@super_studio/ecforce-ai-agent-server 0.2.0-canary.4 → 1.0.0-canary.7

package/dist/lib/jwt.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/lib/jwt.ts"],"names":[],"mappings":"AAAA;;GAEG;AAkBH,4EAA4E;AAC5E,wBAAsB,MAAM,CAAC,OAAO,GAAG,MAAM,EAC3C,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,mBAqBjC;AAED,qCAAqC;AACrC,wBAAsB,MAAM,CAAC,OAAO,GAAG,MAAM,EAC3C,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAqCzB;AA2BD,MAAM,WAAW,eAAe,CAAC,OAAO,GAAG,MAAM;IAC/C;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,mFAAmF;IACnF,IAAI,EAAE,MAAM,CAAC;IACb,iFAAiF;IACjF,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,uBAAuB;IACvB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,mFAAmF;IACnF,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;OAOG;IACH,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,2CAA2C;IAC3C,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}

package/dist/mcp-auth.d.ts

@@ -1,35 +0,0 @@
-/**
- * 共通のMCPトークンのペイロード。
- * すべてのapps(cdp, ma, bi)はこのトークンの形になります。
- */
-export type MCPTokenPayload = {
-    source: string;
-    user: {
-        id: string;
-        name: string;
-        email: string;
-        projectId: string;
-    };
-};
-/**
- * Uses Auth.js JWT encoding/decoding.
- * @see https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/jwt.ts
- */
-export declare function createMCPToken(payload: MCPTokenPayload, options?: {
-    secret?: string;
-    salt?: string;
-    maxAge?: number;
-}): Promise<{
-    token: string;
-    expiresAt: Date;
-}>;
-/**
- * Uses Auth.js JWT encoding/decoding.
- * @see https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/jwt.ts
- */
-export declare function decodeMCPToken(token: string, options?: {
-    secret?: string;
-    salt?: string;
-}): Promise<MCPTokenPayload>;
-export declare function getMcpToken(req: Request): string;
-//# sourceMappingURL=mcp-auth.d.ts.map

package/dist/mcp-auth.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"mcp-auth.d.ts","sourceRoot":"","sources":["../src/mcp-auth.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE;QACJ,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH,CAAC;AAKF;;;GAGG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE;IACR,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;;;GAkBF;AAED;;;GAGG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;IACR,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,GACA,OAAO,CAAC,eAAe,CAAC,CAe1B;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,OAAO,UAMvC"}

package/dist/mcp-auth.js

@@ -1,136 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});require('./chunk-ORMEWXMH.js');
-
-// src/lib/jwt.ts
-var _hkdf = require('@panva/hkdf');
-
-
-
-
-
-var _jose = require('jose');
-var DEFAULT_MAX_AGE = 30 * 24 * 60 * 60;
-var now = () => Date.now() / 1e3 | 0;
-var alg = "dir";
-var enc = "A256CBC-HS512";
-async function encode(params) {
-  const { token = {}, secret, maxAge = DEFAULT_MAX_AGE, salt } = params;
-  const secrets = Array.isArray(secret) ? secret : [secret];
-  const encryptionSecret = await getDerivedEncryptionKey(
-    enc,
-    secrets[0],
-    salt
-  );
-  const thumbprint = await _jose.calculateJwkThumbprint.call(void 0, 
-    { kty: "oct", k: _jose.base64url.encode(encryptionSecret) },
-    `sha${encryptionSecret.byteLength << 3}`
-  );
-  return await new (0, _jose.EncryptJWT)(token).setProtectedHeader({ alg, enc, kid: thumbprint }).setIssuedAt().setExpirationTime(now() + maxAge).setJti(crypto.randomUUID()).encrypt(encryptionSecret);
-}
-async function decode(params) {
-  const { token, secret, salt } = params;
-  const secrets = Array.isArray(secret) ? secret : [secret];
-  if (!token) {
-    return null;
-  }
-  const { payload } = await _jose.jwtDecrypt.call(void 0, 
-    token,
-    async ({ kid, enc: enc2 }) => {
-      for (const secret2 of secrets) {
-        const encryptionSecret = await getDerivedEncryptionKey(
-          enc2,
-          secret2,
-          salt
-        );
-        if (kid === void 0) {
-          return encryptionSecret;
-        }
-        const thumbprint = await _jose.calculateJwkThumbprint.call(void 0, 
-          { kty: "oct", k: _jose.base64url.encode(encryptionSecret) },
-          `sha${encryptionSecret.byteLength << 3}`
-        );
-        if (kid === thumbprint) {
-          return encryptionSecret;
-        }
-      }
-      throw new Error("no matching decryption secret");
-    },
-    {
-      clockTolerance: 15,
-      keyManagementAlgorithms: [alg],
-      contentEncryptionAlgorithms: [enc, "A256GCM"]
-    }
-  );
-  return payload;
-}
-async function getDerivedEncryptionKey(enc2, keyMaterial, salt) {
-  let length;
-  switch (enc2) {
-    case "A256CBC-HS512":
-      length = 64;
-      break;
-    case "A256GCM":
-      length = 32;
-      break;
-    default:
-      throw new Error("Unsupported JWT Content Encryption Algorithm");
-  }
-  return await _hkdf.hkdf.call(void 0, 
-    "sha256",
-    keyMaterial,
-    salt,
-    `Auth.js Generated Encryption Key (${salt})`,
-    length
-  );
-}
-
-// src/mcp-auth.ts
-var DEFAULT_MAX_AGE2 = 60 * 10;
-var DEFAULT_SALT = process.env.STAGE === "local" ? "dev" : process.env.STAGE;
-async function createMCPToken(payload, options) {
-  var _a, _b, _c;
-  const maxAge = (_a = options == null ? void 0 : options.maxAge) != null ? _a : DEFAULT_MAX_AGE2;
-  const secret = (_b = options == null ? void 0 : options.secret) != null ? _b : process.env.MCP_TOKEN_SECRET;
-  const salt = (_c = options == null ? void 0 : options.salt) != null ? _c : DEFAULT_SALT;
-  if (!secret || !salt) {
-    throw new Error("Secret or salt is not set");
-  }
-  const token = await encode({
-    token: payload,
-    secret,
-    salt,
-    maxAge
-  });
-  return {
-    token,
-    expiresAt: new Date(Date.now() + maxAge * 1e3)
-  };
-}
-async function decodeMCPToken(token, options) {
-  var _a, _b;
-  const secret = (_a = options == null ? void 0 : options.secret) != null ? _a : process.env.MCP_TOKEN_SECRET;
-  const salt = (_b = options == null ? void 0 : options.salt) != null ? _b : DEFAULT_SALT;
-  if (!secret || !salt) {
-    throw new Error("Secret or salt is not set");
-  }
-  const decoded = await decode({
-    token,
-    secret,
-    salt
-  });
-  if (!decoded) {
-    throw new Error("Invalid token");
-  }
-  return decoded;
-}
-function getMcpToken(req) {
-  const mcpToken = req.headers.get("X-MCP-Token");
-  if (!mcpToken || typeof mcpToken !== "string") {
-    throw new Error("Unauthorized");
-  }
-  return mcpToken;
-}
-
-
-
-
-exports.createMCPToken = createMCPToken; exports.decodeMCPToken = decodeMCPToken; exports.getMcpToken = getMcpToken;