@vfarcic/dot-ai 1.15.1 → 1.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/providers/vercel-provider.d.ts.map +1 -1
- package/dist/core/providers/vercel-provider.js +20 -8
- package/dist/interfaces/mcp.d.ts.map +1 -1
- package/dist/interfaces/mcp.js +15 -0
- package/dist/interfaces/oauth/provider.d.ts +21 -0
- package/dist/interfaces/oauth/provider.d.ts.map +1 -1
- package/dist/interfaces/oauth/provider.js +42 -1
- package/dist/interfaces/oauth/types.d.ts +1 -0
- package/dist/interfaces/oauth/types.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vercel-provider.d.ts","sourceRoot":"","sources":["../../../src/core/providers/vercel-provider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAaH,OAAO,EACL,UAAU,EACV,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,aAAa,EACd,MAAM,0BAA0B,CAAC;AA4DlC,qBAAa,cAAe,YAAW,UAAU;IAC/C,OAAO,CAAC,YAAY,CAAoB;IACxC,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAS;IACzB,OAAO,CAAC,aAAa,CAAC,CAAyB;IAC/C,OAAO,CAAC,aAAa,CAAiB;gBAE1B,MAAM,EAAE,gBAAgB;IAYpC,OAAO,CAAC,qBAAqB;IAiB7B,OAAO,CAAC,eAAe;
|
|
1
|
+
{"version":3,"file":"vercel-provider.d.ts","sourceRoot":"","sources":["../../../src/core/providers/vercel-provider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAaH,OAAO,EACL,UAAU,EACV,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,aAAa,EACd,MAAM,0BAA0B,CAAC;AA4DlC,qBAAa,cAAe,YAAW,UAAU;IAC/C,OAAO,CAAC,YAAY,CAAoB;IACxC,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,SAAS,CAAU;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAS;IACzB,OAAO,CAAC,aAAa,CAAC,CAAyB;IAC/C,OAAO,CAAC,aAAa,CAAiB;gBAE1B,MAAM,EAAE,gBAAgB;IAYpC,OAAO,CAAC,qBAAqB;IAiB7B,OAAO,CAAC,eAAe;IAyJvB,eAAe,IAAI,MAAM;IAIzB,eAAe,IAAI,MAAM;IAIzB,YAAY,IAAI,MAAM;IAItB,aAAa,IAAI,OAAO;IAIxB,OAAO,CAAC,iBAAiB;IAyBnB,WAAW,CACf,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAkB,EAC7B,iBAAiB,CAAC,EAAE;QAClB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GACA,OAAO,CAAC,UAAU,CAAC;IAsJtB;;;;;;;;;;;;OAYG;IACG,QAAQ,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC;CA6b/D"}
|
|
@@ -83,18 +83,30 @@ class VercelProvider {
|
|
|
83
83
|
break;
|
|
84
84
|
case 'anthropic':
|
|
85
85
|
case 'anthropic_opus':
|
|
86
|
-
case 'anthropic_haiku':
|
|
86
|
+
case 'anthropic_haiku': {
|
|
87
|
+
// Detect Authorization header in custom headers (case-insensitive).
|
|
88
|
+
// Corporate proxies expect Authorization: Bearer auth, but apiKey sends x-api-key.
|
|
89
|
+
// When Authorization is present, extract the Bearer token and pass it as authToken
|
|
90
|
+
// so the SDK sends Authorization: Bearer instead of x-api-key.
|
|
91
|
+
const authHeaderKey = this.customHeaders
|
|
92
|
+
? Object.keys(this.customHeaders).find(key => key.toLowerCase() === 'authorization')
|
|
93
|
+
: undefined;
|
|
94
|
+
const authOpt = authHeaderKey
|
|
95
|
+
? {
|
|
96
|
+
authToken: this.customHeaders[authHeaderKey].replace(/^Bearer\s+/i, ''),
|
|
97
|
+
}
|
|
98
|
+
: { apiKey: this.apiKey };
|
|
99
|
+
// Strip Authorization from custom headers when using authToken (SDK generates it)
|
|
100
|
+
const filteredCustomHeaders = authHeaderKey && this.customHeaders
|
|
101
|
+
? Object.fromEntries(Object.entries(this.customHeaders).filter(([key]) => key.toLowerCase() !== 'authorization'))
|
|
102
|
+
: this.customHeaders;
|
|
87
103
|
provider = (0, anthropic_1.createAnthropic)({
|
|
88
|
-
|
|
104
|
+
...authOpt,
|
|
89
105
|
...baseURLOpt,
|
|
90
|
-
|
|
91
|
-
// Required for models like claude-sonnet-4-5-20250929
|
|
92
|
-
// PRD #443: Custom headers merge with (and can override) the anthropic-beta default
|
|
93
|
-
headers: mergeHeaders({
|
|
94
|
-
'anthropic-beta': 'context-1m-2025-08-07',
|
|
95
|
-
}),
|
|
106
|
+
...(filteredCustomHeaders && { headers: filteredCustomHeaders }),
|
|
96
107
|
});
|
|
97
108
|
break;
|
|
109
|
+
}
|
|
98
110
|
case 'xai':
|
|
99
111
|
provider = (0, xai_1.createXai)({
|
|
100
112
|
apiKey: this.apiKey,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp.d.ts","sourceRoot":"","sources":["../../src/interfaces/mcp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAYH,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AA8EtC,OAAO,EAAgB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAcvD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+DAA+D;IAC/D,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B;AAmBD,qBAAa,SAAS;IACpB,OAAO,CAAC,KAAK,CAAQ;IACrB,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,gBAAgB,CAAa;IACrC,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,UAAU,CAAC,CAAkC;IACrD,4EAA4E;IAC5E,OAAO,CAAC,QAAQ,CAAiC;IACjD,OAAO,CAAC,cAAc,CAAC,CAAiC;IACxD,OAAO,CAAC,YAAY,CAAmB;IACvC,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,aAAa,CAAC,CAAgB;IACtC,OAAO,CAAC,QAAQ,CAAC,CAA6B;IAC9C,OAAO,CAAC,aAAa,CAAC,CAAqB;IAC3C,OAAO,CAAC,SAAS,CAAC,CAAM;gBAEZ,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe;IA6BjD;;;OAGG;IACH,gBAAgB,IAAI,aAAa,GAAG,SAAS;IAQ7C;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;OAEG;IACH,OAAO,CAAC,eAAe;IA2CvB;;OAEG;IACH,OAAO,CAAC,WAAW;IA8KnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAmBzB;;;;OAIG;YACW,mBAAmB;IA6CjC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAkCzB,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,iBAAiB;IAInB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;YAed,kBAAkB;
|
|
1
|
+
{"version":3,"file":"mcp.d.ts","sourceRoot":"","sources":["../../src/interfaces/mcp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAYH,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AA8EtC,OAAO,EAAgB,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAcvD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+DAA+D;IAC/D,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B;AAmBD,qBAAa,SAAS;IACpB,OAAO,CAAC,KAAK,CAAQ;IACrB,OAAO,CAAC,WAAW,CAAkB;IACrC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,gBAAgB,CAAa;IACrC,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,UAAU,CAAC,CAAkC;IACrD,4EAA4E;IAC5E,OAAO,CAAC,QAAQ,CAAiC;IACjD,OAAO,CAAC,cAAc,CAAC,CAAiC;IACxD,OAAO,CAAC,YAAY,CAAmB;IACvC,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,aAAa,CAAC,CAAgB;IACtC,OAAO,CAAC,QAAQ,CAAC,CAA6B;IAC9C,OAAO,CAAC,aAAa,CAAC,CAAqB;IAC3C,OAAO,CAAC,SAAS,CAAC,CAAM;gBAEZ,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe;IA6BjD;;;OAGG;IACH,gBAAgB,IAAI,aAAa,GAAG,SAAS;IAQ7C;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;OAEG;IACH,OAAO,CAAC,eAAe;IA2CvB;;OAEG;IACH,OAAO,CAAC,WAAW;IA8KnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAmBzB;;;;OAIG;YACW,mBAAmB;IA6CjC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAkCzB,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,iBAAiB;IAInB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;YAed,kBAAkB;YAwRlB,gBAAgB;IAexB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAoC3B,OAAO,IAAI,OAAO;CAGnB"}
|
package/dist/interfaces/mcp.js
CHANGED
|
@@ -392,6 +392,21 @@ class MCPServer {
|
|
|
392
392
|
this.oauthProvider = new oauth_1.DotAIOAuthProvider();
|
|
393
393
|
this.oauthApp = (0, express_1.default)();
|
|
394
394
|
this.oauthApp.set('trust proxy', 1);
|
|
395
|
+
// Middleware to extract client-requested token expiry before SDK processes /token
|
|
396
|
+
// This allows clients (like CLI) to request longer-lived tokens
|
|
397
|
+
this.oauthApp.use(express_1.default.urlencoded({ extended: false }));
|
|
398
|
+
this.oauthApp.use((req, res, next) => {
|
|
399
|
+
if (req.method === 'POST' && req.url === '/token') {
|
|
400
|
+
const body = req.body;
|
|
401
|
+
if (body.code && body.requested_expiry) {
|
|
402
|
+
const expirySeconds = parseInt(body.requested_expiry, 10);
|
|
403
|
+
if (!isNaN(expirySeconds)) {
|
|
404
|
+
this.oauthProvider.setRequestedExpiry(body.code, expirySeconds);
|
|
405
|
+
}
|
|
406
|
+
}
|
|
407
|
+
}
|
|
408
|
+
next();
|
|
409
|
+
});
|
|
395
410
|
this.oauthApp.use((0, router_js_1.mcpAuthRouter)({
|
|
396
411
|
provider: this.oauthProvider,
|
|
397
412
|
issuerUrl: this.issuerUrl,
|
|
@@ -35,6 +35,7 @@ export declare class DotAIOAuthProvider implements OAuthServerProvider {
|
|
|
35
35
|
readonly clientsStore: DotAIClientsStore;
|
|
36
36
|
private pendingRequests;
|
|
37
37
|
private authCodes;
|
|
38
|
+
private requestedExpiries;
|
|
38
39
|
private dexConfig;
|
|
39
40
|
private dotAiExternalUrl;
|
|
40
41
|
private pruneTimer;
|
|
@@ -48,6 +49,26 @@ export declare class DotAIOAuthProvider implements OAuthServerProvider {
|
|
|
48
49
|
private pruneExpired;
|
|
49
50
|
/** Stop the pruning timer. For testing only. @internal */
|
|
50
51
|
_stopPruning(): void;
|
|
52
|
+
/**
|
|
53
|
+
* Store a client-requested token expiry for an upcoming token exchange.
|
|
54
|
+
* Called by middleware that intercepts POST /token before the SDK handler.
|
|
55
|
+
*
|
|
56
|
+
* @param authorizationCode - The authorization code from the token request
|
|
57
|
+
* @param requestedExpiry - Requested expiry in seconds
|
|
58
|
+
*/
|
|
59
|
+
setRequestedExpiry(authorizationCode: string, requestedExpiry: number): void;
|
|
60
|
+
/**
|
|
61
|
+
* Calculate token expiry based on client request, defaults, and limits.
|
|
62
|
+
*
|
|
63
|
+
* Priority:
|
|
64
|
+
* 1. Client-requested expiry (if valid and within max limit)
|
|
65
|
+
* 2. OAUTH_DEFAULT_TOKEN_TTL_SECONDS env var
|
|
66
|
+
* 3. Built-in default (1 day)
|
|
67
|
+
*
|
|
68
|
+
* @param authorizationCode - The authorization code being exchanged
|
|
69
|
+
* @returns Expiry time in seconds
|
|
70
|
+
*/
|
|
71
|
+
private getTokenExpiry;
|
|
51
72
|
private loadDexConfig;
|
|
52
73
|
/**
|
|
53
74
|
* Start the authorization flow by redirecting the browser to Dex.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/interfaces/oauth/provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEjD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,KAAK,EACV,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,mDAAmD,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gDAAgD,CAAC;AAM/E,OAAO,KAAK,EACV,0BAA0B,EAC1B,WAAW,EACZ,MAAM,0CAA0C,CAAC;AAelD;;;GAGG;AACH,qBAAa,iBAAkB,YAAW,2BAA2B;IACnE,OAAO,CAAC,OAAO,CAAiD;IAEhE,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,0BAA0B,GAAG,SAAS;IAInE,cAAc,CACZ,MAAM,EAAE,IAAI,CAAC,0BAA0B,EAAE,WAAW,GAAG,qBAAqB,CAAC,GAC5E,0BAA0B;IAQ7B,gEAAgE;IAChE,aAAa,IAAI,IAAI;CAGtB;
|
|
1
|
+
{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/interfaces/oauth/provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEjD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,KAAK,EACV,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,mDAAmD,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gDAAgD,CAAC;AAM/E,OAAO,KAAK,EACV,0BAA0B,EAC1B,WAAW,EACZ,MAAM,0CAA0C,CAAC;AAelD;;;GAGG;AACH,qBAAa,iBAAkB,YAAW,2BAA2B;IACnE,OAAO,CAAC,OAAO,CAAiD;IAEhE,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,0BAA0B,GAAG,SAAS;IAInE,cAAc,CACZ,MAAM,EAAE,IAAI,CAAC,0BAA0B,EAAE,WAAW,GAAG,qBAAqB,CAAC,GAC5E,0BAA0B;IAQ7B,gEAAgE;IAChE,aAAa,IAAI,IAAI;CAGtB;AAiBD;;;;;;;;GAQG;AACH,qBAAa,kBAAmB,YAAW,mBAAmB;IAC5D,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAC;IACzC,OAAO,CAAC,eAAe,CAAyC;IAChE,OAAO,CAAC,SAAS,CAAwC;IACzD,OAAO,CAAC,iBAAiB,CAA6B;IACtD,OAAO,CAAC,SAAS,CAAmB;IACpC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,UAAU,CAA+C;;IASjE;;;OAGG;IACH,OAAO,CAAC,YAAY;IAMpB,+DAA+D;IAC/D,OAAO,CAAC,YAAY;IAcpB,0DAA0D;IAC1D,YAAY,IAAI,IAAI;IAOpB;;;;;;OAMG;IACH,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI;IAI5E;;;;;;;;;;OAUG;IACH,OAAO,CAAC,cAAc;IAuBtB,OAAO,CAAC,aAAa;IAYrB;;;;;;OAMG;IACG,SAAS,CACb,MAAM,EAAE,0BAA0B,EAClC,MAAM,EAAE,mBAAmB,EAC3B,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,IAAI,CAAC;IAgChB;;;;;OAKG;IACG,6BAA6B,CACjC,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,MAAM,CAAC;IAoBlB;;;;;;OAMG;IACG,yBAAyB,CAC7B,MAAM,EAAE,0BAA0B,EAClC,iBAAiB,EAAE,MAAM,EACzB,aAAa,CAAC,EAAE,MAAM,EACtB,WAAW,CAAC,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,GAAG,GACd,OAAO,CAAC,WAAW,CAAC;IA6CjB,oBAAoB,CACxB,OAAO,EAAE,0BAA0B,EACnC,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,MAAM,EAAE,EAClB,SAAS,CAAC,EAAE,GAAG,GACd,OAAO,CAAC,WAAW,CAAC;IAIvB;;;;;;OAMG;IACG,cAAc,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IA6FhE;;;;;;;OAOG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CA2D1D"}
|
|
@@ -52,6 +52,10 @@ const PENDING_REQUEST_TTL_MS = 10 * 60 * 1000;
|
|
|
52
52
|
const AUTH_CODE_TTL_MS = 5 * 60 * 1000;
|
|
53
53
|
/** Separator between session ID and original state in the Dex state param. */
|
|
54
54
|
const STATE_SEPARATOR = '|';
|
|
55
|
+
/** Default token expiry: 1 day (86400 seconds). */
|
|
56
|
+
const DEFAULT_TOKEN_EXPIRY_SECONDS = 86400;
|
|
57
|
+
/** Maximum allowed token expiry: 90 days (7776000 seconds). */
|
|
58
|
+
const MAX_TOKEN_EXPIRY_SECONDS = 7776000;
|
|
55
59
|
/**
|
|
56
60
|
* OAuth Server Provider for dot-ai.
|
|
57
61
|
*
|
|
@@ -65,6 +69,7 @@ class DotAIOAuthProvider {
|
|
|
65
69
|
clientsStore;
|
|
66
70
|
pendingRequests = new Map();
|
|
67
71
|
authCodes = new Map();
|
|
72
|
+
requestedExpiries = new Map(); // Maps auth code -> requested expiry
|
|
68
73
|
dexConfig;
|
|
69
74
|
dotAiExternalUrl;
|
|
70
75
|
pruneTimer = null;
|
|
@@ -104,6 +109,42 @@ class DotAIOAuthProvider {
|
|
|
104
109
|
this.pruneTimer = null;
|
|
105
110
|
}
|
|
106
111
|
}
|
|
112
|
+
/**
|
|
113
|
+
* Store a client-requested token expiry for an upcoming token exchange.
|
|
114
|
+
* Called by middleware that intercepts POST /token before the SDK handler.
|
|
115
|
+
*
|
|
116
|
+
* @param authorizationCode - The authorization code from the token request
|
|
117
|
+
* @param requestedExpiry - Requested expiry in seconds
|
|
118
|
+
*/
|
|
119
|
+
setRequestedExpiry(authorizationCode, requestedExpiry) {
|
|
120
|
+
this.requestedExpiries.set(authorizationCode, requestedExpiry);
|
|
121
|
+
}
|
|
122
|
+
/**
|
|
123
|
+
* Calculate token expiry based on client request, defaults, and limits.
|
|
124
|
+
*
|
|
125
|
+
* Priority:
|
|
126
|
+
* 1. Client-requested expiry (if valid and within max limit)
|
|
127
|
+
* 2. OAUTH_DEFAULT_TOKEN_TTL_SECONDS env var
|
|
128
|
+
* 3. Built-in default (1 day)
|
|
129
|
+
*
|
|
130
|
+
* @param authorizationCode - The authorization code being exchanged
|
|
131
|
+
* @returns Expiry time in seconds
|
|
132
|
+
*/
|
|
133
|
+
getTokenExpiry(authorizationCode) {
|
|
134
|
+
const defaultExpiry = parseInt(process.env.OAUTH_DEFAULT_TOKEN_TTL_SECONDS || String(DEFAULT_TOKEN_EXPIRY_SECONDS));
|
|
135
|
+
const maxExpiry = parseInt(process.env.OAUTH_MAX_TOKEN_TTL_SECONDS || String(MAX_TOKEN_EXPIRY_SECONDS));
|
|
136
|
+
// Check if client requested a specific expiry
|
|
137
|
+
const requestedExpiry = this.requestedExpiries.get(authorizationCode);
|
|
138
|
+
if (requestedExpiry !== undefined) {
|
|
139
|
+
// Clean up the stored value (one-time use)
|
|
140
|
+
this.requestedExpiries.delete(authorizationCode);
|
|
141
|
+
// Validate: must be positive and not exceed max
|
|
142
|
+
if (requestedExpiry > 0 && requestedExpiry <= maxExpiry) {
|
|
143
|
+
return requestedExpiry;
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
return defaultExpiry;
|
|
147
|
+
}
|
|
107
148
|
loadDexConfig() {
|
|
108
149
|
const issuerUrl = process.env.DEX_ISSUER_URL;
|
|
109
150
|
const clientId = process.env.DEX_CLIENT_ID;
|
|
@@ -198,7 +239,7 @@ class DotAIOAuthProvider {
|
|
|
198
239
|
// Consume the authorization code (one-time use)
|
|
199
240
|
this.authCodes.delete(authorizationCode);
|
|
200
241
|
const now = Math.floor(Date.now() / 1000);
|
|
201
|
-
const expiresIn =
|
|
242
|
+
const expiresIn = this.getTokenExpiry(authorizationCode);
|
|
202
243
|
const secret = (0, jwt_1.getJwtSecret)();
|
|
203
244
|
const accessToken = (0, jwt_1.signJwt)({
|
|
204
245
|
sub: record.userIdentity.userId,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/interfaces/oauth/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,YAAY,CAAC;CACzB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,YAAY,EAAE,YAAY,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/interfaces/oauth/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,OAAO,CAAC;CAC3B;AAED;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,YAAY,CAAC;CACzB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,YAAY,EAAE,YAAY,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,QAAQ,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vfarcic/dot-ai",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.16.0",
|
|
4
4
|
"description": "AI-powered development productivity platform that enhances software development workflows through intelligent automation and AI-driven assistance",
|
|
5
5
|
"mcpName": "io.github.vfarcic/dot-ai",
|
|
6
6
|
"main": "dist/index.js",
|