa,GAAG,8BAA8B,EAAE,CAAC;QACvD,OAAO,KAAK,CAAC,IAAI,CAAC,8BAAsB,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAC/D,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAClC,CAAC;IACJ,CAAC;IACD,OAAO,4BAA4B,EAAE,CAAC;AACxC,CAAC"}
|
|
@@ -33,29 +33,25 @@ export declare const BrowseMilestonesSchema: z.ZodDiscriminatedUnion<[z.ZodObjec
|
|
|
33
33
|
}, z.core.$strip>, z.ZodObject<{
|
|
34
34
|
action: z.ZodLiteral<"get">;
|
|
35
35
|
namespace: z.ZodString;
|
|
36
|
-
milestone_id: z.
|
|
37
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
36
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
38
37
|
}, z.core.$strip>, z.ZodObject<{
|
|
39
38
|
per_page: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
40
39
|
page: z.ZodOptional<z.ZodNumber>;
|
|
41
40
|
action: z.ZodLiteral<"issues">;
|
|
42
41
|
namespace: z.ZodString;
|
|
43
|
-
milestone_id: z.
|
|
44
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
42
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
45
43
|
}, z.core.$strip>, z.ZodObject<{
|
|
46
44
|
per_page: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
47
45
|
page: z.ZodOptional<z.ZodNumber>;
|
|
48
46
|
action: z.ZodLiteral<"merge_requests">;
|
|
49
47
|
namespace: z.ZodString;
|
|
50
|
-
milestone_id: z.
|
|
51
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
48
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
52
49
|
}, z.core.$strip>, z.ZodObject<{
|
|
53
50
|
per_page: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
|
|
54
51
|
page: z.ZodOptional<z.ZodNumber>;
|
|
55
52
|
action: z.ZodLiteral<"burndown">;
|
|
56
53
|
namespace: z.ZodString;
|
|
57
|
-
milestone_id: z.
|
|
58
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
54
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
59
55
|
}, z.core.$strip>], "action">;
|
|
60
56
|
export type BrowseMilestonesInput = z.infer<typeof BrowseMilestonesSchema>;
|
|
61
57
|
export type GitLabMilestones = z.infer<typeof GitLabMilestonesSchema>;
|
|
@@ -20,23 +20,7 @@ exports.GitLabMilestonesSchema = zod_1.z.object({
|
|
|
20
20
|
web_url: zod_1.z.string().optional(),
|
|
21
21
|
});
|
|
22
22
|
const namespaceField = zod_1.z.string().describe("Namespace path (group or project)");
|
|
23
|
-
const milestoneIdField = utils_1.requiredId
|
|
24
|
-
.optional()
|
|
25
|
-
.describe("Milestone ID (same as IID in GitLab URLs, e.g., '3' from /milestones/3)");
|
|
26
|
-
const milestoneIidField = zod_1.z
|
|
27
|
-
.string()
|
|
28
|
-
.min(1)
|
|
29
|
-
.optional()
|
|
30
|
-
.describe("Milestone IID from URL (e.g., '3' from /milestones/3). Alternative to milestone_id.");
|
|
31
|
-
const requireMilestoneIdentifier = (data, ctx) => {
|
|
32
|
-
if (data.milestone_id === undefined && data.iid === undefined) {
|
|
33
|
-
ctx.addIssue({
|
|
34
|
-
code: zod_1.z.ZodIssueCode.custom,
|
|
35
|
-
message: "Either 'milestone_id' or 'iid' must be provided",
|
|
36
|
-
path: ["milestone_id"],
|
|
37
|
-
});
|
|
38
|
-
}
|
|
39
|
-
};
|
|
23
|
+
const milestoneIdField = utils_1.requiredId.describe("The ID of a project or group milestone. Required for 'get', 'issues', 'merge_requests', 'burndown' action(s).");
|
|
40
24
|
const ListMilestonesSchema = zod_1.z.object({
|
|
41
25
|
action: zod_1.z.literal("list").describe("List milestones with optional filtering"),
|
|
42
26
|
namespace: namespaceField,
|
|
@@ -68,41 +52,30 @@ const GetMilestoneSchema = zod_1.z.object({
|
|
|
68
52
|
action: zod_1.z.literal("get").describe("Get a single milestone by ID"),
|
|
69
53
|
namespace: namespaceField,
|
|
70
54
|
milestone_id: milestoneIdField,
|
|
71
|
-
iid: milestoneIidField,
|
|
72
55
|
});
|
|
73
56
|
const MilestoneIssuesSchema = zod_1.z.object({
|
|
74
57
|
action: zod_1.z.literal("issues").describe("List issues assigned to a milestone"),
|
|
75
58
|
namespace: namespaceField,
|
|
76
59
|
milestone_id: milestoneIdField,
|
|
77
|
-
iid: milestoneIidField,
|
|
78
60
|
...(0, utils_1.paginationFields)(),
|
|
79
61
|
});
|
|
80
62
|
const MilestoneMergeRequestsSchema = zod_1.z.object({
|
|
81
63
|
action: zod_1.z.literal("merge_requests").describe("List merge requests assigned to a milestone"),
|
|
82
64
|
namespace: namespaceField,
|
|
83
65
|
milestone_id: milestoneIdField,
|
|
84
|
-
iid: milestoneIidField,
|
|
85
66
|
...(0, utils_1.paginationFields)(),
|
|
86
67
|
});
|
|
87
68
|
const MilestoneBurndownSchema = zod_1.z.object({
|
|
88
69
|
action: zod_1.z.literal("burndown").describe("Get burndown chart data for a milestone"),
|
|
89
70
|
namespace: namespaceField,
|
|
90
71
|
milestone_id: milestoneIdField,
|
|
91
|
-
iid: milestoneIidField,
|
|
92
72
|
...(0, utils_1.paginationFields)(),
|
|
93
73
|
});
|
|
94
|
-
|
|
74
|
+
exports.BrowseMilestonesSchema = zod_1.z.discriminatedUnion("action", [
|
|
95
75
|
ListMilestonesSchema,
|
|
96
76
|
GetMilestoneSchema,
|
|
97
77
|
MilestoneIssuesSchema,
|
|
98
78
|
MilestoneMergeRequestsSchema,
|
|
99
79
|
MilestoneBurndownSchema,
|
|
100
80
|
]);
|
|
101
|
-
exports.BrowseMilestonesSchema = BrowseMilestonesBaseSchema.superRefine((data, ctx) => {
|
|
102
|
-
const actionsRequiringMilestone = ["get", "issues", "merge_requests", "burndown"];
|
|
103
|
-
if (actionsRequiringMilestone.includes(data.action)) {
|
|
104
|
-
const dataWithIds = data;
|
|
105
|
-
requireMilestoneIdentifier(dataWithIds, ctx);
|
|
106
|
-
}
|
|
107
|
-
});
|
|
108
81
|
//# sourceMappingURL=schema-readonly.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema-readonly.js","sourceRoot":"","sources":["../../../../src/entities/milestones/schema-readonly.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,sCAAkD;AAIzC,sGAJA,8BAAqB,OAIA;AAH9B,oCAAyE;AAM5D,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,EAAE,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IACrB,GAAG,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IACtB,UAAU,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IAC7B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE;IACtB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE;IACtB,OAAO,EAAE,uBAAe;IACxB,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAUH,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"schema-readonly.js","sourceRoot":"","sources":["../../../../src/entities/milestones/schema-readonly.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,sCAAkD;AAIzC,sGAJA,8BAAqB,OAIA;AAH9B,oCAAyE;AAM5D,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC7C,EAAE,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IACrB,GAAG,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IACtB,UAAU,EAAE,OAAC,CAAC,MAAM,CAAC,MAAM,EAAE;IAC7B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE;IACjB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE;IACtB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE;IACtB,OAAO,EAAE,uBAAe;IACxB,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAUH,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,CAAC;AAOhF,MAAM,gBAAgB,GAAG,kBAAU,CAAC,QAAQ,CAC1C,+GAA+G,CAChH,CAAC;AAGF,MAAM,oBAAoB,GAAG,OAAC,CAAC,MAAM,CAAC;IACpC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IAC7E,SAAS,EAAE,cAAc;IACzB,IAAI,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iDAAiD,CAAC;IAChG,KAAK,EAAE,OAAC;SACL,IAAI,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC1B,QAAQ,EAAE;SACV,QAAQ,CAAC,yCAAyC,CAAC;IACtD,KAAK,EAAE,OAAC;SACL,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;IAC/E,MAAM,EAAE,OAAC;SACN,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,iFAAiF,CAAC;IAC9F,iBAAiB,EAAE,uBAAe,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC;IACjF,cAAc,EAAE,OAAC;SACd,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,uEAAuE,CAAC;IACpF,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,sEAAsE,CAAC;IACnF,GAAG,IAAA,wBAAgB,GAAE;CACtB,CAAC,CAAC;AAGH,MAAM,kBAAkB,GAAG,OAAC,CAAC,MAAM,CAAC;IAClC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,8BAA8B,CAAC;IACjE,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;CAC/B,CAAC,CAAC;AAGH,MAAM,qBAAqB,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAC3E,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;IAC9B,GAAG,IAAA,wBAAgB,GAAE;CACtB,CAAC,CAAC;AAGH,MAAM,4BAA4B,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5C,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,6CAA6C,CAAC;IAC3F,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;IAC9B,GAAG,IAAA,wBAAgB,GAAE;CACtB,CAAC,CAAC;AAGH,MAAM,uBAAuB,GAAG,OAAC,CAAC,MAAM,CAAC;IACvC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IACjF,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;IAC9B,GAAG,IAAA,wBAAgB,GAAE;CACtB,CAAC,CAAC;AAGU,QAAA,sBAAsB,GAAG,OAAC,CAAC,kBAAkB,CAAC,QAAQ,EAAE;IACnE,oBAAoB;IACpB,kBAAkB;IAClB,qBAAqB;IACrB,4BAA4B;IAC5B,uBAAuB;CACxB,CAAC,CAAC"}
|
|
@@ -9,8 +9,7 @@ export declare const ManageMilestoneSchema: z.ZodDiscriminatedUnion<[z.ZodObject
|
|
|
9
9
|
}, z.core.$strip>, z.ZodObject<{
|
|
10
10
|
action: z.ZodLiteral<"update">;
|
|
11
11
|
namespace: z.ZodString;
|
|
12
|
-
milestone_id: z.
|
|
13
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
12
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
14
13
|
title: z.ZodOptional<z.ZodString>;
|
|
15
14
|
description: z.ZodOptional<z.ZodString>;
|
|
16
15
|
due_date: z.ZodOptional<z.ZodString>;
|
|
@@ -22,12 +21,10 @@ export declare const ManageMilestoneSchema: z.ZodDiscriminatedUnion<[z.ZodObject
|
|
|
22
21
|
}, z.core.$strip>, z.ZodObject<{
|
|
23
22
|
action: z.ZodLiteral<"delete">;
|
|
24
23
|
namespace: z.ZodString;
|
|
25
|
-
milestone_id: z.
|
|
26
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
24
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
27
25
|
}, z.core.$strip>, z.ZodObject<{
|
|
28
26
|
action: z.ZodLiteral<"promote">;
|
|
29
27
|
namespace: z.ZodString;
|
|
30
|
-
milestone_id: z.
|
|
31
|
-
iid: z.ZodOptional<z.ZodString>;
|
|
28
|
+
milestone_id: z.ZodPipe<z.ZodTransform<{}, unknown>, z.ZodCoercedString<unknown>>;
|
|
32
29
|
}, z.core.$strip>], "action">;
|
|
33
30
|
export type ManageMilestoneInput = z.infer<typeof ManageMilestoneSchema>;
|
|
@@ -4,23 +4,7 @@ exports.ManageMilestoneSchema = void 0;
|
|
|
4
4
|
const zod_1 = require("zod");
|
|
5
5
|
const utils_1 = require("../utils");
|
|
6
6
|
const namespaceField = zod_1.z.string().describe("Namespace path (group or project)");
|
|
7
|
-
const milestoneIdField = utils_1.requiredId
|
|
8
|
-
.optional()
|
|
9
|
-
.describe("Milestone ID (same as IID in GitLab URLs, e.g., '3' from /milestones/3)");
|
|
10
|
-
const milestoneIidField = zod_1.z
|
|
11
|
-
.string()
|
|
12
|
-
.min(1)
|
|
13
|
-
.optional()
|
|
14
|
-
.describe("Milestone IID from URL (e.g., '3' from /milestones/3). Alternative to milestone_id.");
|
|
15
|
-
const requireMilestoneIdentifier = (data, ctx) => {
|
|
16
|
-
if (data.milestone_id === undefined && data.iid === undefined) {
|
|
17
|
-
ctx.addIssue({
|
|
18
|
-
code: zod_1.z.ZodIssueCode.custom,
|
|
19
|
-
message: "Either 'milestone_id' or 'iid' must be provided",
|
|
20
|
-
path: ["milestone_id"],
|
|
21
|
-
});
|
|
22
|
-
}
|
|
23
|
-
};
|
|
7
|
+
const milestoneIdField = utils_1.requiredId.describe("The ID of a project or group milestone. Required for 'update', 'delete', 'promote' action(s).");
|
|
24
8
|
const CreateMilestoneSchema = zod_1.z.object({
|
|
25
9
|
action: zod_1.z.literal("create"),
|
|
26
10
|
namespace: namespaceField,
|
|
@@ -33,7 +17,6 @@ const UpdateMilestoneSchema = zod_1.z.object({
|
|
|
33
17
|
action: zod_1.z.literal("update"),
|
|
34
18
|
namespace: namespaceField,
|
|
35
19
|
milestone_id: milestoneIdField,
|
|
36
|
-
iid: milestoneIidField,
|
|
37
20
|
title: zod_1.z.string().optional().describe("The new title of the milestone"),
|
|
38
21
|
description: zod_1.z.string().optional().describe("The new description of the milestone"),
|
|
39
22
|
due_date: zod_1.z.string().optional().describe("The due date of the milestone (YYYY-MM-DD)"),
|
|
@@ -49,25 +32,16 @@ const DeleteMilestoneSchema = zod_1.z.object({
|
|
|
49
32
|
action: zod_1.z.literal("delete"),
|
|
50
33
|
namespace: namespaceField,
|
|
51
34
|
milestone_id: milestoneIdField,
|
|
52
|
-
iid: milestoneIidField,
|
|
53
35
|
});
|
|
54
36
|
const PromoteMilestoneSchema = zod_1.z.object({
|
|
55
37
|
action: zod_1.z.literal("promote"),
|
|
56
38
|
namespace: namespaceField,
|
|
57
39
|
milestone_id: milestoneIdField,
|
|
58
|
-
iid: milestoneIidField,
|
|
59
40
|
});
|
|
60
|
-
|
|
41
|
+
exports.ManageMilestoneSchema = zod_1.z.discriminatedUnion("action", [
|
|
61
42
|
CreateMilestoneSchema,
|
|
62
43
|
UpdateMilestoneSchema,
|
|
63
44
|
DeleteMilestoneSchema,
|
|
64
45
|
PromoteMilestoneSchema,
|
|
65
46
|
]);
|
|
66
|
-
exports.ManageMilestoneSchema = ManageMilestoneBaseSchema.superRefine((data, ctx) => {
|
|
67
|
-
const actionsRequiringMilestone = ["update", "delete", "promote"];
|
|
68
|
-
if (actionsRequiringMilestone.includes(data.action)) {
|
|
69
|
-
const dataWithIds = data;
|
|
70
|
-
requireMilestoneIdentifier(dataWithIds, ctx);
|
|
71
|
-
}
|
|
72
|
-
});
|
|
73
47
|
//# sourceMappingURL=schema.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../../src/entities/milestones/schema.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,oCAAsC;AAetC,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../../src/entities/milestones/schema.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,oCAAsC;AAetC,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC,CAAC;AAOhF,MAAM,gBAAgB,GAAG,kBAAU,CAAC,QAAQ,CAC1C,+FAA+F,CAChG,CAAC;AAGF,MAAM,qBAAqB,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC3B,SAAS,EAAE,cAAc;IACzB,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC;IACxD,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kCAAkC,CAAC;IAC/E,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACtF,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;CAC3F,CAAC,CAAC;AAGH,MAAM,qBAAqB,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC3B,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;IAC9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IACvE,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;IACnF,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACtF,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;IAC1F,WAAW,EAAE,OAAC;SACX,MAAM,EAAE;SACR,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;SACnC,IAAI,CAAC,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;SACnC,QAAQ,EAAE;SACV,QAAQ,CAAC,6CAA6C,CAAC;CAC3D,CAAC,CAAC;AAGH,MAAM,qBAAqB,GAAG,OAAC,CAAC,MAAM,CAAC;IACrC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC3B,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;CAC/B,CAAC,CAAC;AAGH,MAAM,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IACtC,MAAM,EAAE,OAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IAC5B,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,gBAAgB;CAC/B,CAAC,CAAC;AAGU,QAAA,qBAAqB,GAAG,OAAC,CAAC,kBAAkB,CAAC,QAAQ,EAAE;IAClE,qBAAqB;IACrB,qBAAqB;IACrB,qBAAqB;IACrB,sBAAsB;CACvB,CAAC,CAAC"}
|
|
@@ -9,6 +9,7 @@ const token_utils_1 = require("../oauth/token-utils");
|
|
|
9
9
|
const gitlab_device_flow_1 = require("../oauth/gitlab-device-flow");
|
|
10
10
|
const metadata_1 = require("../oauth/endpoints/metadata");
|
|
11
11
|
const logger_1 = require("../logger");
|
|
12
|
+
const request_logger_1 = require("../utils/request-logger");
|
|
12
13
|
async function oauthAuthMiddleware(req, res, next) {
|
|
13
14
|
const config = (0, config_1.loadOAuthConfig)();
|
|
14
15
|
if (!config) {
|
|
@@ -108,6 +109,12 @@ async function optionalOAuthMiddleware(req, res, next) {
|
|
|
108
109
|
next();
|
|
109
110
|
}
|
|
110
111
|
function sendUnauthorized(req, res, error, description) {
|
|
112
|
+
logger_1.logger.warn({
|
|
113
|
+
event: "auth_rejected",
|
|
114
|
+
...(0, request_logger_1.getMinimalRequestContext)(req),
|
|
115
|
+
reason: error,
|
|
116
|
+
description,
|
|
117
|
+
}, "Authentication rejected");
|
|
111
118
|
const response = {
|
|
112
119
|
error,
|
|
113
120
|
error_description: description,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-auth.js","sourceRoot":"","sources":["../../../src/middleware/oauth-auth.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"oauth-auth.js","sourceRoot":"","sources":["../../../src/middleware/oauth-auth.ts"],"names":[],"mappings":";;AAkCA,kDAiHC;AAQD,sDAEC;AAWD,0DA8CC;AAvMD,4CAAkD;AAClD,0DAAsD;AACtD,sDAAiG;AACjG,oEAAiE;AACjE,0DAAyD;AACzD,sCAAmC;AAEnC,4DAAmE;AAY5D,KAAK,UAAU,mBAAmB,CACvC,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,cAAc,EAAE,sBAAsB,CAAC,CAAC;QACnE,OAAO;IACT,CAAC;IAGD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,cAAc,EAAE,8BAA8B,CAAC,CAAC;QAC3E,OAAO;IACT,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,gBAAgB,CACd,GAAG,EACH,GAAG,EACH,cAAc,EACd,+DAA+D,CAChE,CAAC;QACF,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAElC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,cAAc,EAAE,oBAAoB,CAAC,CAAC;QACjE,OAAO;IACT,CAAC;IAGD,MAAM,OAAO,GAAG,IAAA,4BAAc,EAAC,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IAC5D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,6BAA6B,CAAC,CAAC;QAC3E,OAAO;IACT,CAAC;IAGD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC;IAC9B,MAAM,OAAO,GAAG,4BAAY,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAEnD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,8BAA8B,CAAC,CAAC;QAC5E,OAAO;IACT,CAAC;IAGD,IAAI,OAAO,CAAC,cAAc,KAAK,KAAK,EAAE,CAAC;QAErC,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,2BAA2B,CAAC,CAAC;QACzE,OAAO;IACT,CAAC;IAGD,IAAI,IAAA,iCAAmB,EAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACnD,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,IAAA,uCAAkB,EAAC,OAAO,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;YAE/E,4BAAY,CAAC,aAAa,CAAC,SAAS,EAAE;gBACpC,iBAAiB,EAAE,SAAS,CAAC,YAAY;gBACzC,kBAAkB,EAAE,SAAS,CAAC,aAAa;gBAC3C,iBAAiB,EAAE,IAAA,kCAAoB,EAAC,SAAS,CAAC,UAAU,CAAC;aAC9D,CAAC,CAAC;YAEH,eAAM,CAAC,KAAK,CACV,EAAE,SAAS,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,EAAE,EAChD,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,eAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,KAAc,EAAE,EAAE,+CAA+C,CAAC,CAAC;YACvF,gBAAgB,CACd,GAAG,EACH,GAAG,EACH,eAAe,EACf,sDAAsD,CACvD,CAAC;YACF,OAAO;QACT,CAAC;IACH,CAAC;IAGD,MAAM,cAAc,GAAG,4BAAY,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAC1D,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,mCAAmC,CAAC,CAAC;QACjF,OAAO;IACT,CAAC;IAWD,GAAG,CAAC,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC,EAAE,CAAC;IAC9C,GAAG,CAAC,MAAM,CAAC,WAAW,GAAG,cAAc,CAAC,iBAAiB,CAAC;IAC1D,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG,cAAc,CAAC,YAAY,CAAC;IACtD,GAAG,CAAC,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC;IAE1D,eAAM,CAAC,KAAK,CACV,EAAE,SAAS,EAAE,cAAc,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAC5F,mDAAmD,CACpD,CAAC;IAGF,IAAI,EAAE,CAAC;AACT,CAAC;AAQD,SAAgB,qBAAqB;IACnC,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAWM,KAAK,UAAU,uBAAuB,CAC3C,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QAEZ,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IAC7C,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAEvC,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAClC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAGD,MAAM,OAAO,GAAG,IAAA,4BAAc,EAAC,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC;IAC5D,IAAI,CAAC,OAAO,EAAE,CAAC;QAEb,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,4BAAY,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACrD,IAAI,OAAO,EAAE,cAAc,KAAK,KAAK,EAAE,CAAC;QACtC,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAGD,GAAG,CAAC,MAAM,CAAC,cAAc,GAAG,OAAO,CAAC,EAAE,CAAC;IACvC,GAAG,CAAC,MAAM,CAAC,WAAW,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACnD,GAAG,CAAC,MAAM,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IAC/C,GAAG,CAAC,MAAM,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAEnD,IAAI,EAAE,CAAC;AACT,CAAC;AAUD,SAAS,gBAAgB,CAAC,GAAY,EAAE,GAAa,EAAE,KAAa,EAAE,WAAmB;IAEvF,eAAM,CAAC,IAAI,CACT;QACE,KAAK,EAAE,eAAe;QACtB,GAAG,IAAA,yCAAwB,EAAC,GAAG,CAAC;QAChC,MAAM,EAAE,KAAK;QACb,WAAW;KACZ,EACD,yBAAyB,CAC1B,CAAC;IAEF,MAAM,QAAQ,GAAuB;QACnC,KAAK;QACL,iBAAiB,EAAE,WAAW;KAC/B,CAAC;IAGF,MAAM,OAAO,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAIhC,GAAG,CAAC,SAAS,CACX,kBAAkB,EAClB,iDAAiD,OAAO,wCAAwC,CACjG,CAAC;IACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACjC,CAAC"}
|
|
@@ -5,6 +5,7 @@ exports.rateLimiterMiddleware = rateLimiterMiddleware;
|
|
|
5
5
|
exports.getRateLimitStats = getRateLimitStats;
|
|
6
6
|
const config_1 = require("../config");
|
|
7
7
|
const logger_1 = require("../logger");
|
|
8
|
+
const request_logger_1 = require("../utils/request-logger");
|
|
8
9
|
const rateLimitStore = new Map();
|
|
9
10
|
const CLEANUP_INTERVAL_MS = 60000;
|
|
10
11
|
let cleanupInterval = null;
|
|
@@ -65,6 +66,7 @@ function checkRateLimit(key, windowMs, maxRequests) {
|
|
|
65
66
|
remaining: Math.max(0, maxRequests - entry.count),
|
|
66
67
|
resetAt: entry.resetAt,
|
|
67
68
|
total: maxRequests,
|
|
69
|
+
used: entry.count,
|
|
68
70
|
};
|
|
69
71
|
}
|
|
70
72
|
function setRateLimitHeaders(res, info) {
|
|
@@ -89,9 +91,25 @@ function rateLimiterMiddleware() {
|
|
|
89
91
|
const key = `session:${sessionId}`;
|
|
90
92
|
const info = checkRateLimit(key, config_1.RATE_LIMIT_SESSION_WINDOW_MS, config_1.RATE_LIMIT_SESSION_MAX_REQUESTS);
|
|
91
93
|
setRateLimitHeaders(res, info);
|
|
94
|
+
const usagePercent = (info.used / info.total) * 100;
|
|
95
|
+
if (info.allowed && usagePercent >= 80) {
|
|
96
|
+
const rateLimitInfo = (0, request_logger_1.buildRateLimitInfo)("session", sessionId, info.used, info.total, info.resetAt);
|
|
97
|
+
logger_1.logger.debug({
|
|
98
|
+
event: "rate_limit_warning",
|
|
99
|
+
...(0, request_logger_1.getMinimalRequestContext)(req),
|
|
100
|
+
rateLimit: rateLimitInfo,
|
|
101
|
+
}, "Approaching session rate limit threshold");
|
|
102
|
+
}
|
|
92
103
|
if (!info.allowed) {
|
|
93
104
|
const retryAfter = Math.ceil((info.resetAt - Date.now()) / 1000);
|
|
94
|
-
|
|
105
|
+
const rateLimitInfo = (0, request_logger_1.buildRateLimitInfo)("session", sessionId, info.used, info.total, info.resetAt);
|
|
106
|
+
logger_1.logger.warn({
|
|
107
|
+
event: "rate_limit_exceeded",
|
|
108
|
+
...(0, request_logger_1.getMinimalRequestContext)(req),
|
|
109
|
+
rateLimit: rateLimitInfo,
|
|
110
|
+
hasOAuthSession: !!res.locals.oauthSessionId,
|
|
111
|
+
hasMcpSessionHeader: !!req.headers["mcp-session-id"],
|
|
112
|
+
}, "Session rate limit exceeded");
|
|
95
113
|
res.set("Retry-After", retryAfter.toString());
|
|
96
114
|
res.status(429).json({
|
|
97
115
|
error: "Too Many Requests",
|
|
@@ -114,9 +132,29 @@ function rateLimiterMiddleware() {
|
|
|
114
132
|
const key = `ip:${ip}`;
|
|
115
133
|
const info = checkRateLimit(key, config_1.RATE_LIMIT_IP_WINDOW_MS, config_1.RATE_LIMIT_IP_MAX_REQUESTS);
|
|
116
134
|
setRateLimitHeaders(res, info);
|
|
135
|
+
const usagePercent = (info.used / info.total) * 100;
|
|
136
|
+
if (info.allowed && usagePercent >= 80) {
|
|
137
|
+
const rateLimitInfo = (0, request_logger_1.buildRateLimitInfo)("ip", ip, info.used, info.total, info.resetAt);
|
|
138
|
+
logger_1.logger.debug({
|
|
139
|
+
event: "rate_limit_warning",
|
|
140
|
+
...(0, request_logger_1.getMinimalRequestContext)(req),
|
|
141
|
+
rateLimit: rateLimitInfo,
|
|
142
|
+
authClassification: "anonymous",
|
|
143
|
+
authReason: "no OAuth session and no MCP-Session-Id header",
|
|
144
|
+
}, "Approaching IP rate limit threshold");
|
|
145
|
+
}
|
|
117
146
|
if (!info.allowed) {
|
|
118
147
|
const retryAfter = Math.ceil((info.resetAt - Date.now()) / 1000);
|
|
119
|
-
|
|
148
|
+
const rateLimitInfo = (0, request_logger_1.buildRateLimitInfo)("ip", ip, info.used, info.total, info.resetAt);
|
|
149
|
+
const mcpSessionHeader = req.headers["mcp-session-id"];
|
|
150
|
+
logger_1.logger.warn({
|
|
151
|
+
event: "rate_limit_exceeded",
|
|
152
|
+
...(0, request_logger_1.getMinimalRequestContext)(req),
|
|
153
|
+
rateLimit: rateLimitInfo,
|
|
154
|
+
authClassification: "anonymous",
|
|
155
|
+
authReason: "no OAuth session and no MCP-Session-Id header",
|
|
156
|
+
mcpSessionId: (0, request_logger_1.truncateId)(mcpSessionHeader),
|
|
157
|
+
}, "IP rate limit exceeded");
|
|
120
158
|
res.set("Retry-After", retryAfter.toString());
|
|
121
159
|
res.status(429).json({
|
|
122
160
|
error: "Too Many Requests",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../../src/middleware/rate-limiter.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../../src/middleware/rate-limiter.ts"],"names":[],"mappings":";;AAiEA,kCAKC;AA+FD,sDAyJC;AAKD,8CAcC;AApUD,sCAOmB;AACnB,sCAAmC;AACnC,4DAAmG;AAQnG,MAAM,cAAc,GAAG,IAAI,GAAG,EAA0B,CAAC;AAGzD,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAClC,IAAI,eAAe,GAA0C,IAAI,CAAC;AAKlE,SAAS,YAAY;IACnB,IAAI,eAAe;QAAE,OAAO;IAE5B,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,cAAc,CAAC,OAAO,EAAE,EAAE,CAAC;YACpD,IAAI,KAAK,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;gBACzB,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC3B,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAChB,eAAM,CAAC,KAAK,CAAC,iCAAiC,OAAO,kBAAkB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC,EAAE,mBAAmB,CAAC,CAAC;IAGxB,eAAe,CAAC,KAAK,EAAE,CAAC;AAC1B,CAAC;AAKD,SAAgB,WAAW;IACzB,IAAI,eAAe,EAAE,CAAC;QACpB,aAAa,CAAC,eAAe,CAAC,CAAC;QAC/B,eAAe,GAAG,IAAI,CAAC;IACzB,CAAC;AACH,CAAC;AAKD,SAAS,YAAY,CAAC,GAAY;IAChC,OAAO,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;AACzD,CAAC;AAKD,SAAS,eAAe,CAAC,GAAY,EAAE,GAAa;IAElD,MAAM,cAAc,GAAG,GAAG,CAAC,MAAM,CAAC,cAAoC,CAAC;IACvE,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;IACzE,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAKD,SAAS,cAAc,CACrB,GAAW,EACX,QAAgB,EAChB,WAAmB;IAQnB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,KAAK,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAGpC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;QACnC,KAAK,GAAG;YACN,KAAK,EAAE,CAAC;YACR,OAAO,EAAE,GAAG,GAAG,QAAQ;SACxB,CAAC;QACF,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAGD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,GAAG,WAAW,CAAC;IAG1C,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,CAAC,KAAK,EAAE,CAAC;IAChB,CAAC;IAED,OAAO;QACL,OAAO;QACP,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC;QACjD,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,KAAK,EAAE,WAAW;QAClB,IAAI,EAAE,KAAK,CAAC,KAAK;KAClB,CAAC;AACJ,CAAC;AAKD,SAAS,mBAAmB,CAC1B,GAAa,EACb,IAA2D;IAE3D,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;IACpD,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5D,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;AAC1E,CAAC;AAcD,SAAgB,qBAAqB;IAEnC,YAAY,EAAE,CAAC;IAEf,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAE/D,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC3B,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAGD,MAAM,aAAa,GAAG,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAIhD,IAAI,aAAa,EAAE,CAAC;YAElB,IAAI,CAAC,mCAA0B,EAAE,CAAC;gBAChC,IAAI,EAAE,CAAC;gBACP,OAAO;YACT,CAAC;YAGD,MAAM,SAAS,GACZ,GAAG,CAAC,MAAM,CAAC,cAAyB,IAAK,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAY,CAAC;YACrF,MAAM,GAAG,GAAG,WAAW,SAAS,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,cAAc,CACzB,GAAG,EACH,qCAA4B,EAC5B,wCAA+B,CAChC,CAAC;YAEF,mBAAmB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAG/B,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC;YACpD,IAAI,IAAI,CAAC,OAAO,IAAI,YAAY,IAAI,EAAE,EAAE,CAAC;gBACvC,MAAM,aAAa,GAAG,IAAA,mCAAkB,EACtC,SAAS,EACT,SAAS,EACT,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,OAAO,CACb,CAAC;gBACF,eAAM,CAAC,KAAK,CACV;oBACE,KAAK,EAAE,oBAAoB;oBAC3B,GAAG,IAAA,yCAAwB,EAAC,GAAG,CAAC;oBAChC,SAAS,EAAE,aAAa;iBACzB,EACD,0CAA0C,CAC3C,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBACjE,MAAM,aAAa,GAAG,IAAA,mCAAkB,EACtC,SAAS,EACT,SAAS,EACT,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,OAAO,CACb,CAAC;gBAEF,eAAM,CAAC,IAAI,CACT;oBACE,KAAK,EAAE,qBAAqB;oBAC5B,GAAG,IAAA,yCAAwB,EAAC,GAAG,CAAC;oBAChC,SAAS,EAAE,aAAa;oBACxB,eAAe,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,cAAc;oBAC5C,mBAAmB,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC;iBACrD,EACD,6BAA6B,CAC9B,CAAC;gBAEF,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,mBAAmB;oBAC1B,OAAO,EAAE,8DAA8D;oBACvE,UAAU;oBACV,KAAK,EAAE,IAAI,CAAC,KAAK;oBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE;iBAC9C,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAGD,IAAI,CAAC,8BAAqB,EAAE,CAAC;YAC3B,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,MAAM,EAAE,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,EAAE,gCAAuB,EAAE,mCAA0B,CAAC,CAAC;QAEtF,mBAAmB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAG/B,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC;QACpD,IAAI,IAAI,CAAC,OAAO,IAAI,YAAY,IAAI,EAAE,EAAE,CAAC;YACvC,MAAM,aAAa,GAAG,IAAA,mCAAkB,EAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YACxF,eAAM,CAAC,KAAK,CACV;gBACE,KAAK,EAAE,oBAAoB;gBAC3B,GAAG,IAAA,yCAAwB,EAAC,GAAG,CAAC;gBAChC,SAAS,EAAE,aAAa;gBACxB,kBAAkB,EAAE,WAAW;gBAC/B,UAAU,EAAE,+CAA+C;aAC5D,EACD,qCAAqC,CACtC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;YACjE,MAAM,aAAa,GAAG,IAAA,mCAAkB,EAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAGxF,MAAM,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAuB,CAAC;YAE7E,eAAM,CAAC,IAAI,CACT;gBACE,KAAK,EAAE,qBAAqB;gBAC5B,GAAG,IAAA,yCAAwB,EAAC,GAAG,CAAC;gBAChC,SAAS,EAAE,aAAa;gBACxB,kBAAkB,EAAE,WAAW;gBAC/B,UAAU,EAAE,+CAA+C;gBAC3D,YAAY,EAAE,IAAA,2BAAU,EAAC,gBAAgB,CAAC;aAC3C,EACD,wBAAwB,CACzB,CAAC;YAEF,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,mBAAmB;gBAC1B,OAAO,EAAE,sEAAsE;gBAC/E,UAAU;gBACV,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAKD,SAAgB,iBAAiB;IAI/B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;QAC1E,GAAG;QACH,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,OAAO,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;KACjC,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,YAAY,EAAE,cAAc,CAAC,IAAI;QACjC,OAAO;KACR,CAAC;AACJ,CAAC"}
|
|
@@ -8,42 +8,28 @@ const gitlab_device_flow_1 = require("../gitlab-device-flow");
|
|
|
8
8
|
const token_utils_1 = require("../token-utils");
|
|
9
9
|
const metadata_1 = require("./metadata");
|
|
10
10
|
const logger_1 = require("../../logger");
|
|
11
|
+
const request_logger_1 = require("../../utils/request-logger");
|
|
11
12
|
async function authorizeHandler(req, res) {
|
|
12
13
|
const config = (0, config_1.loadOAuthConfig)();
|
|
13
14
|
if (!config) {
|
|
14
|
-
res
|
|
15
|
-
error: "server_error",
|
|
16
|
-
error_description: "OAuth not configured",
|
|
17
|
-
});
|
|
15
|
+
sendError(req, res, 500, "server_error", "OAuth not configured");
|
|
18
16
|
return;
|
|
19
17
|
}
|
|
20
18
|
const { client_id, redirect_uri, response_type, state, code_challenge, code_challenge_method } = req.query;
|
|
21
19
|
if (response_type !== "code") {
|
|
22
|
-
res
|
|
23
|
-
error: "unsupported_response_type",
|
|
24
|
-
error_description: 'Only "code" response type is supported',
|
|
25
|
-
});
|
|
20
|
+
sendError(req, res, 400, "unsupported_response_type", 'Only "code" response type is supported');
|
|
26
21
|
return;
|
|
27
22
|
}
|
|
28
23
|
if (!client_id) {
|
|
29
|
-
res
|
|
30
|
-
error: "invalid_request",
|
|
31
|
-
error_description: "client_id is required",
|
|
32
|
-
});
|
|
24
|
+
sendError(req, res, 400, "invalid_request", "client_id is required");
|
|
33
25
|
return;
|
|
34
26
|
}
|
|
35
27
|
if (!code_challenge) {
|
|
36
|
-
res
|
|
37
|
-
error: "invalid_request",
|
|
38
|
-
error_description: "code_challenge is required (PKCE)",
|
|
39
|
-
});
|
|
28
|
+
sendError(req, res, 400, "invalid_request", "code_challenge is required (PKCE)");
|
|
40
29
|
return;
|
|
41
30
|
}
|
|
42
31
|
if (code_challenge_method !== "S256") {
|
|
43
|
-
res
|
|
44
|
-
error: "invalid_request",
|
|
45
|
-
error_description: 'code_challenge_method must be "S256"',
|
|
46
|
-
});
|
|
32
|
+
sendError(req, res, 400, "invalid_request", 'code_challenge_method must be "S256"');
|
|
47
33
|
return;
|
|
48
34
|
}
|
|
49
35
|
if (redirect_uri) {
|
|
@@ -120,10 +106,7 @@ async function handleDeviceFlow(req, res, config, params) {
|
|
|
120
106
|
}
|
|
121
107
|
catch (error) {
|
|
122
108
|
logger_1.logger.error({ err: error }, "Failed to initiate device flow");
|
|
123
|
-
res
|
|
124
|
-
error: "server_error",
|
|
125
|
-
error_description: "Failed to initiate authentication",
|
|
126
|
-
});
|
|
109
|
+
sendError(req, res, 500, "server_error", "Failed to initiate authentication");
|
|
127
110
|
}
|
|
128
111
|
}
|
|
129
112
|
async function pollHandler(req, res) {
|
|
@@ -212,6 +195,20 @@ async function pollHandler(req, res) {
|
|
|
212
195
|
}
|
|
213
196
|
}
|
|
214
197
|
}
|
|
198
|
+
function sendError(req, res, status, error, description) {
|
|
199
|
+
logger_1.logger.warn({
|
|
200
|
+
event: "oauth_error",
|
|
201
|
+
endpoint: "/authorize",
|
|
202
|
+
ip: (0, request_logger_1.getIpAddress)(req),
|
|
203
|
+
error,
|
|
204
|
+
description,
|
|
205
|
+
}, "OAuth authorize request failed");
|
|
206
|
+
const response = {
|
|
207
|
+
error,
|
|
208
|
+
error_description: description,
|
|
209
|
+
};
|
|
210
|
+
res.status(status).json(response);
|
|
211
|
+
}
|
|
215
212
|
function getDeviceFlowHTML(params) {
|
|
216
213
|
const linkUrl = params.verificationUriComplete ?? params.verificationUri;
|
|
217
214
|
return `<!DOCTYPE html>
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorize.js","sourceRoot":"","sources":["../../../../src/oauth/endpoints/authorize.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"authorize.js","sourceRoot":"","sources":["../../../../src/oauth/endpoints/authorize.ts"],"names":[],"mappings":";;AA+DA,4CAoDC;AA+HD,kCAiHC;AApVD,sCAA4C;AAC5C,oDAAgD;AAChD,8DAK+B;AAC/B,gDAKwB;AACxB,yCAAwC;AACxC,yCAAsC;AAEtC,+DAA0D;AA+BnD,KAAK,UAAU,gBAAgB,CAAC,GAAY,EAAE,GAAa;IAChE,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,cAAc,EAAE,sBAAsB,CAAC,CAAC;QACjE,OAAO;IACT,CAAC;IAGD,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,KAAK,EAAE,cAAc,EAAE,qBAAqB,EAAE,GAC5F,GAAG,CAAC,KAA2C,CAAC;IAGlD,IAAI,aAAa,KAAK,MAAM,EAAE,CAAC;QAC7B,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,2BAA2B,EAAE,wCAAwC,CAAC,CAAC;QAChG,OAAO;IACT,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,iBAAiB,EAAE,uBAAuB,CAAC,CAAC;QACrE,OAAO;IACT,CAAC;IAGD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,iBAAiB,EAAE,mCAAmC,CAAC,CAAC;QACjF,OAAO;IACT,CAAC;IAED,IAAI,qBAAqB,KAAK,MAAM,EAAE,CAAC;QACrC,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,iBAAiB,EAAE,sCAAsC,CAAC,CAAC;QACpF,OAAO;IACT,CAAC;IAGD,IAAI,YAAY,EAAE,CAAC;QAEjB,MAAM,2BAA2B,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE;YAClD,QAAQ,EAAE,SAAS;YACnB,WAAW,EAAE,YAAY;YACzB,KAAK,EAAE,KAAK,IAAI,EAAE;YAClB,aAAa,EAAE,cAAc;YAC7B,mBAAmB,EAAE,qBAAqB;SAC3C,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QAEN,MAAM,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE;YACvC,QAAQ,EAAE,SAAS;YACnB,KAAK,EAAE,KAAK,IAAI,EAAE;YAClB,aAAa,EAAE,cAAc;YAC7B,mBAAmB,EAAE,qBAAqB;SAC3C,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAQD,KAAK,UAAU,2BAA2B,CACxC,GAAY,EACZ,GAAa,EACb,MAAmD,EACnD,MAMC;IAED,MAAM,OAAO,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;IAChC,MAAM,WAAW,GAAG,GAAG,OAAO,iBAAiB,CAAC;IAGhD,MAAM,aAAa,GAAG,IAAA,kCAAoB,EAAC,EAAE,CAAC,CAAC;IAG/C,4BAAY,CAAC,iBAAiB,CAAC,aAAa,EAAE;QAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;QAC/C,WAAW,EAAE,MAAM,CAAC,KAAK;QACzB,aAAa,EAAE,aAAa;QAC5B,iBAAiB,EAAE,MAAM,CAAC,WAAW;QACrC,WAAW,EAAE,WAAW;QACxB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;KACvC,CAAC,CAAC;IAGH,MAAM,aAAa,GAAG,IAAA,uCAAkB,EAAC,MAAM,EAAE,WAAW,EAAE,aAAa,CAAC,CAAC;IAE7E,eAAM,CAAC,IAAI,CACT;QACE,aAAa,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK;QACpD,iBAAiB,EAAE,MAAM,CAAC,WAAW;KACtC,EACD,0DAA0D,CAC3D,CAAC;IAGF,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;AAC9B,CAAC;AAOD,KAAK,UAAU,gBAAgB,CAC7B,GAAY,EACZ,GAAa,EACb,MAAmD,EACnD,MAKC;IAED,IAAI,CAAC;QAEH,MAAM,cAAc,GAAG,MAAM,IAAA,uCAAkB,EAAC,MAAM,CAAC,CAAC;QAGxD,MAAM,SAAS,GAAG,IAAA,kCAAoB,EAAC,EAAE,CAAC,CAAC;QAG3C,4BAAY,CAAC,eAAe,CAAC,SAAS,EAAE;YACtC,UAAU,EAAE,cAAc,CAAC,WAAW;YACtC,QAAQ,EAAE,cAAc,CAAC,SAAS;YAClC,eAAe,EAAE,cAAc,CAAC,gBAAgB;YAChD,uBAAuB,EAAE,cAAc,CAAC,yBAAyB;YACjE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAC,UAAU,GAAG,IAAI;YACxD,QAAQ,EAAE,cAAc,CAAC,QAAQ;YACjC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;YAC/C,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,WAAW,EAAE,SAAS;SACvB,CAAC,CAAC;QAEH,eAAM,CAAC,IAAI,CACT;YACE,SAAS,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK;YAC5C,QAAQ,EAAE,cAAc,CAAC,SAAS;SACnC,EACD,yCAAyC,CAC1C,CAAC;QAGF,MAAM,OAAO,GAAG,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAC;QAChC,MAAM,IAAI,GAAG,iBAAiB,CAAC;YAC7B,QAAQ,EAAE,cAAc,CAAC,SAAS;YAClC,eAAe,EAAE,cAAc,CAAC,gBAAgB;YAChD,uBAAuB,EAAE,cAAc,CAAC,yBAAyB;YACjE,SAAS;YACT,OAAO,EAAE,GAAG,OAAO,aAAa;YAChC,SAAS,EAAE,cAAc,CAAC,UAAU;SACrC,CAAC,CAAC;QAEH,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;QAC3C,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,eAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,KAAc,EAAE,EAAE,gCAAgC,CAAC,CAAC;QACxE,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,cAAc,EAAE,mCAAmC,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAWM,KAAK,UAAU,WAAW,CAAC,GAAY,EAAE,GAAa;IAC3D,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAA4B,CAAC,CAAC;QAC1E,OAAO;IACT,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,KAAgC,CAAC;IAE5D,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,GAAG;aACA,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,oBAAoB,EAA4B,CAAC,CAAC;QACrF,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,4BAAY,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAA4B,CAAC,CAAC;QAC/F,OAAO;IACT,CAAC;IAGD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,4BAAY,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC1C,GAAG;aACA,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAA4B,CAAC,CAAC;QACvF,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QAEH,MAAM,aAAa,GAAG,MAAM,IAAA,uCAAkB,EAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAExE,IAAI,aAAa,EAAE,CAAC;YAElB,MAAM,QAAQ,GAAG,MAAM,IAAA,kCAAa,EAAC,aAAa,CAAC,YAAY,CAAC,CAAC;YAEjE,MAAM,SAAS,GAAG,IAAA,+BAAiB,GAAE,CAAC;YACtC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAGvB,MAAM,QAAQ,GAAG,IAAA,uCAAyB,GAAE,CAAC;YAG7C,4BAAY,CAAC,aAAa,CAAC;gBACzB,IAAI,EAAE,QAAQ;gBACd,SAAS;gBACT,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,aAAa,EAAE,IAAI,CAAC,aAAa;gBACjC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;aAChC,CAAC,CAAC;YAIH,4BAAY,CAAC,aAAa,CAAC;gBACzB,EAAE,EAAE,SAAS;gBACb,cAAc,EAAE,EAAE;gBAClB,eAAe,EAAE,EAAE;gBACnB,cAAc,EAAE,CAAC;gBACjB,iBAAiB,EAAE,aAAa,CAAC,YAAY;gBAC7C,kBAAkB,EAAE,aAAa,CAAC,aAAa;gBAC/C,iBAAiB,EAAE,IAAA,kCAAoB,EAAC,aAAa,CAAC,UAAU,CAAC;gBACjE,YAAY,EAAE,QAAQ,CAAC,EAAE;gBACzB,cAAc,EAAE,QAAQ,CAAC,QAAQ;gBACjC,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,MAAM,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;gBACtC,SAAS,EAAE,GAAG;gBACd,SAAS,EAAE,GAAG;aACf,CAAC,CAAC;YAGH,4BAAY,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAE1C,eAAM,CAAC,IAAI,CACT;gBACE,SAAS,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK;gBAC5C,MAAM,EAAE,QAAQ,CAAC,EAAE;gBACnB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC5B,EACD,qCAAqC,CACtC,CAAC;YAGF,MAAM,QAAQ,GAA2B;gBACvC,MAAM,EAAE,UAAU;gBAClB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,IAAI,EAAE,QAAQ;gBACd,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aAC3C,CAAC;YAEF,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YAEN,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAA4B,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;QAGzE,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7F,4BAAY,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAA4B,CAAC,CAAC;QAC3E,CAAC;aAAM,CAAC;YAEN,eAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAc,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAC/D,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAA4B,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;AACH,CAAC;AAmBD,SAAS,SAAS,CAChB,GAAY,EACZ,GAAa,EACb,MAAc,EACd,KAAa,EACb,WAAmB;IAGnB,eAAM,CAAC,IAAI,CACT;QACE,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,IAAA,6BAAY,EAAC,GAAG,CAAC;QACrB,KAAK;QACL,WAAW;KACZ,EACD,gCAAgC,CACjC,CAAC;IAEF,MAAM,QAAQ,GAAuB;QACnC,KAAK;QACL,iBAAiB,EAAE,WAAW;KAC/B,CAAC;IACF,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,iBAAiB,CAAC,MAA4B;IACrD,MAAM,OAAO,GAAG,MAAM,CAAC,uBAAuB,IAAI,MAAM,CAAC,eAAe,CAAC;IAEzE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAwIiB,MAAM,CAAC,QAAQ;;;;iBAIxB,OAAO;;;;;;;;;;;;;;;;;;;;;6CAqBqB,MAAM,CAAC,SAAS;;;;;uBAKtC,MAAM,CAAC,OAAO,eAAe,MAAM,CAAC,SAAS;;sBAE9C,MAAM,CAAC,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAmE9B,CAAC;AACT,CAAC"}
|