@tronsfey/ucli-server 0.6.1 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/admin.guard.d.ts +5 -0
- package/dist/auth/admin.guard.d.ts.map +1 -1
- package/dist/auth/admin.guard.js +11 -1
- package/dist/auth/admin.guard.js.map +1 -1
- package/dist/cache/memory/memory-cache.adapter.d.ts +2 -0
- package/dist/cache/memory/memory-cache.adapter.d.ts.map +1 -1
- package/dist/cache/memory/memory-cache.adapter.js +18 -1
- package/dist/cache/memory/memory-cache.adapter.js.map +1 -1
- package/dist/cache/redis/redis-cache.adapter.d.ts.map +1 -1
- package/dist/cache/redis/redis-cache.adapter.js +10 -1
- package/dist/cache/redis/redis-cache.adapter.js.map +1 -1
- package/dist/config/app-config.module.js +2 -2
- package/dist/config/app-config.module.js.map +1 -1
- package/dist/crypto/encryption.service.d.ts.map +1 -1
- package/dist/crypto/encryption.service.js +3 -0
- package/dist/crypto/encryption.service.js.map +1 -1
- package/dist/crypto/jwt.service.d.ts.map +1 -1
- package/dist/crypto/jwt.service.js +3 -2
- package/dist/crypto/jwt.service.js.map +1 -1
- package/dist/main.js +1 -1
- package/dist/main.js.map +1 -1
- package/dist/mcp/client-mcp.controller.d.ts +9 -2
- package/dist/mcp/client-mcp.controller.d.ts.map +1 -1
- package/dist/mcp/client-mcp.controller.js +13 -7
- package/dist/mcp/client-mcp.controller.js.map +1 -1
- package/dist/mcp/dto/create-mcp.dto.d.ts.map +1 -1
- package/dist/mcp/dto/create-mcp.dto.js +4 -2
- package/dist/mcp/dto/create-mcp.dto.js.map +1 -1
- package/dist/mcp/mcp.service.d.ts +1 -0
- package/dist/mcp/mcp.service.d.ts.map +1 -1
- package/dist/mcp/mcp.service.js +25 -2
- package/dist/mcp/mcp.service.js.map +1 -1
- package/dist/oas/client-oas.controller.d.ts +9 -2
- package/dist/oas/client-oas.controller.d.ts.map +1 -1
- package/dist/oas/client-oas.controller.js +13 -7
- package/dist/oas/client-oas.controller.js.map +1 -1
- package/dist/oas/oas.service.d.ts.map +1 -1
- package/dist/oas/oas.service.js +13 -2
- package/dist/oas/oas.service.js.map +1 -1
- package/dist/storage/interfaces/repos.interface.d.ts +2 -2
- package/dist/storage/interfaces/repos.interface.d.ts.map +1 -1
- package/dist/storage/memory/memory-mcp.repo.d.ts +3 -1
- package/dist/storage/memory/memory-mcp.repo.d.ts.map +1 -1
- package/dist/storage/memory/memory-mcp.repo.js +18 -7
- package/dist/storage/memory/memory-mcp.repo.js.map +1 -1
- package/dist/storage/memory/memory-oas.repo.d.ts +3 -1
- package/dist/storage/memory/memory-oas.repo.d.ts.map +1 -1
- package/dist/storage/memory/memory-oas.repo.js +19 -7
- package/dist/storage/memory/memory-oas.repo.js.map +1 -1
- package/dist/storage/typeorm/entities/group.entity.d.ts +2 -0
- package/dist/storage/typeorm/entities/group.entity.d.ts.map +1 -1
- package/dist/storage/typeorm/entities/group.entity.js +6 -0
- package/dist/storage/typeorm/entities/group.entity.js.map +1 -1
- package/dist/storage/typeorm/entities/mcp-entry.entity.d.ts.map +1 -1
- package/dist/storage/typeorm/entities/mcp-entry.entity.js +4 -3
- package/dist/storage/typeorm/entities/mcp-entry.entity.js.map +1 -1
- package/dist/storage/typeorm/entities/oas-entry.entity.d.ts.map +1 -1
- package/dist/storage/typeorm/entities/oas-entry.entity.js +3 -2
- package/dist/storage/typeorm/entities/oas-entry.entity.js.map +1 -1
- package/dist/storage/typeorm/typeorm-mcp.repo.d.ts +1 -1
- package/dist/storage/typeorm/typeorm-mcp.repo.d.ts.map +1 -1
- package/dist/storage/typeorm/typeorm-mcp.repo.js +5 -2
- package/dist/storage/typeorm/typeorm-mcp.repo.js.map +1 -1
- package/dist/storage/typeorm/typeorm-oas.repo.d.ts +1 -1
- package/dist/storage/typeorm/typeorm-oas.repo.d.ts.map +1 -1
- package/dist/storage/typeorm/typeorm-oas.repo.js +5 -2
- package/dist/storage/typeorm/typeorm-oas.repo.js.map +1 -1
- package/dist/tokens/dto/issue-token.dto.d.ts.map +1 -1
- package/dist/tokens/dto/issue-token.dto.js +3 -1
- package/dist/tokens/dto/issue-token.dto.js.map +1 -1
- package/dist/tokens/tokens.service.d.ts.map +1 -1
- package/dist/tokens/tokens.service.js +6 -3
- package/dist/tokens/tokens.service.js.map +1 -1
- package/package.json +1 -1
|
@@ -4,5 +4,10 @@ export declare class AdminGuard implements CanActivate {
|
|
|
4
4
|
private readonly appConfig;
|
|
5
5
|
constructor(appConfig: AppConfigService);
|
|
6
6
|
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
/**
|
|
8
|
+
* Constant-time comparison that does not leak string length.
|
|
9
|
+
* Both inputs are hashed to a fixed 32-byte digest before comparison.
|
|
10
|
+
*/
|
|
11
|
+
private constantTimeEqual;
|
|
7
12
|
}
|
|
8
13
|
//# sourceMappingURL=admin.guard.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin.guard.d.ts","sourceRoot":"","sources":["../../src/auth/admin.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAqC,MAAM,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"admin.guard.d.ts","sourceRoot":"","sources":["../../src/auth/admin.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAqC,MAAM,gBAAgB,CAAA;AAGjG,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAE/D,qBACa,UAAW,YAAW,WAAW;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,gBAAgB;IAExD,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO;IAS/C;;;OAGG;IACH,OAAO,CAAC,iBAAiB;CAK1B"}
|
package/dist/auth/admin.guard.js
CHANGED
|
@@ -11,6 +11,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.AdminGuard = void 0;
|
|
13
13
|
const common_1 = require("@nestjs/common");
|
|
14
|
+
const node_crypto_1 = require("node:crypto");
|
|
14
15
|
const app_config_service_1 = require("../config/app-config.service");
|
|
15
16
|
let AdminGuard = class AdminGuard {
|
|
16
17
|
appConfig;
|
|
@@ -20,11 +21,20 @@ let AdminGuard = class AdminGuard {
|
|
|
20
21
|
canActivate(context) {
|
|
21
22
|
const request = context.switchToHttp().getRequest();
|
|
22
23
|
const secret = request.headers['x-admin-secret'];
|
|
23
|
-
if (secret !== this.appConfig.adminSecret) {
|
|
24
|
+
if (typeof secret !== 'string' || !this.constantTimeEqual(secret, this.appConfig.adminSecret)) {
|
|
24
25
|
throw new common_1.UnauthorizedException('Invalid admin secret');
|
|
25
26
|
}
|
|
26
27
|
return true;
|
|
27
28
|
}
|
|
29
|
+
/**
|
|
30
|
+
* Constant-time comparison that does not leak string length.
|
|
31
|
+
* Both inputs are hashed to a fixed 32-byte digest before comparison.
|
|
32
|
+
*/
|
|
33
|
+
constantTimeEqual(a, b) {
|
|
34
|
+
const ha = (0, node_crypto_1.createHmac)('sha256', 'admin-guard').update(a).digest();
|
|
35
|
+
const hb = (0, node_crypto_1.createHmac)('sha256', 'admin-guard').update(b).digest();
|
|
36
|
+
return (0, node_crypto_1.timingSafeEqual)(ha, hb);
|
|
37
|
+
}
|
|
28
38
|
};
|
|
29
39
|
exports.AdminGuard = AdminGuard;
|
|
30
40
|
exports.AdminGuard = AdminGuard = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin.guard.js","sourceRoot":"","sources":["../../src/auth/admin.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAiG;
|
|
1
|
+
{"version":3,"file":"admin.guard.js","sourceRoot":"","sources":["../../src/auth/admin.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAiG;AACjG,6CAAyD;AAEzD,qEAA+D;AAGxD,IAAM,UAAU,GAAhB,MAAM,UAAU;IACQ;IAA7B,YAA6B,SAA2B;QAA3B,cAAS,GAAT,SAAS,CAAkB;IAAG,CAAC;IAE5D,WAAW,CAAC,OAAyB;QACnC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAW,CAAA;QAC5D,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;QAChD,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC9F,MAAM,IAAI,8BAAqB,CAAC,sBAAsB,CAAC,CAAA;QACzD,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED;;;OAGG;IACK,iBAAiB,CAAC,CAAS,EAAE,CAAS;QAC5C,MAAM,EAAE,GAAG,IAAA,wBAAU,EAAC,QAAQ,EAAE,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAA;QACjE,MAAM,EAAE,GAAG,IAAA,wBAAU,EAAC,QAAQ,EAAE,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAA;QACjE,OAAO,IAAA,6BAAe,EAAC,EAAE,EAAE,EAAE,CAAC,CAAA;IAChC,CAAC;CACF,CAAA;AArBY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAE6B,qCAAgB;GAD7C,UAAU,CAqBtB"}
|
|
@@ -11,5 +11,7 @@ export declare class MemoryCacheAdapter implements ICacheAdapter, OnModuleDestro
|
|
|
11
11
|
close(): Promise<void>;
|
|
12
12
|
onModuleDestroy(): void;
|
|
13
13
|
private sweep;
|
|
14
|
+
/** Evict least-recently-accessed entries to bring size back under the limit. */
|
|
15
|
+
private evict;
|
|
14
16
|
}
|
|
15
17
|
//# sourceMappingURL=memory-cache.adapter.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memory-cache.adapter.d.ts","sourceRoot":"","sources":["../../../src/cache/memory/memory-cache.adapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAC5D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"memory-cache.adapter.d.ts","sourceRoot":"","sources":["../../../src/cache/memory/memory-cache.adapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAC5D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAWvD,qBACa,kBAAmB,YAAW,aAAa,EAAE,eAAe;IACvE,OAAO,CAAC,KAAK,CAAoC;IACjD,OAAO,CAAC,UAAU,CAAgC;;IAO5C,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAWtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAS7D,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE/B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAElC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAE5B,eAAe;IAEf,OAAO,CAAC,KAAK;IAOb,gFAAgF;IAChF,OAAO,CAAC,KAAK;CAOd"}
|
|
@@ -11,6 +11,8 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.MemoryCacheAdapter = void 0;
|
|
13
13
|
const common_1 = require("@nestjs/common");
|
|
14
|
+
const MAX_CACHE_SIZE = 100_000;
|
|
15
|
+
const EVICTION_HEADROOM_RATIO = 0.1;
|
|
14
16
|
let MemoryCacheAdapter = class MemoryCacheAdapter {
|
|
15
17
|
store = new Map();
|
|
16
18
|
sweepTimer;
|
|
@@ -27,10 +29,17 @@ let MemoryCacheAdapter = class MemoryCacheAdapter {
|
|
|
27
29
|
this.store.delete(key);
|
|
28
30
|
return null;
|
|
29
31
|
}
|
|
32
|
+
entry.lastAccessedAt = Date.now();
|
|
30
33
|
return entry.value;
|
|
31
34
|
}
|
|
32
35
|
async set(key, value, ttlSec) {
|
|
33
|
-
this.store.set(key, {
|
|
36
|
+
this.store.set(key, {
|
|
37
|
+
value,
|
|
38
|
+
expiresAt: ttlSec != null ? Date.now() + ttlSec * 1000 : null,
|
|
39
|
+
lastAccessedAt: Date.now(),
|
|
40
|
+
});
|
|
41
|
+
if (this.store.size > MAX_CACHE_SIZE)
|
|
42
|
+
this.evict();
|
|
34
43
|
}
|
|
35
44
|
async del(key) { this.store.delete(key); }
|
|
36
45
|
async has(key) { return (await this.get(key)) !== null; }
|
|
@@ -43,6 +52,14 @@ let MemoryCacheAdapter = class MemoryCacheAdapter {
|
|
|
43
52
|
this.store.delete(k);
|
|
44
53
|
}
|
|
45
54
|
}
|
|
55
|
+
/** Evict least-recently-accessed entries to bring size back under the limit. */
|
|
56
|
+
evict() {
|
|
57
|
+
const toEvict = this.store.size - MAX_CACHE_SIZE + Math.floor(MAX_CACHE_SIZE * EVICTION_HEADROOM_RATIO);
|
|
58
|
+
const sorted = [...this.store.entries()].sort((a, b) => a[1].lastAccessedAt - b[1].lastAccessedAt);
|
|
59
|
+
for (let i = 0; i < toEvict && i < sorted.length; i++) {
|
|
60
|
+
this.store.delete(sorted[i][0]);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
46
63
|
};
|
|
47
64
|
exports.MemoryCacheAdapter = MemoryCacheAdapter;
|
|
48
65
|
exports.MemoryCacheAdapter = MemoryCacheAdapter = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memory-cache.adapter.js","sourceRoot":"","sources":["../../../src/cache/memory/memory-cache.adapter.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4D;
|
|
1
|
+
{"version":3,"file":"memory-cache.adapter.js","sourceRoot":"","sources":["../../../src/cache/memory/memory-cache.adapter.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4D;AAS5D,MAAM,cAAc,GAAG,OAAO,CAAA;AAC9B,MAAM,uBAAuB,GAAG,GAAG,CAAA;AAG5B,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IACrB,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAA;IACzC,UAAU,CAAgC;IAElD;QACE,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,MAAM,CAAC,CAAA;QACzD,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK;YAAE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAyB,CAAA;QACzD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QACvB,IAAI,KAAK,CAAC,SAAS,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YAC7D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACtB,OAAO,IAAI,CAAA;QACb,CAAC;QACD,KAAK,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACjC,OAAO,KAAK,CAAC,KAAK,CAAA;IACpB,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ,EAAE,MAAe;QACjD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,KAAK;YACL,SAAS,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI;YAC7D,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE;SAC3B,CAAC,CAAA;QACF,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc;YAAE,IAAI,CAAC,KAAK,EAAE,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,IAAmB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC;IAEhE,KAAK,CAAC,GAAG,CAAC,GAAW,IAAsB,OAAO,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,CAAA,CAAC,CAAC;IAElF,KAAK,CAAC,KAAK,KAAoB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA,CAAC,CAAC;IAEnF,eAAe,KAAK,KAAK,IAAI,CAAC,KAAK,EAAE,CAAA,CAAC,CAAC;IAE/B,KAAK;QACX,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAC1C,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC,SAAS;gBAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IAED,gFAAgF;IACxE,KAAK;QACX,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,GAAG,uBAAuB,CAAC,CAAA;QACvG,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAA;QAClG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjC,CAAC;IACH,CAAC;CACF,CAAA;AApDY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;;GACA,kBAAkB,CAoD9B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redis-cache.adapter.d.ts","sourceRoot":"","sources":["../../../src/cache/redis/redis-cache.adapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAU,MAAM,gBAAgB,CAAA;AAEpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAEvD,qBACa,iBAAkB,YAAW,aAAa,EAAE,eAAe;IACtE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAO;gBAElB,QAAQ,EAAE,MAAM;IAYtB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAExB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"redis-cache.adapter.d.ts","sourceRoot":"","sources":["../../../src/cache/redis/redis-cache.adapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,eAAe,EAAU,MAAM,gBAAgB,CAAA;AAEpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAA;AAEvD,qBACa,iBAAkB,YAAW,aAAa,EAAE,eAAe;IACtE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqC;IAC5D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAO;gBAElB,QAAQ,EAAE,MAAM;IAYtB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAExB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;IAYtC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM7D,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAE/B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAElC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAE5B,eAAe;IAET,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC;CAG/B"}
|
|
@@ -33,7 +33,16 @@ let RedisCacheAdapter = RedisCacheAdapter_1 = class RedisCacheAdapter {
|
|
|
33
33
|
async connect() { await this.client.connect(); }
|
|
34
34
|
async get(key) {
|
|
35
35
|
const raw = await this.client.get(key);
|
|
36
|
-
|
|
36
|
+
if (raw === null)
|
|
37
|
+
return null;
|
|
38
|
+
try {
|
|
39
|
+
return JSON.parse(raw);
|
|
40
|
+
}
|
|
41
|
+
catch {
|
|
42
|
+
this.logger.warn({ key }, 'Corrupted cache entry, deleting');
|
|
43
|
+
await this.client.del(key);
|
|
44
|
+
return null;
|
|
45
|
+
}
|
|
37
46
|
}
|
|
38
47
|
async set(key, value, ttlSec) {
|
|
39
48
|
const s = JSON.stringify(value);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redis-cache.adapter.js","sourceRoot":"","sources":["../../../src/cache/redis/redis-cache.adapter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAoE;AACpE,sDAA2B;AAIpB,IAAM,iBAAiB,yBAAvB,MAAM,iBAAiB;IACX,MAAM,GAAG,IAAI,eAAM,CAAC,mBAAiB,CAAC,IAAI,CAAC,CAAA;IAC3C,MAAM,CAAO;IAE9B,YAAY,QAAgB;QAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,iBAAK,CAAC,QAAQ,EAAE;YAChC,WAAW,EAAE,IAAI;YACjB,oBAAoB,EAAE,CAAC;YACvB,gBAAgB,EAAE,IAAI;YACtB,cAAc,EAAE,IAAI;SACrB,CAAC,CAAA;QACF,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;QAC7D,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,KAAoB,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAA,CAAC,CAAC;IAE9D,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QACtC,
|
|
1
|
+
{"version":3,"file":"redis-cache.adapter.js","sourceRoot":"","sources":["../../../src/cache/redis/redis-cache.adapter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAoE;AACpE,sDAA2B;AAIpB,IAAM,iBAAiB,yBAAvB,MAAM,iBAAiB;IACX,MAAM,GAAG,IAAI,eAAM,CAAC,mBAAiB,CAAC,IAAI,CAAC,CAAA;IAC3C,MAAM,CAAO;IAE9B,YAAY,QAAgB;QAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,iBAAK,CAAC,QAAQ,EAAE;YAChC,WAAW,EAAE,IAAI;YACjB,oBAAoB,EAAE,CAAC;YACvB,gBAAgB,EAAE,IAAI;YACtB,cAAc,EAAE,IAAI;SACrB,CAAC,CAAA;QACF,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;QAC7D,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,KAAoB,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAA,CAAC,CAAC;IAE9D,KAAK,CAAC,GAAG,CAAI,GAAW;QACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QACtC,IAAI,GAAG,KAAK,IAAI;YAAE,OAAO,IAAI,CAAA;QAC7B,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAM,CAAA;QAC7B,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,iCAAiC,CAAC,CAAA;YAC5D,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;YAC1B,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,KAAQ,EAAE,MAAe;QACjD,MAAM,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;QAC/B,IAAI,MAAM,IAAI,IAAI,IAAI,MAAM,GAAG,CAAC;YAAE,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAA;;YACxE,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;IACpC,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,IAAmB,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC;IAEpE,KAAK,CAAC,GAAG,CAAC,GAAW,IAAsB,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAA,CAAC,CAAC;IAEzF,KAAK,CAAC,KAAK,KAAoB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAA,CAAC,CAAC;IAEzD,eAAe,KAAK,KAAK,IAAI,CAAC,KAAK,EAAE,CAAA,CAAC,CAAC;IAEvC,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YAAC,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,MAAM,CAAA;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,KAAK,CAAA;QAAC,CAAC;IAC7E,CAAC;CACF,CAAA;AA/CY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;;GACA,iBAAiB,CA+C7B"}
|
|
@@ -77,8 +77,8 @@ exports.AppConfigModule = AppConfigModule = __decorate([
|
|
|
77
77
|
.pattern(/^[0-9a-f]{64}$/)
|
|
78
78
|
.required()
|
|
79
79
|
.messages({ 'string.pattern.base': 'ENCRYPTION_KEY must be a 64-char hex string' }),
|
|
80
|
-
RATE_LIMIT_TTL: Joi.number().default(60000),
|
|
81
|
-
RATE_LIMIT_LIMIT: Joi.number().default(100),
|
|
80
|
+
RATE_LIMIT_TTL: Joi.number().min(1).default(60000),
|
|
81
|
+
RATE_LIMIT_LIMIT: Joi.number().min(1).default(100),
|
|
82
82
|
METRICS_ALLOWED_IPS: Joi.string().default('127.0.0.1,::1'),
|
|
83
83
|
SWAGGER_ENABLED: Joi.string().valid('true', 'false').default('true'),
|
|
84
84
|
LOG_LEVEL: Joi.string()
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app-config.module.js","sourceRoot":"","sources":["../../src/config/app-config.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA+C;AAC/C,2CAA6C;AAC7C,yCAA0B;AAC1B,6DAAuD;AA2DhD,IAAM,eAAe,GAArB,MAAM,eAAe;CAAG,CAAA;AAAlB,0CAAe;0BAAf,eAAe;IAzD3B,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,qBAAY,CAAC,OAAO,CAAC;gBACnB,QAAQ,EAAE,IAAI;gBACd,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC;oBAC3B,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;oBAChC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;oBACrC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;oBAExF,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;oBAE5C,eAAe,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;oBACxC,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;oBACvC,eAAe,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;oBAE5C,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;oBAC5E,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE;wBAChC,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC;wBAClC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;wBAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;qBACnC,CAAC;oBAEF,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;oBACnE,SAAS,EAAE,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE;wBAChC,EAAE,EAAE,OAAO;wBACX,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;wBAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;qBACnC,CAAC;oBAEF,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE;yBACzB,OAAO,CAAC,gBAAgB,CAAC;yBACzB,QAAQ,EAAE;yBACV,QAAQ,CAAC,EAAE,qBAAqB,EAAE,6CAA6C,EAAE,CAAC;oBAErF,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"app-config.module.js","sourceRoot":"","sources":["../../src/config/app-config.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA+C;AAC/C,2CAA6C;AAC7C,yCAA0B;AAC1B,6DAAuD;AA2DhD,IAAM,eAAe,GAArB,MAAM,eAAe;CAAG,CAAA;AAAlB,0CAAe;0BAAf,eAAe;IAzD3B,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC;QACN,OAAO,EAAE;YACP,qBAAY,CAAC,OAAO,CAAC;gBACnB,QAAQ,EAAE,IAAI;gBACd,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC;oBAC3B,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;oBAChC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;oBACrC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,YAAY,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;oBAExF,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;oBAE5C,eAAe,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;oBACxC,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;oBACvC,eAAe,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;oBAE5C,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;oBAC5E,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE;wBAChC,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC;wBAClC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;wBAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;qBACnC,CAAC;oBAEF,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;oBACnE,SAAS,EAAE,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE;wBAChC,EAAE,EAAE,OAAO;wBACX,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;wBAC7B,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;qBACnC,CAAC;oBAEF,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE;yBACzB,OAAO,CAAC,gBAAgB,CAAC;yBACzB,QAAQ,EAAE;yBACV,QAAQ,CAAC,EAAE,qBAAqB,EAAE,6CAA6C,EAAE,CAAC;oBAErF,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;oBAClD,gBAAgB,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;oBAElD,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,eAAe,CAAC;oBAC1D,eAAe,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;oBACpE,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE;yBACpB,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC;yBACzD,OAAO,CAAC,MAAM,CAAC;oBAElB,gBAAgB;oBAChB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;oBACjE,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC;oBACtD,2BAA2B,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAE1D,WAAW;oBACX,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;iBACvC,CAAC;aACH,CAAC;SACH;QACD,SAAS,EAAE,CAAC,qCAAgB,CAAC;QAC7B,OAAO,EAAE,CAAC,qCAAgB,CAAC;KAC5B,CAAC;GACW,eAAe,CAAG"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encryption.service.d.ts","sourceRoot":"","sources":["../../src/crypto/encryption.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAM/D,qBACa,iBAAiB;IAChB,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,gBAAgB;IAExD,OAAO,CAAC,MAAM;IAId,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM;IAa/B,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;
|
|
1
|
+
{"version":3,"file":"encryption.service.d.ts","sourceRoot":"","sources":["../../src/crypto/encryption.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAM/D,qBACa,iBAAiB;IAChB,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAAT,SAAS,EAAE,gBAAgB;IAExD,OAAO,CAAC,MAAM;IAId,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM;IAa/B,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;CAsBjC"}
|
|
@@ -37,6 +37,9 @@ let EncryptionService = class EncryptionService {
|
|
|
37
37
|
decrypt(encoded) {
|
|
38
38
|
const key = this.getKey();
|
|
39
39
|
const combined = Buffer.from(encoded, 'base64url');
|
|
40
|
+
if (combined.length < IV_LENGTH + TAG_LENGTH + 1) {
|
|
41
|
+
throw new common_1.InternalServerErrorException('Failed to decrypt auth configuration — data may be corrupted');
|
|
42
|
+
}
|
|
40
43
|
const iv = combined.subarray(0, IV_LENGTH);
|
|
41
44
|
const tag = combined.subarray(IV_LENGTH, IV_LENGTH + TAG_LENGTH);
|
|
42
45
|
const ciphertext = combined.subarray(IV_LENGTH + TAG_LENGTH);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encryption.service.js","sourceRoot":"","sources":["../../src/crypto/encryption.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyE;AACzE,6CAA2E;AAC3E,qEAA+D;AAE/D,MAAM,SAAS,GAAG,aAAa,CAAA;AAC/B,MAAM,SAAS,GAAG,EAAE,CAAA;AACpB,MAAM,UAAU,GAAG,EAAE,CAAA;AAGd,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IACC;IAA7B,YAA6B,SAA2B;QAA3B,cAAS,GAAT,SAAS,CAAkB;IAAG,CAAC;IAEpD,MAAM;QACZ,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,MAAc;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAA;QACzB,MAAM,EAAE,GAAG,IAAA,yBAAW,EAAC,SAAS,CAAC,CAAA;QACjC,MAAM,MAAM,GAAG,IAAA,4BAAc,EAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAA;QAEhF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QACxC,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;QACnF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QAE/B,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;QACpD,OAAO,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;IACvC,CAAC;IAED,OAAO,CAAC,OAAe;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAA;QACzB,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;QAElD,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAA;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;QAChE,MAAM,UAAU,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,GAAG,UAAU,CAAC,CAAA;QAE5D,MAAM,QAAQ,GAAG,IAAA,8BAAgB,EAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAA;QACpF,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAExB,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;QAChF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAW,CAAA;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,qCAA4B,CAAC,8DAA8D,CAAC,CAAA;QACxG,CAAC;IACH,CAAC;CACF,CAAA;
|
|
1
|
+
{"version":3,"file":"encryption.service.js","sourceRoot":"","sources":["../../src/crypto/encryption.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyE;AACzE,6CAA2E;AAC3E,qEAA+D;AAE/D,MAAM,SAAS,GAAG,aAAa,CAAA;AAC/B,MAAM,SAAS,GAAG,EAAE,CAAA;AACpB,MAAM,UAAU,GAAG,EAAE,CAAA;AAGd,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IACC;IAA7B,YAA6B,SAA2B;QAA3B,cAAS,GAAT,SAAS,CAAkB;IAAG,CAAC;IAEpD,MAAM;QACZ,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,MAAc;QACpB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAA;QACzB,MAAM,EAAE,GAAG,IAAA,yBAAW,EAAC,SAAS,CAAC,CAAA;QACjC,MAAM,MAAM,GAAG,IAAA,4BAAc,EAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAA;QAEhF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QACxC,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;QACnF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QAE/B,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;QACpD,OAAO,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;IACvC,CAAC;IAED,OAAO,CAAC,OAAe;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAA;QACzB,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;QAElD,IAAI,QAAQ,CAAC,MAAM,GAAG,SAAS,GAAG,UAAU,GAAG,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,qCAA4B,CAAC,8DAA8D,CAAC,CAAA;QACxG,CAAC;QAED,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAA;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;QAChE,MAAM,UAAU,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,GAAG,UAAU,CAAC,CAAA;QAE5D,MAAM,QAAQ,GAAG,IAAA,8BAAgB,EAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAA;QACpF,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAExB,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;QAChF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAW,CAAA;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,qCAA4B,CAAC,8DAA8D,CAAC,CAAA;QACxG,CAAC;IACH,CAAC;CACF,CAAA;AA1CY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;qCAE6B,qCAAgB;GAD7C,iBAAiB,CA0C7B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.service.d.ts","sourceRoot":"","sources":["../../src/crypto/jwt.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,YAAY,EAAU,MAAM,gBAAgB,CAAA;AAWjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAK/D,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,qBACa,UAAW,YAAW,YAAY;IAKjC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAJtC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAU;gBAEE,SAAS,EAAE,gBAAgB;IAElD,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt.service.d.ts","sourceRoot":"","sources":["../../src/crypto/jwt.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,YAAY,EAAU,MAAM,gBAAgB,CAAA;AAWjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAA;AAK/D,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,qBACa,UAAW,YAAW,YAAY;IAKjC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAJtC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAU;gBAEE,SAAS,EAAE,gBAAgB;IAElD,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IA4B7B,IAAI,CAAC,IAAI,EAAE;QACf,OAAO,EAAE,MAAM,CAAA;QACf,SAAS,EAAE,MAAM,CAAA;QACjB,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,MAAM,EAAE,CAAA;QAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAA;KACvB,GAAG,OAAO,CAAC,MAAM,CAAC;IAeb,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;CAOjD"}
|
|
@@ -40,8 +40,9 @@ let JwtService = JwtService_1 = class JwtService {
|
|
|
40
40
|
this.publicKey = publicKey;
|
|
41
41
|
const privPem = await (0, jose_1.exportPKCS8)(privateKey);
|
|
42
42
|
const pubPem = await (0, jose_1.exportSPKI)(publicKey);
|
|
43
|
-
this.logger.debug(
|
|
44
|
-
this.logger.
|
|
43
|
+
this.logger.debug('Ephemeral JWT keys generated (set JWT_PRIVATE_KEY/JWT_PUBLIC_KEY to persist)');
|
|
44
|
+
this.logger.verbose(`JWT_PRIVATE_KEY=${Buffer.from(privPem).toString('base64')}`);
|
|
45
|
+
this.logger.verbose(`JWT_PUBLIC_KEY=${Buffer.from(pubPem).toString('base64')}`);
|
|
45
46
|
}
|
|
46
47
|
}
|
|
47
48
|
async sign(opts) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/crypto/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAiE;AACjE,+BASa;AACb,qEAA+D;AAE/D,MAAM,SAAS,GAAG,OAAO,CAAA;AACzB,MAAM,MAAM,GAAG,aAAa,CAAA;AAarB,IAAM,UAAU,kBAAhB,MAAM,UAAU;IAKQ;IAJZ,MAAM,GAAG,IAAI,eAAM,CAAC,YAAU,CAAC,IAAI,CAAC,CAAA;IAC7C,UAAU,CAAU;IACpB,SAAS,CAAU;IAE3B,YAA6B,SAA2B;QAA3B,cAAS,GAAT,SAAS,CAAkB;IAAG,CAAC;IAE5D,KAAK,CAAC,YAAY;QAChB,IAAI,IAAI,CAAC,SAAS,CAAC,aAAa,IAAI,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;YAChE,IAAI,CAAC,UAAU,GAAG,MAAM,IAAA,kBAAW,EACjC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EACpE,SAAS,CACV,CAAA;YACD,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,iBAAU,EAC/B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EACnE,SAAS,CACV,CAAA;YACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAA;YACjF,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAA;YAClF,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,sBAAe,EAAC,SAAS,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;YAC3F,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;YAC5B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;YAE1B,MAAM,OAAO,GAAG,MAAM,IAAA,kBAAW,EAAC,UAAU,CAAC,CAAA;YAC7C,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAU,EAAC,SAAS,CAAC,CAAA;YAC1C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;
|
|
1
|
+
{"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/crypto/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAiE;AACjE,+BASa;AACb,qEAA+D;AAE/D,MAAM,SAAS,GAAG,OAAO,CAAA;AACzB,MAAM,MAAM,GAAG,aAAa,CAAA;AAarB,IAAM,UAAU,kBAAhB,MAAM,UAAU;IAKQ;IAJZ,MAAM,GAAG,IAAI,eAAM,CAAC,YAAU,CAAC,IAAI,CAAC,CAAA;IAC7C,UAAU,CAAU;IACpB,SAAS,CAAU;IAE3B,YAA6B,SAA2B;QAA3B,cAAS,GAAT,SAAS,CAAkB;IAAG,CAAC;IAE5D,KAAK,CAAC,YAAY;QAChB,IAAI,IAAI,CAAC,SAAS,CAAC,aAAa,IAAI,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;YAChE,IAAI,CAAC,UAAU,GAAG,MAAM,IAAA,kBAAW,EACjC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EACpE,SAAS,CACV,CAAA;YACD,IAAI,CAAC,SAAS,GAAG,MAAM,IAAA,iBAAU,EAC/B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EACnE,SAAS,CACV,CAAA;YACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAA;YACjF,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAA;YAClF,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,sBAAe,EAAC,SAAS,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;YAC3F,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;YAC5B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;YAE1B,MAAM,OAAO,GAAG,MAAM,IAAA,kBAAW,EAAC,UAAU,CAAC,CAAA;YAC7C,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAU,EAAC,SAAS,CAAC,CAAA;YAC1C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8EAA8E,CAAC,CAAA;YACjG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;YACjF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;QACjF,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAMV;QACC,IAAI,OAAO,GAAG,IAAI,cAAO,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;aAC/E,kBAAkB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;aACtC,SAAS,CAAC,MAAM,CAAC;aACjB,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC;aACxB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;aAChB,WAAW,EAAE,CAAA;QAEhB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAA;QAClF,CAAC;QAED,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE;YACzD,MAAM,EAAE,MAAM;YACd,UAAU,EAAE,CAAC,SAAS,CAAC;SACxB,CAAC,CAAA;QACF,OAAO,OAAgC,CAAA;IACzC,CAAC;CACF,CAAA;AA/DY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAM6B,qCAAgB;GAL7C,UAAU,CA+DtB"}
|
package/dist/main.js
CHANGED
|
@@ -58,7 +58,7 @@ async function bootstrap() {
|
|
|
58
58
|
app.use((0, helmet_1.default)({
|
|
59
59
|
contentSecurityPolicy: cfg.swaggerEnabled ? false : undefined,
|
|
60
60
|
}));
|
|
61
|
-
app.enableCors({ origin:
|
|
61
|
+
app.enableCors({ origin: cfg.isProd ? false : true });
|
|
62
62
|
// Swagger / OpenAPI
|
|
63
63
|
if (cfg.swaggerEnabled) {
|
|
64
64
|
const swaggerConfig = new swagger_1.DocumentBuilder()
|
package/dist/main.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qEAAqE;AACrE,uEAAuE;AACvE,uBAAoB;AACpB,4BAAyB;AACzB,qCAAoC;AACpC,yCAAgC;AAChC,uCAA0C;AAC1C,6CAAgE;AAChE,oDAA2B;AAC3B,2CAAuC;AACvC,6CAAkD;AAClD,iDAAkC;AAClC,6CAAwC;AACxC,oEAA8D;AAE9D,KAAK,UAAU,SAAS;IACtB,MAAM,GAAG,GAAG,MAAM,kBAAW,CAAC,MAAM,CAAC,sBAAS,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAA;IAErE,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAU,CAAC,CAAC,CAAA;IAElC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,qCAAgB,CAAC,CAAA;IAErC,oFAAoF;IACpF,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC;QACb,qBAAqB,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KAC9D,CAAC,CAAC,CAAA;IACH,GAAG,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"main.js","sourceRoot":"","sources":["../src/main.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qEAAqE;AACrE,uEAAuE;AACvE,uBAAoB;AACpB,4BAAyB;AACzB,qCAAoC;AACpC,yCAAgC;AAChC,uCAA0C;AAC1C,6CAAgE;AAChE,oDAA2B;AAC3B,2CAAuC;AACvC,6CAAkD;AAClD,iDAAkC;AAClC,6CAAwC;AACxC,oEAA8D;AAE9D,KAAK,UAAU,SAAS;IACtB,MAAM,GAAG,GAAG,MAAM,kBAAW,CAAC,MAAM,CAAC,sBAAS,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAA;IAErE,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAU,CAAC,CAAC,CAAA;IAElC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,qCAAgB,CAAC,CAAA;IAErC,oFAAoF;IACpF,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC;QACb,qBAAqB,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KAC9D,CAAC,CAAC,CAAA;IACH,GAAG,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;IAErD,oBAAoB;IACpB,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,MAAM,aAAa,GAAG,IAAI,yBAAe,EAAE;aACxC,QAAQ,CAAC,iBAAiB,CAAC;aAC3B,cAAc,CACb,0DAA0D;YAC1D,uDAAuD;YACvD,uEAAuE,CACxE;aACA,UAAU,CAAC,KAAK,CAAC;aACjB,aAAa,CACZ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,+BAA+B,EAAE,EACrG,UAAU,CACX;aACA,SAAS,CACR,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,gBAAgB,EAAE,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,qCAAqC,EAAE,EAC5G,aAAa,CACd;aACA,KAAK,EAAE,CAAA;QACV,MAAM,QAAQ,GAAG,uBAAa,CAAC,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACjE,uBAAa,CAAC,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,EAAE;YAC7C,eAAe,EAAE,kBAAkB;YACnC,cAAc,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE;SAC/C,CAAC,CAAA;IACJ,CAAC;IAED,mEAAmE;IACnE,0FAA0F;IAC1F,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI;QACrC,IAAA,gBAAI,EAAC,SAAS,EAAE,UAAU,CAAC,EAA2B,WAAW;QACjE,IAAA,gBAAI,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,EAAU,uBAAuB;KAC9E,CAAC,IAAI,CAAC,oBAAU,CAAC,CAAA;IAElB,IAAI,WAAW,IAAI,IAAA,oBAAU,EAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,MAAM,UAAU,GAAG,GAAG,CAAC,cAAc,EAAE,CAAC,WAAW,EAAyB,CAAA;QAC5E,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;QACxD,8DAA8D;QAC9D,UAAU,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAqB,EAAE,GAAqB,EAAE,EAAE;YACjF,GAAG,CAAC,QAAQ,CAAC,IAAA,gBAAI,EAAC,WAAW,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/C,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,oBAAoB;IACpB,GAAG,CAAC,mBAAmB,EAAE,CAAA;IAEzB,MAAM,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAA;IAEpC,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,WAAW,CAAC,CAAA;IACtC,MAAM,CAAC,GAAG,CAAC,4BAA4B,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAA;IAC9D,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,CAAC,sBAAsB,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,WAAW,CAAC,CAAA;QACjE,MAAM,CAAC,GAAG,CAAC,wBAAwB,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,mBAAmB,CAAC,CAAA;IAC7E,CAAC;IACD,IAAI,WAAW,IAAI,IAAA,oBAAU,EAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,GAAG,CAAC,oBAAoB,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,WAAW,CAAC,CAAA;IACjE,CAAC;IACD,MAAM,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,MAAM,aAAa,GAAG,CAAC,SAAS,WAAW,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;IACpF,MAAM,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,qBAAqB,GAAG,CAAC,YAAY,IAAI,cAAc,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAA;AAClH,CAAC;AAED,KAAK,SAAS,EAAE,CAAA"}
|
|
@@ -1,9 +1,16 @@
|
|
|
1
1
|
import type { JwtPayload } from '../crypto/jwt.service';
|
|
2
|
+
import type { McpEntry } from '../storage/interfaces/repos.interface';
|
|
2
3
|
import { MCPService } from './mcp.service';
|
|
3
4
|
export declare class ClientMCPController {
|
|
4
5
|
private readonly mcpService;
|
|
5
6
|
constructor(mcpService: MCPService);
|
|
6
|
-
findByGroup(payload: JwtPayload): Promise<
|
|
7
|
-
|
|
7
|
+
findByGroup(payload: JwtPayload): Promise<(Omit<McpEntry, "authConfig"> & {
|
|
8
|
+
authConfig: {
|
|
9
|
+
type: string;
|
|
10
|
+
};
|
|
11
|
+
})[]>;
|
|
12
|
+
findByName(name: string, payload: JwtPayload): Promise<McpEntry>;
|
|
13
|
+
/** Strip credential values from authConfig — only expose { type } for discovery. */
|
|
14
|
+
private static redact;
|
|
8
15
|
}
|
|
9
16
|
//# sourceMappingURL=client-mcp.controller.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client-mcp.controller.d.ts","sourceRoot":"","sources":["../../src/mcp/client-mcp.controller.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,qBAIa,mBAAmB;IAClB,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;
|
|
1
|
+
{"version":3,"file":"client-mcp.controller.d.ts","sourceRoot":"","sources":["../../src/mcp/client-mcp.controller.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uCAAuC,CAAA;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,qBAIa,mBAAmB;IAClB,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAM7C,WAAW,CAAoB,OAAO,EAAE,UAAU;oBAe6B;YAAE,IAAI,EAAE,MAAM,CAAA;SAAE;;IALrG,UAAU,CAAgB,IAAI,EAAE,MAAM,EAAqB,OAAO,EAAE,UAAU;IAI9E,oFAAoF;IACpF,OAAO,CAAC,MAAM,CAAC,MAAM;CAGtB"}
|
|
@@ -11,6 +11,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
12
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
13
|
};
|
|
14
|
+
var ClientMCPController_1;
|
|
14
15
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
16
|
exports.ClientMCPController = void 0;
|
|
16
17
|
const common_1 = require("@nestjs/common");
|
|
@@ -18,28 +19,33 @@ const swagger_1 = require("@nestjs/swagger");
|
|
|
18
19
|
const group_token_guard_1 = require("../auth/group-token.guard");
|
|
19
20
|
const jwt_payload_decorator_1 = require("../auth/decorators/jwt-payload.decorator");
|
|
20
21
|
const mcp_service_1 = require("./mcp.service");
|
|
21
|
-
let ClientMCPController = class ClientMCPController {
|
|
22
|
+
let ClientMCPController = ClientMCPController_1 = class ClientMCPController {
|
|
22
23
|
mcpService;
|
|
23
24
|
constructor(mcpService) {
|
|
24
25
|
this.mcpService = mcpService;
|
|
25
26
|
}
|
|
26
|
-
findByGroup(payload) {
|
|
27
|
-
|
|
27
|
+
async findByGroup(payload) {
|
|
28
|
+
const entries = await this.mcpService.findByGroup(payload.sub);
|
|
29
|
+
return entries.map((e) => ClientMCPController_1.redact(e));
|
|
28
30
|
}
|
|
29
31
|
findByName(name, payload) {
|
|
30
32
|
return this.mcpService.findByName(name, payload.sub);
|
|
31
33
|
}
|
|
34
|
+
/** Strip credential values from authConfig — only expose { type } for discovery. */
|
|
35
|
+
static redact(entry) {
|
|
36
|
+
return { ...entry, authConfig: { type: entry.authConfig.type } };
|
|
37
|
+
}
|
|
32
38
|
};
|
|
33
39
|
exports.ClientMCPController = ClientMCPController;
|
|
34
40
|
__decorate([
|
|
35
41
|
(0, common_1.Get)(),
|
|
36
|
-
(0, swagger_1.ApiOperation)({ summary: 'List MCP servers for the authenticated group' }),
|
|
37
|
-
(0, swagger_1.ApiResponse)({ status: 200, description: 'List of MCP servers
|
|
42
|
+
(0, swagger_1.ApiOperation)({ summary: 'List MCP servers for the authenticated group (credentials redacted)' }),
|
|
43
|
+
(0, swagger_1.ApiResponse)({ status: 200, description: 'List of MCP servers with authConfig redacted to type only' }),
|
|
38
44
|
(0, swagger_1.ApiResponse)({ status: 401, description: 'Invalid or expired token' }),
|
|
39
45
|
__param(0, (0, jwt_payload_decorator_1.JwtPayloadParam)()),
|
|
40
46
|
__metadata("design:type", Function),
|
|
41
47
|
__metadata("design:paramtypes", [Object]),
|
|
42
|
-
__metadata("design:returntype",
|
|
48
|
+
__metadata("design:returntype", Promise)
|
|
43
49
|
], ClientMCPController.prototype, "findByGroup", null);
|
|
44
50
|
__decorate([
|
|
45
51
|
(0, common_1.Get)(':name'),
|
|
@@ -53,7 +59,7 @@ __decorate([
|
|
|
53
59
|
__metadata("design:paramtypes", [String, Object]),
|
|
54
60
|
__metadata("design:returntype", void 0)
|
|
55
61
|
], ClientMCPController.prototype, "findByName", null);
|
|
56
|
-
exports.ClientMCPController = ClientMCPController = __decorate([
|
|
62
|
+
exports.ClientMCPController = ClientMCPController = ClientMCPController_1 = __decorate([
|
|
57
63
|
(0, swagger_1.ApiTags)('Client / MCP'),
|
|
58
64
|
(0, swagger_1.ApiBearerAuth)('GroupJWT'),
|
|
59
65
|
(0, common_1.Controller)('api/v1/mcp'),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client-mcp.controller.js","sourceRoot":"","sources":["../../src/mcp/client-mcp.controller.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"client-mcp.controller.js","sourceRoot":"","sources":["../../src/mcp/client-mcp.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAkE;AAClE,6CAAmF;AACnF,iEAA2D;AAC3D,oFAA0E;AAG1E,+CAA0C;AAMnC,IAAM,mBAAmB,2BAAzB,MAAM,mBAAmB;IACD;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;IAAG,CAAC;IAMjD,AAAN,KAAK,CAAC,WAAW,CAAoB,OAAmB;QACtD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC9D,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1D,CAAC;IAOD,UAAU,CAAgB,IAAY,EAAqB,OAAmB;QAC5E,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IACtD,CAAC;IAED,oFAAoF;IAC5E,MAAM,CAAC,MAAM,CAAC,KAAe;QACnC,OAAO,EAAE,GAAG,KAAK,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,EAAE,CAAA;IAClE,CAAC;CACF,CAAA;AAzBY,kDAAmB;AAOxB;IAJL,IAAA,YAAG,GAAE;IACL,IAAA,sBAAY,EAAC,EAAE,OAAO,EAAE,qEAAqE,EAAE,CAAC;IAChG,IAAA,qBAAW,EAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,2DAA2D,EAAE,CAAC;IACtG,IAAA,qBAAW,EAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACnD,WAAA,IAAA,uCAAe,GAAE,CAAA;;;;sDAGnC;AAOD;IALC,IAAA,YAAG,EAAC,OAAO,CAAC;IACZ,IAAA,sBAAY,EAAC,EAAE,OAAO,EAAE,uDAAuD,EAAE,CAAC;IAClF,IAAA,qBAAW,EAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;IAClF,IAAA,qBAAW,EAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,0BAA0B,EAAE,CAAC;IACrE,IAAA,qBAAW,EAAC,EAAE,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC;IACtD,WAAA,IAAA,cAAK,EAAC,MAAM,CAAC,CAAA;IAAgB,WAAA,IAAA,uCAAe,GAAE,CAAA;;;;qDAEzD;8BAnBU,mBAAmB;IAJ/B,IAAA,iBAAO,EAAC,cAAc,CAAC;IACvB,IAAA,uBAAa,EAAC,UAAU,CAAC;IACzB,IAAA,mBAAU,EAAC,YAAY,CAAC;IACxB,IAAA,kBAAS,EAAC,mCAAe,CAAC;qCAEgB,wBAAU;GADxC,mBAAmB,CAyB/B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-mcp.dto.d.ts","sourceRoot":"","sources":["../../../src/mcp/dto/create-mcp.dto.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,0CAA0C,CAAA;AAE7E,qBAAa,YAAY;IAGvB,OAAO,EAAG,MAAM,CAAA;IAMhB,IAAI,EAAG,MAAM,CAAA;IAMb,WAAW,CAAC,EAAE,MAAM,CAAA;IAIpB,SAAS,EAAG,MAAM,GAAG,OAAO,CAAA;
|
|
1
|
+
{"version":3,"file":"create-mcp.dto.d.ts","sourceRoot":"","sources":["../../../src/mcp/dto/create-mcp.dto.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,0CAA0C,CAAA;AAE7E,qBAAa,YAAY;IAGvB,OAAO,EAAG,MAAM,CAAA;IAMhB,IAAI,EAAG,MAAM,CAAA;IAMb,WAAW,CAAC,EAAE,MAAM,CAAA;IAIpB,SAAS,EAAG,MAAM,GAAG,OAAO,CAAA;IAM5B,SAAS,CAAC,EAAE,MAAM,CAAA;IAOlB,OAAO,CAAC,EAAE,MAAM,CAAA;IAWhB,UAAU,EAAG,aAAa,CAAA;CAC3B"}
|
|
@@ -48,13 +48,15 @@ __decorate([
|
|
|
48
48
|
], CreateMcpDto.prototype, "transport", void 0);
|
|
49
49
|
__decorate([
|
|
50
50
|
(0, swagger_1.ApiPropertyOptional)({ example: 'https://mcp.example.com/sse', description: 'Server URL (required for http transport)' }),
|
|
51
|
-
(0, class_validator_1.
|
|
51
|
+
(0, class_validator_1.ValidateIf)(o => o.transport === 'http'),
|
|
52
|
+
(0, class_validator_1.IsNotEmpty)({ message: 'serverUrl is required when transport is http' }),
|
|
52
53
|
(0, class_validator_1.IsUrl)(),
|
|
53
54
|
__metadata("design:type", String)
|
|
54
55
|
], CreateMcpDto.prototype, "serverUrl", void 0);
|
|
55
56
|
__decorate([
|
|
56
57
|
(0, swagger_1.ApiPropertyOptional)({ example: 'npx -y my-mcp-server', description: 'Command to run (required for stdio transport)' }),
|
|
57
|
-
(0, class_validator_1.
|
|
58
|
+
(0, class_validator_1.ValidateIf)(o => o.transport === 'stdio'),
|
|
59
|
+
(0, class_validator_1.IsNotEmpty)({ message: 'command is required when transport is stdio' }),
|
|
58
60
|
(0, class_validator_1.IsString)(),
|
|
59
61
|
(0, class_validator_1.Length)(1, 2048),
|
|
60
62
|
__metadata("design:type", String)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"create-mcp.dto.js","sourceRoot":"","sources":["../../../src/mcp/dto/create-mcp.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"create-mcp.dto.js","sourceRoot":"","sources":["../../../src/mcp/dto/create-mcp.dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAgI;AAChI,6CAAkE;AAGlE,MAAa,YAAY;IAGvB,OAAO,CAAS;IAMhB,IAAI,CAAS;IAMb,WAAW,CAAS;IAIpB,SAAS,CAAmB;IAM5B,SAAS,CAAS;IAOlB,OAAO,CAAS;IAWhB,UAAU,CAAgB;CAC3B;AA5CD,oCA4CC;AAzCC;IAFC,IAAA,qBAAW,EAAC,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,4CAA4C,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IACnH,IAAA,wBAAM,GAAE;;6CACO;AAMhB;IAJC,IAAA,qBAAW,EAAC,EAAE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,sDAAsD,EAAE,CAAC;IAC9G,IAAA,0BAAQ,GAAE;IACV,IAAA,wBAAM,EAAC,CAAC,EAAE,GAAG,CAAC;IACd,IAAA,yBAAO,EAAC,gBAAgB,EAAE,EAAE,OAAO,EAAE,8DAA8D,EAAE,CAAC;;0CAC1F;AAMb;IAJC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;IAC7D,IAAA,4BAAU,GAAE;IACZ,IAAA,0BAAQ,GAAE;IACV,IAAA,wBAAM,EAAC,CAAC,EAAE,IAAI,CAAC;;iDACI;AAIpB;IAFC,IAAA,qBAAW,EAAC,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,CAAC;IACxF,IAAA,wBAAM,EAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;;+CACE;AAM5B;IAJC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,6BAA6B,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;IACxH,IAAA,4BAAU,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC;IACvC,IAAA,4BAAU,EAAC,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC;IACvE,IAAA,uBAAK,GAAE;;+CACU;AAOlB;IALC,IAAA,6BAAmB,EAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;IACtH,IAAA,4BAAU,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,OAAO,CAAC;IACxC,IAAA,4BAAU,EAAC,EAAE,OAAO,EAAE,6CAA6C,EAAE,CAAC;IACtE,IAAA,0BAAQ,GAAE;IACV,IAAA,wBAAM,EAAC,CAAC,EAAE,IAAI,CAAC;;6CACA;AAWhB;IATC,IAAA,qBAAW,EAAC;QACX,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE;YACR,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE;YACjC,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE,EAAE,EAAE;YAChG,GAAG,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,EAAE;SAChE;KACF,CAAC;IACD,IAAA,0BAAQ,GAAE;;gDACe"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp.service.d.ts","sourceRoot":"","sources":["../../src/mcp/mcp.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAA;AAChE,OAAO,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,cAAc,EAAE,cAAc,EAAiB,MAAM,uCAAuC,CAAA;AAE9H,qBACa,UAAU;IAED,OAAO,CAAC,QAAQ,CAAC,OAAO;IAC1C,OAAO,CAAC,QAAQ,CAAC,UAAU;gBADQ,OAAO,EAAE,QAAQ,EACnC,UAAU,EAAE,iBAAiB;IAG1C,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"mcp.service.d.ts","sourceRoot":"","sources":["../../src/mcp/mcp.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAA;AAChE,OAAO,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,cAAc,EAAE,cAAc,EAAiB,MAAM,uCAAuC,CAAA;AAE9H,qBACa,UAAU;IAED,OAAO,CAAC,QAAQ,CAAC,OAAO;IAC1C,OAAO,CAAC,QAAQ,CAAC,UAAU;gBADQ,OAAO,EAAE,QAAQ,EACnC,UAAU,EAAE,iBAAiB;IAG1C,MAAM,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;IAW/C,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;IAI9B,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAMvC,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;IAKjD,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAQ7D,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0B3D,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvC,OAAO,CAAC,OAAO;IAIf,OAAO,CAAC,iBAAiB;CAQ1B"}
|
package/dist/mcp/mcp.service.js
CHANGED
|
@@ -24,7 +24,8 @@ let MCPService = class MCPService {
|
|
|
24
24
|
this.encryption = encryption;
|
|
25
25
|
}
|
|
26
26
|
async create(data) {
|
|
27
|
-
|
|
27
|
+
this.validateTransport(data.transport, data.serverUrl, data.command);
|
|
28
|
+
const existing = await this.mcpRepo.findByName(data.name, data.groupId);
|
|
28
29
|
if (existing)
|
|
29
30
|
throw new common_1.ConflictException(`MCP server name already exists: ${data.name}`);
|
|
30
31
|
const entry = await this.mcpRepo.create({
|
|
@@ -47,7 +48,7 @@ let MCPService = class MCPService {
|
|
|
47
48
|
return entries.filter(e => e.enabled).map(e => this.decrypt(e));
|
|
48
49
|
}
|
|
49
50
|
async findByName(name, groupId) {
|
|
50
|
-
const entry = await this.mcpRepo.findByName(name);
|
|
51
|
+
const entry = await this.mcpRepo.findByName(name, groupId);
|
|
51
52
|
if (!entry)
|
|
52
53
|
throw new common_1.NotFoundException(`MCP server not found: ${name}`);
|
|
53
54
|
if (groupId && entry.groupId !== groupId)
|
|
@@ -57,6 +58,20 @@ let MCPService = class MCPService {
|
|
|
57
58
|
return this.decrypt(entry);
|
|
58
59
|
}
|
|
59
60
|
async update(id, data) {
|
|
61
|
+
const current = await this.mcpRepo.findById(id);
|
|
62
|
+
if (!current)
|
|
63
|
+
throw new common_1.NotFoundException(`MCP server not found: ${id}`);
|
|
64
|
+
// Validate transport configuration against merged state
|
|
65
|
+
const transport = data.transport ?? current.transport;
|
|
66
|
+
const serverUrl = data.serverUrl !== undefined ? data.serverUrl : current.serverUrl;
|
|
67
|
+
const command = data.command !== undefined ? data.command : current.command;
|
|
68
|
+
this.validateTransport(transport, serverUrl, command);
|
|
69
|
+
// Validate name uniqueness within the same group on rename
|
|
70
|
+
if (data.name && data.name !== current.name) {
|
|
71
|
+
const conflict = await this.mcpRepo.findByName(data.name, current.groupId);
|
|
72
|
+
if (conflict)
|
|
73
|
+
throw new common_1.ConflictException(`MCP server name already exists: ${data.name}`);
|
|
74
|
+
}
|
|
60
75
|
const updateData = Object.fromEntries(Object.entries(data).filter(([, v]) => v !== undefined));
|
|
61
76
|
if (updateData.authConfig) {
|
|
62
77
|
updateData.authConfig = this.encryption.encrypt(updateData.authConfig);
|
|
@@ -70,6 +85,14 @@ let MCPService = class MCPService {
|
|
|
70
85
|
decrypt(entry) {
|
|
71
86
|
return { ...entry, authConfig: this.encryption.decrypt(entry.authConfig) };
|
|
72
87
|
}
|
|
88
|
+
validateTransport(transport, serverUrl, command) {
|
|
89
|
+
if (transport === 'http' && !serverUrl) {
|
|
90
|
+
throw new common_1.BadRequestException('serverUrl is required for http transport');
|
|
91
|
+
}
|
|
92
|
+
if (transport === 'stdio' && !command) {
|
|
93
|
+
throw new common_1.BadRequestException('command is required for stdio transport');
|
|
94
|
+
}
|
|
95
|
+
}
|
|
73
96
|
};
|
|
74
97
|
exports.MCPService = MCPService;
|
|
75
98
|
exports.MCPService = MCPService = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp.service.js","sourceRoot":"","sources":["../../src/mcp/mcp.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"mcp.service.js","sourceRoot":"","sources":["../../src/mcp/mcp.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAA8G;AAC9G,8DAAoD;AACpD,qEAAgE;AAIzD,IAAM,UAAU,GAAhB,MAAM,UAAU;IAEgB;IAClB;IAFnB,YACqC,OAAiB,EACnC,UAA6B;QADX,YAAO,GAAP,OAAO,CAAU;QACnC,eAAU,GAAV,UAAU,CAAmB;IAC7C,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,IAAoB;QAC/B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;QACvE,IAAI,QAAQ;YAAE,MAAM,IAAI,0BAAiB,CAAC,mCAAmC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;QACzF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;YACtC,GAAG,IAAI;YACP,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAA6B;SACjF,CAAC,CAAA;QACF,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,OAAO;QACX,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,EAAU;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,0BAAiB,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAAA;QACtE,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAe;QAC/B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QACvD,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAY,EAAE,OAAgB;QAC7C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAC1D,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,0BAAiB,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAA;QACxE,IAAI,OAAO,IAAI,KAAK,CAAC,OAAO,KAAK,OAAO;YAAE,MAAM,IAAI,0BAAiB,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAA;QACtG,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO;YAAE,MAAM,IAAI,0BAAiB,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAA;QAC3F,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU,EAAE,IAAoB;QAC3C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;QAC/C,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,0BAAiB,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAAA;QAExE,wDAAwD;QACxD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAA;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAA;QACnF,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;QAC3E,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,CAAA;QAErD,2DAA2D;QAC3D,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,EAAE,CAAC;YAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;YAC1E,IAAI,QAAQ;gBAAE,MAAM,IAAI,0BAAiB,CAAC,mCAAmC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;QAC3F,CAAC;QAED,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CACnC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CACtC,CAAA;QACnB,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;YAC1B,UAAU,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAA6B,CAAA;QACpG,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,UAAU,CAAC,CAAA;QACzD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC9B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC/B,CAAC;IAEO,OAAO,CAAC,KAAe;QAC7B,OAAO,EAAE,GAAG,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,UAA+B,CAAkB,EAAE,CAAA;IAClH,CAAC;IAEO,iBAAiB,CAAC,SAAiB,EAAE,SAAyB,EAAE,OAAuB;QAC7F,IAAI,SAAS,KAAK,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;YACvC,MAAM,IAAI,4BAAmB,CAAC,0CAA0C,CAAC,CAAA;QAC3E,CAAC;QACD,IAAI,SAAS,KAAK,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,4BAAmB,CAAC,yCAAyC,CAAC,CAAA;QAC1E,CAAC;IACH,CAAC;CACF,CAAA;AAlFY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,eAAM,EAAC,yBAAQ,CAAC,CAAA;6CACY,sCAAiB;GAHrC,UAAU,CAkFtB"}
|
|
@@ -1,9 +1,16 @@
|
|
|
1
1
|
import type { JwtPayload } from '../crypto/jwt.service';
|
|
2
|
+
import type { OASEntry } from '../storage/interfaces/repos.interface';
|
|
2
3
|
import { OASService } from './oas.service';
|
|
3
4
|
export declare class ClientOASController {
|
|
4
5
|
private readonly oasService;
|
|
5
6
|
constructor(oasService: OASService);
|
|
6
|
-
findByGroup(payload: JwtPayload): Promise<
|
|
7
|
-
|
|
7
|
+
findByGroup(payload: JwtPayload): Promise<(Omit<OASEntry, "authConfig"> & {
|
|
8
|
+
authConfig: {
|
|
9
|
+
type: string;
|
|
10
|
+
};
|
|
11
|
+
})[]>;
|
|
12
|
+
findByName(name: string, payload: JwtPayload): Promise<OASEntry>;
|
|
13
|
+
/** Strip credential values from authConfig — only expose { type } for discovery. */
|
|
14
|
+
private static redact;
|
|
8
15
|
}
|
|
9
16
|
//# sourceMappingURL=client-oas.controller.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client-oas.controller.d.ts","sourceRoot":"","sources":["../../src/oas/client-oas.controller.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,qBAIa,mBAAmB;IAClB,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;
|
|
1
|
+
{"version":3,"file":"client-oas.controller.d.ts","sourceRoot":"","sources":["../../src/oas/client-oas.controller.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uCAAuC,CAAA;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,qBAIa,mBAAmB;IAClB,OAAO,CAAC,QAAQ,CAAC,UAAU;gBAAV,UAAU,EAAE,UAAU;IAM7C,WAAW,CAAoB,OAAO,EAAE,UAAU;oBAe6B;YAAE,IAAI,EAAE,MAAM,CAAA;SAAE;;IALrG,UAAU,CAAgB,IAAI,EAAE,MAAM,EAAqB,OAAO,EAAE,UAAU;IAI9E,oFAAoF;IACpF,OAAO,CAAC,MAAM,CAAC,MAAM;CAGtB"}
|
|
@@ -11,6 +11,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
11
11
|
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
12
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
13
|
};
|
|
14
|
+
var ClientOASController_1;
|
|
14
15
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
16
|
exports.ClientOASController = void 0;
|
|
16
17
|
const common_1 = require("@nestjs/common");
|
|
@@ -18,28 +19,33 @@ const swagger_1 = require("@nestjs/swagger");
|
|
|
18
19
|
const group_token_guard_1 = require("../auth/group-token.guard");
|
|
19
20
|
const jwt_payload_decorator_1 = require("../auth/decorators/jwt-payload.decorator");
|
|
20
21
|
const oas_service_1 = require("./oas.service");
|
|
21
|
-
let ClientOASController = class ClientOASController {
|
|
22
|
+
let ClientOASController = ClientOASController_1 = class ClientOASController {
|
|
22
23
|
oasService;
|
|
23
24
|
constructor(oasService) {
|
|
24
25
|
this.oasService = oasService;
|
|
25
26
|
}
|
|
26
|
-
findByGroup(payload) {
|
|
27
|
-
|
|
27
|
+
async findByGroup(payload) {
|
|
28
|
+
const entries = await this.oasService.findByGroup(payload.sub);
|
|
29
|
+
return entries.map((e) => ClientOASController_1.redact(e));
|
|
28
30
|
}
|
|
29
31
|
findByName(name, payload) {
|
|
30
32
|
return this.oasService.findByName(name, payload.sub);
|
|
31
33
|
}
|
|
34
|
+
/** Strip credential values from authConfig — only expose { type } for discovery. */
|
|
35
|
+
static redact(entry) {
|
|
36
|
+
return { ...entry, authConfig: { type: entry.authType } };
|
|
37
|
+
}
|
|
32
38
|
};
|
|
33
39
|
exports.ClientOASController = ClientOASController;
|
|
34
40
|
__decorate([
|
|
35
41
|
(0, common_1.Get)(),
|
|
36
|
-
(0, swagger_1.ApiOperation)({ summary: 'List OAS entries for the authenticated group' }),
|
|
37
|
-
(0, swagger_1.ApiResponse)({ status: 200, description: 'List of OAS entries
|
|
42
|
+
(0, swagger_1.ApiOperation)({ summary: 'List OAS entries for the authenticated group (credentials redacted)' }),
|
|
43
|
+
(0, swagger_1.ApiResponse)({ status: 200, description: 'List of OAS entries with authConfig redacted to type only' }),
|
|
38
44
|
(0, swagger_1.ApiResponse)({ status: 401, description: 'Invalid or expired token' }),
|
|
39
45
|
__param(0, (0, jwt_payload_decorator_1.JwtPayloadParam)()),
|
|
40
46
|
__metadata("design:type", Function),
|
|
41
47
|
__metadata("design:paramtypes", [Object]),
|
|
42
|
-
__metadata("design:returntype",
|
|
48
|
+
__metadata("design:returntype", Promise)
|
|
43
49
|
], ClientOASController.prototype, "findByGroup", null);
|
|
44
50
|
__decorate([
|
|
45
51
|
(0, common_1.Get)(':name'),
|
|
@@ -53,7 +59,7 @@ __decorate([
|
|
|
53
59
|
__metadata("design:paramtypes", [String, Object]),
|
|
54
60
|
__metadata("design:returntype", void 0)
|
|
55
61
|
], ClientOASController.prototype, "findByName", null);
|
|
56
|
-
exports.ClientOASController = ClientOASController = __decorate([
|
|
62
|
+
exports.ClientOASController = ClientOASController = ClientOASController_1 = __decorate([
|
|
57
63
|
(0, swagger_1.ApiTags)('Client / OAS'),
|
|
58
64
|
(0, swagger_1.ApiBearerAuth)('GroupJWT'),
|
|
59
65
|
(0, common_1.Controller)('api/v1/oas'),
|