@vybestack/llxprt-code-core 0.3.4 → 0.4.1-nightly.250923.fc764b9f
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -0
- package/dist/index.d.ts +4 -0
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -1
- package/dist/src/auth/types.d.ts +2 -2
- package/dist/src/code_assist/codeAssist.d.ts +9 -2
- package/dist/src/code_assist/codeAssist.js +33 -0
- package/dist/src/code_assist/codeAssist.js.map +1 -1
- package/dist/src/code_assist/oauth2.d.ts +4 -0
- package/dist/src/code_assist/oauth2.js +102 -42
- package/dist/src/code_assist/oauth2.js.map +1 -1
- package/dist/src/config/config.d.ts +11 -1
- package/dist/src/config/config.js +62 -8
- package/dist/src/config/config.js.map +1 -1
- package/dist/src/core/client.d.ts +2 -2
- package/dist/src/core/client.js +10 -12
- package/dist/src/core/client.js.map +1 -1
- package/dist/src/core/contentGenerator.d.ts +2 -2
- package/dist/src/core/geminiChat.d.ts +14 -1
- package/dist/src/core/geminiChat.js +12 -1
- package/dist/src/core/geminiChat.js.map +1 -1
- package/dist/src/core/loggingContentGenerator.js +11 -11
- package/dist/src/core/loggingContentGenerator.js.map +1 -1
- package/dist/src/core/subagent.d.ts +2 -0
- package/dist/src/core/subagent.js +13 -3
- package/dist/src/core/subagent.js.map +1 -1
- package/dist/src/core/turn.d.ts +26 -4
- package/dist/src/core/turn.js +64 -3
- package/dist/src/core/turn.js.map +1 -1
- package/dist/src/filters/EmojiFilter.js +1 -0
- package/dist/src/filters/EmojiFilter.js.map +1 -1
- package/dist/src/ide/ide-client.d.ts +6 -1
- package/dist/src/ide/ide-client.js +20 -2
- package/dist/src/ide/ide-client.js.map +1 -1
- package/dist/src/ide/ideContext.d.ts +44 -32
- package/dist/src/ide/ideContext.js +1 -0
- package/dist/src/ide/ideContext.js.map +1 -1
- package/dist/src/ide/process-utils.js +49 -33
- package/dist/src/ide/process-utils.js.map +1 -1
- package/dist/src/index.d.ts +3 -0
- package/dist/src/index.js +4 -0
- package/dist/src/index.js.map +1 -1
- package/dist/src/mcp/file-token-store.d.ts +20 -1
- package/dist/src/mcp/file-token-store.js +95 -14
- package/dist/src/mcp/file-token-store.js.map +1 -1
- package/dist/src/mcp/token-storage/base-token-storage.d.ts +19 -0
- package/dist/src/mcp/token-storage/base-token-storage.js +36 -0
- package/dist/src/mcp/token-storage/base-token-storage.js.map +1 -0
- package/dist/src/mcp/token-storage/file-token-storage.d.ts +24 -0
- package/dist/src/mcp/token-storage/file-token-storage.js +144 -0
- package/dist/src/mcp/token-storage/file-token-storage.js.map +1 -0
- package/dist/src/mcp/token-storage/hybrid-token-storage.d.ts +23 -0
- package/dist/src/mcp/token-storage/hybrid-token-storage.js +78 -0
- package/dist/src/mcp/token-storage/hybrid-token-storage.js.map +1 -0
- package/dist/src/mcp/token-storage/keychain-token-storage.d.ts +31 -0
- package/dist/src/mcp/token-storage/keychain-token-storage.js +190 -0
- package/dist/src/mcp/token-storage/keychain-token-storage.js.map +1 -0
- package/dist/src/mcp/token-storage/types.d.ts +40 -0
- package/dist/src/mcp/token-storage/types.js +11 -0
- package/dist/src/mcp/token-storage/types.js.map +1 -0
- package/dist/src/prompt-config/defaults/providers/openai/core.md +81 -0
- package/dist/src/prompt-config/defaults/providers/openai/tools/todo-pause.md +28 -0
- package/dist/src/prompt-config/defaults/providers/openai/tools/todo-read.md +5 -0
- package/dist/src/prompt-config/defaults/providers/openai/tools/todo-write.md +45 -0
- package/dist/src/providers/BaseProvider.d.ts +3 -3
- package/dist/src/providers/BaseProvider.js.map +1 -1
- package/dist/src/providers/anthropic/AnthropicProvider.js +1 -3
- package/dist/src/providers/anthropic/AnthropicProvider.js.map +1 -1
- package/dist/src/providers/openai/OpenAIProvider.d.ts +14 -0
- package/dist/src/providers/openai/OpenAIProvider.js +83 -1
- package/dist/src/providers/openai/OpenAIProvider.js.map +1 -1
- package/dist/src/providers/tokenizers/OpenAITokenizer.d.ts +1 -0
- package/dist/src/providers/tokenizers/OpenAITokenizer.js +3 -1
- package/dist/src/providers/tokenizers/OpenAITokenizer.js.map +1 -1
- package/dist/src/services/loopDetectionService.d.ts +23 -0
- package/dist/src/services/loopDetectionService.js +134 -1
- package/dist/src/services/loopDetectionService.js.map +1 -1
- package/dist/src/services/shellExecutionService.js +8 -7
- package/dist/src/services/shellExecutionService.js.map +1 -1
- package/dist/src/telemetry/sdk.js +2 -1
- package/dist/src/telemetry/sdk.js.map +1 -1
- package/dist/src/telemetry/types.d.ts +12 -0
- package/dist/src/telemetry/types.js +19 -0
- package/dist/src/telemetry/types.js.map +1 -1
- package/dist/src/test-utils/config.d.ts +10 -0
- package/dist/src/test-utils/config.js +24 -0
- package/dist/src/test-utils/config.js.map +1 -0
- package/dist/src/test-utils/index.d.ts +6 -0
- package/dist/src/test-utils/index.js +7 -0
- package/dist/src/test-utils/index.js.map +1 -0
- package/dist/src/test-utils/mock-tool.d.ts +41 -0
- package/dist/src/test-utils/mock-tool.js +51 -0
- package/dist/src/test-utils/mock-tool.js.map +1 -0
- package/dist/src/tools/edit.d.ts +2 -2
- package/dist/src/tools/edit.js +28 -35
- package/dist/src/tools/edit.js.map +1 -1
- package/dist/src/tools/mcp-client-manager.d.ts +8 -6
- package/dist/src/tools/mcp-client-manager.js +30 -5
- package/dist/src/tools/mcp-client-manager.js.map +1 -1
- package/dist/src/tools/mcp-client.d.ts +5 -5
- package/dist/src/tools/mcp-client.js +13 -22
- package/dist/src/tools/mcp-client.js.map +1 -1
- package/dist/src/tools/mcp-tool.d.ts +3 -2
- package/dist/src/tools/mcp-tool.js +9 -9
- package/dist/src/tools/mcp-tool.js.map +1 -1
- package/dist/src/tools/memoryTool.js +5 -33
- package/dist/src/tools/memoryTool.js.map +1 -1
- package/dist/src/tools/shell.js +6 -3
- package/dist/src/tools/shell.js.map +1 -1
- package/dist/src/tools/smart-edit.d.ts +73 -0
- package/dist/src/tools/smart-edit.js +606 -0
- package/dist/src/tools/smart-edit.js.map +1 -0
- package/dist/src/tools/tool-registry.d.ts +2 -1
- package/dist/src/tools/tool-registry.js +6 -6
- package/dist/src/tools/tool-registry.js.map +1 -1
- package/dist/src/tools/web-fetch.js +3 -1
- package/dist/src/tools/web-fetch.js.map +1 -1
- package/dist/src/utils/editCorrector.js +2 -2
- package/dist/src/utils/editCorrector.js.map +1 -1
- package/dist/src/utils/fileUtils.d.ts +19 -3
- package/dist/src/utils/fileUtils.js +139 -28
- package/dist/src/utils/fileUtils.js.map +1 -1
- package/dist/src/utils/gitIgnoreParser.d.ts +1 -0
- package/dist/src/utils/gitIgnoreParser.js +101 -10
- package/dist/src/utils/gitIgnoreParser.js.map +1 -1
- package/dist/src/utils/ide-trust.d.ts +10 -0
- package/dist/src/utils/ide-trust.js +14 -0
- package/dist/src/utils/ide-trust.js.map +1 -0
- package/dist/src/utils/llm-edit-fixer.d.ts +25 -0
- package/dist/src/utils/llm-edit-fixer.js +111 -0
- package/dist/src/utils/llm-edit-fixer.js.map +1 -0
- package/dist/src/utils/memoryDiscovery.d.ts +5 -4
- package/dist/src/utils/memoryDiscovery.js +10 -9
- package/dist/src/utils/memoryDiscovery.js.map +1 -1
- package/dist/src/utils/partUtils.d.ts +1 -2
- package/dist/src/utils/partUtils.js +0 -14
- package/dist/src/utils/partUtils.js.map +1 -1
- package/dist/src/utils/pathReader.d.ts +28 -0
- package/dist/src/utils/pathReader.js +47 -0
- package/dist/src/utils/pathReader.js.map +1 -0
- package/dist/src/utils/summarizer.js +2 -1
- package/dist/src/utils/summarizer.js.map +1 -1
- package/package.json +3 -3
|
@@ -10,11 +10,30 @@ import { BaseTokenStore, MCPOAuthToken, MCPOAuthCredentials } from './token-stor
|
|
|
10
10
|
*/
|
|
11
11
|
export declare class FileTokenStore extends BaseTokenStore {
|
|
12
12
|
private readonly tokenFilePath;
|
|
13
|
-
|
|
13
|
+
private readonly encryptionKey;
|
|
14
|
+
private readonly serviceName;
|
|
15
|
+
constructor(tokenFilePath?: string, options?: {
|
|
16
|
+
serviceName?: string;
|
|
17
|
+
encryptionKey?: Buffer;
|
|
18
|
+
});
|
|
14
19
|
/**
|
|
15
20
|
* Ensure the config directory exists.
|
|
16
21
|
*/
|
|
17
22
|
private ensureConfigDir;
|
|
23
|
+
/**
|
|
24
|
+
* Derive an encryption key for securing stored tokens.
|
|
25
|
+
*/
|
|
26
|
+
private deriveEncryptionKey;
|
|
27
|
+
/**
|
|
28
|
+
* Encrypt token payload with AES-256-GCM.
|
|
29
|
+
*/
|
|
30
|
+
private encrypt;
|
|
31
|
+
/**
|
|
32
|
+
* Decrypt stored payload. Falls back to plaintext for backward compatibility.
|
|
33
|
+
*/
|
|
34
|
+
private decrypt;
|
|
35
|
+
private readTokenPayload;
|
|
36
|
+
private writeTokenPayload;
|
|
18
37
|
/**
|
|
19
38
|
* Load all stored MCP OAuth tokens.
|
|
20
39
|
*
|
|
@@ -5,18 +5,44 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import { promises as fs } from 'node:fs';
|
|
7
7
|
import * as path from 'node:path';
|
|
8
|
+
import * as os from 'node:os';
|
|
9
|
+
import * as crypto from 'node:crypto';
|
|
8
10
|
import { Storage } from '../config/storage.js';
|
|
9
11
|
import { getErrorMessage } from '../utils/errors.js';
|
|
10
12
|
import { BaseTokenStore, } from './token-store.js';
|
|
13
|
+
const safeOsHostname = () => {
|
|
14
|
+
try {
|
|
15
|
+
return os.hostname();
|
|
16
|
+
}
|
|
17
|
+
catch (error) {
|
|
18
|
+
console.warn('Failed to resolve hostname, falling back to default', error);
|
|
19
|
+
return 'unknown-host';
|
|
20
|
+
}
|
|
21
|
+
};
|
|
22
|
+
const safeOsUsername = () => {
|
|
23
|
+
try {
|
|
24
|
+
return os.userInfo().username;
|
|
25
|
+
}
|
|
26
|
+
catch (error) {
|
|
27
|
+
const fallback = process.env.USER || process.env.USERNAME || 'unknown-user';
|
|
28
|
+
console.warn('Failed to resolve username, using fallback value', error);
|
|
29
|
+
return fallback;
|
|
30
|
+
}
|
|
31
|
+
};
|
|
11
32
|
/**
|
|
12
33
|
* File-based implementation of the BaseTokenStore.
|
|
13
34
|
* Stores MCP OAuth tokens in a JSON file in the user's configuration directory.
|
|
14
35
|
*/
|
|
15
36
|
export class FileTokenStore extends BaseTokenStore {
|
|
16
37
|
tokenFilePath;
|
|
17
|
-
|
|
38
|
+
encryptionKey;
|
|
39
|
+
serviceName;
|
|
40
|
+
constructor(tokenFilePath, options = {}) {
|
|
18
41
|
super();
|
|
19
42
|
this.tokenFilePath = tokenFilePath || Storage.getMcpOAuthTokensPath();
|
|
43
|
+
this.serviceName = options.serviceName ?? 'llxprt-cli-mcp-oauth';
|
|
44
|
+
this.encryptionKey =
|
|
45
|
+
options.encryptionKey ?? this.deriveEncryptionKey(this.serviceName);
|
|
20
46
|
}
|
|
21
47
|
/**
|
|
22
48
|
* Ensure the config directory exists.
|
|
@@ -24,13 +50,70 @@ export class FileTokenStore extends BaseTokenStore {
|
|
|
24
50
|
async ensureConfigDir() {
|
|
25
51
|
const configDir = path.dirname(this.tokenFilePath);
|
|
26
52
|
try {
|
|
27
|
-
await fs.mkdir(configDir, { recursive: true });
|
|
53
|
+
await fs.mkdir(configDir, { recursive: true, mode: 0o700 });
|
|
28
54
|
}
|
|
29
55
|
catch (error) {
|
|
30
56
|
console.error(`Failed to create config directory ${configDir}: ${getErrorMessage(error)}`);
|
|
31
57
|
throw error;
|
|
32
58
|
}
|
|
33
59
|
}
|
|
60
|
+
/**
|
|
61
|
+
* Derive an encryption key for securing stored tokens.
|
|
62
|
+
*/
|
|
63
|
+
deriveEncryptionKey(serviceName) {
|
|
64
|
+
const hostname = safeOsHostname();
|
|
65
|
+
const username = safeOsUsername();
|
|
66
|
+
const salt = `${hostname}:${username}:${serviceName}`;
|
|
67
|
+
return crypto.scryptSync('llxprt-cli-oauth', salt, 32);
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* Encrypt token payload with AES-256-GCM.
|
|
71
|
+
*/
|
|
72
|
+
encrypt(payload) {
|
|
73
|
+
const iv = crypto.randomBytes(16);
|
|
74
|
+
const cipher = crypto.createCipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
75
|
+
let encrypted = cipher.update(payload, 'utf8', 'hex');
|
|
76
|
+
encrypted += cipher.final('hex');
|
|
77
|
+
const authTag = cipher.getAuthTag();
|
|
78
|
+
return [iv.toString('hex'), authTag.toString('hex'), encrypted].join(':');
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* Decrypt stored payload. Falls back to plaintext for backward compatibility.
|
|
82
|
+
*/
|
|
83
|
+
decrypt(payload) {
|
|
84
|
+
const trimmed = payload.trim();
|
|
85
|
+
const encryptedPattern = /^[0-9a-f]+:[0-9a-f]+:[0-9a-f]+$/i;
|
|
86
|
+
if (!encryptedPattern.test(trimmed)) {
|
|
87
|
+
return payload;
|
|
88
|
+
}
|
|
89
|
+
const [ivHex, authTagHex, encryptedHex] = trimmed.split(':');
|
|
90
|
+
const iv = Buffer.from(ivHex, 'hex');
|
|
91
|
+
const authTag = Buffer.from(authTagHex, 'hex');
|
|
92
|
+
const decipher = crypto.createDecipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
93
|
+
decipher.setAuthTag(authTag);
|
|
94
|
+
let decrypted = decipher.update(encryptedHex, 'hex', 'utf8');
|
|
95
|
+
decrypted += decipher.final('utf8');
|
|
96
|
+
return decrypted;
|
|
97
|
+
}
|
|
98
|
+
async readTokenPayload() {
|
|
99
|
+
try {
|
|
100
|
+
return await fs.readFile(this.tokenFilePath, 'utf-8');
|
|
101
|
+
}
|
|
102
|
+
catch (error) {
|
|
103
|
+
const err = error;
|
|
104
|
+
if (err.code === 'ENOENT') {
|
|
105
|
+
return null;
|
|
106
|
+
}
|
|
107
|
+
console.error(`Failed to read MCP OAuth tokens from ${this.tokenFilePath}: ${getErrorMessage(error)}`);
|
|
108
|
+
throw error;
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
async writeTokenPayload(tokens) {
|
|
112
|
+
await this.ensureConfigDir();
|
|
113
|
+
const payload = JSON.stringify(tokens, null, 2);
|
|
114
|
+
const encrypted = this.encrypt(payload);
|
|
115
|
+
await fs.writeFile(this.tokenFilePath, encrypted, { mode: 0o600 });
|
|
116
|
+
}
|
|
34
117
|
/**
|
|
35
118
|
* Load all stored MCP OAuth tokens.
|
|
36
119
|
*
|
|
@@ -39,8 +122,12 @@ export class FileTokenStore extends BaseTokenStore {
|
|
|
39
122
|
async loadTokens() {
|
|
40
123
|
const tokenMap = new Map();
|
|
41
124
|
try {
|
|
42
|
-
const
|
|
43
|
-
|
|
125
|
+
const payload = await this.readTokenPayload();
|
|
126
|
+
if (!payload) {
|
|
127
|
+
return tokenMap;
|
|
128
|
+
}
|
|
129
|
+
const decrypted = this.decrypt(payload);
|
|
130
|
+
const tokens = JSON.parse(decrypted);
|
|
44
131
|
// Validate the loaded data structure
|
|
45
132
|
if (!Array.isArray(tokens)) {
|
|
46
133
|
console.warn('Token file contains invalid data structure, ignoring');
|
|
@@ -56,10 +143,7 @@ export class FileTokenStore extends BaseTokenStore {
|
|
|
56
143
|
}
|
|
57
144
|
}
|
|
58
145
|
catch (error) {
|
|
59
|
-
|
|
60
|
-
if (error.code !== 'ENOENT') {
|
|
61
|
-
console.error(`Failed to load MCP OAuth tokens from ${this.tokenFilePath}: ${getErrorMessage(error)}`);
|
|
62
|
-
}
|
|
146
|
+
console.error(`Failed to load MCP OAuth tokens from ${this.tokenFilePath}: ${getErrorMessage(error)}`);
|
|
63
147
|
}
|
|
64
148
|
return tokenMap;
|
|
65
149
|
}
|
|
@@ -73,13 +157,11 @@ export class FileTokenStore extends BaseTokenStore {
|
|
|
73
157
|
* @param mcpServerUrl Optional MCP server URL
|
|
74
158
|
*/
|
|
75
159
|
async saveToken(serverName, token, clientId, tokenUrl, mcpServerUrl) {
|
|
76
|
-
await this.ensureConfigDir();
|
|
77
160
|
const tokens = await this.loadTokens();
|
|
78
161
|
const credential = this.createCredentials(serverName, token, clientId, tokenUrl, mcpServerUrl);
|
|
79
162
|
tokens.set(serverName, credential);
|
|
80
|
-
const tokenArray = Array.from(tokens.values());
|
|
81
163
|
try {
|
|
82
|
-
await
|
|
164
|
+
await this.writeTokenPayload(Array.from(tokens.values()));
|
|
83
165
|
// Token saved successfully
|
|
84
166
|
}
|
|
85
167
|
catch (error) {
|
|
@@ -109,15 +191,14 @@ export class FileTokenStore extends BaseTokenStore {
|
|
|
109
191
|
this.validateServerName(serverName);
|
|
110
192
|
const tokens = await this.loadTokens();
|
|
111
193
|
if (tokens.delete(serverName)) {
|
|
112
|
-
const tokenArray = Array.from(tokens.values());
|
|
113
194
|
try {
|
|
114
|
-
if (
|
|
195
|
+
if (tokens.size === 0) {
|
|
115
196
|
// Remove file if no tokens left
|
|
116
197
|
await fs.unlink(this.tokenFilePath);
|
|
117
198
|
// Token file removed successfully
|
|
118
199
|
}
|
|
119
200
|
else {
|
|
120
|
-
await
|
|
201
|
+
await this.writeTokenPayload(Array.from(tokens.values()));
|
|
121
202
|
// Token removed successfully
|
|
122
203
|
}
|
|
123
204
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file-token-store.js","sourceRoot":"","sources":["../../../src/mcp/file-token-store.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EACL,cAAc,GAGf,MAAM,kBAAkB,CAAC;AAE1B;;;GAGG;AACH,MAAM,OAAO,cAAe,SAAQ,cAAc;IAC/B,aAAa,CAAS;
|
|
1
|
+
{"version":3,"file":"file-token-store.js","sourceRoot":"","sources":["../../../src/mcp/file-token-store.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EACL,cAAc,GAGf,MAAM,kBAAkB,CAAC;AAE1B,MAAM,cAAc,GAAG,GAAW,EAAE;IAClC,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,qDAAqD,EAAE,KAAK,CAAC,CAAC;QAC3E,OAAO,cAAc,CAAC;IACxB,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,GAAW,EAAE;IAClC,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC;IAChC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,cAAc,CAAC;QAC5E,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;QACxE,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,OAAO,cAAe,SAAQ,cAAc;IAC/B,aAAa,CAAS;IACtB,aAAa,CAAS;IACtB,WAAW,CAAS;IAErC,YACE,aAAsB,EACtB,UAGI,EAAE;QAEN,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,aAAa,GAAG,aAAa,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;QACtE,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,sBAAsB,CAAC;QACjE,IAAI,CAAC,aAAa;YAChB,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACnD,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,KAAK,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,qCAAqC,SAAS,KAAK,eAAe,CAAC,KAAK,CAAC,EAAE,CAC5E,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,WAAmB;QAC7C,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,GAAG,QAAQ,IAAI,QAAQ,IAAI,WAAW,EAAE,CAAC;QACtD,OAAO,MAAM,CAAC,UAAU,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACK,OAAO,CAAC,OAAe;QAC7B,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAE5E,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QACtD,SAAS,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5E,CAAC;IAED;;OAEG;IACK,OAAO,CAAC,OAAe;QAC7B,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;QAC/B,MAAM,gBAAgB,GAAG,kCAAkC,CAAC;QAE5D,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,YAAY,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAE7D,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,aAAa,EACb,IAAI,CAAC,aAAa,EAClB,EAAE,CACH,CAAC;QAEF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,YAAY,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAC7D,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,gBAAgB;QAC5B,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,KAA8B,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,CAAC,KAAK,CACX,wCAAwC,IAAI,CAAC,aAAa,KAAK,eAAe,CAAC,KAAK,CAAC,EAAE,CACxF,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAC7B,MAA6B;QAE7B,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAChD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAExC,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA+B,CAAC;QAExD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC9C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,QAAQ,CAAC;YAClB,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAA0B,CAAC;YAE9D,qCAAqC;YACrC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC3B,OAAO,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;gBACrE,OAAO,QAAQ,CAAC;YAClB,CAAC;YAED,KAAK,MAAM,UAAU,IAAI,MAAM,EAAE,CAAC;gBAChC,IAAI,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;oBACxC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;gBAClD,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,IAAI,CACV,iDAAkD,UAAsC,EAAE,UAAU,IAAI,SAAS,EAAE,CACpH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,wCAAwC,IAAI,CAAC,aAAa,KAAK,eAAe,CAAC,KAAK,CAAC,EAAE,CACxF,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,SAAS,CACb,UAAkB,EAClB,KAAoB,EACpB,QAAiB,EACjB,QAAiB,EACjB,YAAqB;QAErB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CACvC,UAAU,EACV,KAAK,EACL,QAAQ,EACR,QAAQ,EACR,YAAY,CACb,CAAC;QAEF,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAEnC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YAE1D,2BAA2B;QAC7B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,sCAAsC,UAAU,KAAK,eAAe,CAAC,KAAK,CAAC,EAAE,CAC9E,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,CAAC,UAAkB;QAC/B,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;QAElD,6BAA6B;QAE7B,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,UAAkB;QAClC,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAEvC,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;oBACtB,gCAAgC;oBAChC,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBACpC,kCAAkC;gBACpC,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;oBAC1D,6BAA6B;gBAC/B,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CACX,wCAAwC,UAAU,KAAK,eAAe,CAAC,KAAK,CAAC,EAAE,CAChF,CAAC;gBACF,kDAAkD;YACpD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2BAA2B;QAC7B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACpC,kCAAkC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,yBAAyB;YAC3B,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CACX,qCAAqC,eAAe,CAAC,KAAK,CAAC,EAAE,CAC9D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,kBAAkB,CACxB,WAAoB;QAEpB,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;YACpD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,IAAI,GAAG,WAAsC,CAAC;QAEpD,wBAAwB;QACxB,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;YAC5D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAgC,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YAChE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;YAC5D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;YACvC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import type { MCPOAuthCredentials } from '../token-store.js';
|
|
7
|
+
export declare abstract class BaseTokenStorage {
|
|
8
|
+
protected readonly serviceName: string;
|
|
9
|
+
constructor(serviceName: string);
|
|
10
|
+
abstract getCredentials(serverName: string): Promise<MCPOAuthCredentials | null>;
|
|
11
|
+
abstract setCredentials(credentials: MCPOAuthCredentials): Promise<void>;
|
|
12
|
+
abstract deleteCredentials(serverName: string): Promise<void>;
|
|
13
|
+
abstract listServers(): Promise<string[]>;
|
|
14
|
+
abstract getAllCredentials(): Promise<Map<string, MCPOAuthCredentials>>;
|
|
15
|
+
abstract clearAll(): Promise<void>;
|
|
16
|
+
protected validateCredentials(credentials: MCPOAuthCredentials): void;
|
|
17
|
+
protected isTokenExpired(credentials: MCPOAuthCredentials): boolean;
|
|
18
|
+
protected sanitizeServerName(serverName: string): string;
|
|
19
|
+
}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
export class BaseTokenStorage {
|
|
7
|
+
serviceName;
|
|
8
|
+
constructor(serviceName) {
|
|
9
|
+
this.serviceName = serviceName;
|
|
10
|
+
}
|
|
11
|
+
validateCredentials(credentials) {
|
|
12
|
+
if (!credentials.serverName) {
|
|
13
|
+
throw new Error('Server name is required');
|
|
14
|
+
}
|
|
15
|
+
if (!credentials.token) {
|
|
16
|
+
throw new Error('Token is required');
|
|
17
|
+
}
|
|
18
|
+
if (!credentials.token.accessToken) {
|
|
19
|
+
throw new Error('Access token is required');
|
|
20
|
+
}
|
|
21
|
+
if (!credentials.token.tokenType) {
|
|
22
|
+
throw new Error('Token type is required');
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
isTokenExpired(credentials) {
|
|
26
|
+
if (!credentials.token.expiresAt) {
|
|
27
|
+
return false;
|
|
28
|
+
}
|
|
29
|
+
const bufferMs = 5 * 60 * 1000;
|
|
30
|
+
return Date.now() > credentials.token.expiresAt - bufferMs;
|
|
31
|
+
}
|
|
32
|
+
sanitizeServerName(serverName) {
|
|
33
|
+
return serverName.replace(/[^a-zA-Z0-9-_.]/g, '_');
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=base-token-storage.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"base-token-storage.js","sourceRoot":"","sources":["../../../../src/mcp/token-storage/base-token-storage.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,OAAgB,gBAAgB;IACjB,WAAW,CAAS;IAEvC,YAAY,WAAmB;QAC7B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAWS,mBAAmB,CAAC,WAAgC;QAC5D,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAES,cAAc,CAAC,WAAgC;QACvD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,QAAQ,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC7D,CAAC;IAES,kBAAkB,CAAC,UAAkB;QAC7C,OAAO,UAAU,CAAC,OAAO,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC;CACF"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { BaseTokenStorage } from './base-token-storage.js';
|
|
7
|
+
import type { MCPOAuthCredentials } from '../token-store.js';
|
|
8
|
+
export declare class FileTokenStorage extends BaseTokenStorage {
|
|
9
|
+
private readonly tokenFilePath;
|
|
10
|
+
private readonly encryptionKey;
|
|
11
|
+
constructor(serviceName: string);
|
|
12
|
+
private deriveEncryptionKey;
|
|
13
|
+
private encrypt;
|
|
14
|
+
private decrypt;
|
|
15
|
+
private ensureDirectoryExists;
|
|
16
|
+
private loadTokens;
|
|
17
|
+
private saveTokens;
|
|
18
|
+
getCredentials(serverName: string): Promise<MCPOAuthCredentials | null>;
|
|
19
|
+
setCredentials(credentials: MCPOAuthCredentials): Promise<void>;
|
|
20
|
+
deleteCredentials(serverName: string): Promise<void>;
|
|
21
|
+
listServers(): Promise<string[]>;
|
|
22
|
+
getAllCredentials(): Promise<Map<string, MCPOAuthCredentials>>;
|
|
23
|
+
clearAll(): Promise<void>;
|
|
24
|
+
}
|
|
@@ -0,0 +1,144 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { promises as fs } from 'node:fs';
|
|
7
|
+
import * as path from 'node:path';
|
|
8
|
+
import * as os from 'node:os';
|
|
9
|
+
import * as crypto from 'node:crypto';
|
|
10
|
+
import { BaseTokenStorage } from './base-token-storage.js';
|
|
11
|
+
export class FileTokenStorage extends BaseTokenStorage {
|
|
12
|
+
tokenFilePath;
|
|
13
|
+
encryptionKey;
|
|
14
|
+
constructor(serviceName) {
|
|
15
|
+
super(serviceName);
|
|
16
|
+
const configDir = path.join(os.homedir(), '.llxprt');
|
|
17
|
+
this.tokenFilePath = path.join(configDir, 'mcp-oauth-tokens-v2.json');
|
|
18
|
+
this.encryptionKey = this.deriveEncryptionKey();
|
|
19
|
+
}
|
|
20
|
+
deriveEncryptionKey() {
|
|
21
|
+
const salt = `${os.hostname()}-${os.userInfo().username}-llxprt-cli`;
|
|
22
|
+
return crypto.scryptSync('llxprt-cli-oauth', salt, 32);
|
|
23
|
+
}
|
|
24
|
+
encrypt(text) {
|
|
25
|
+
const iv = crypto.randomBytes(16);
|
|
26
|
+
const cipher = crypto.createCipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
27
|
+
let encrypted = cipher.update(text, 'utf8', 'hex');
|
|
28
|
+
encrypted += cipher.final('hex');
|
|
29
|
+
const authTag = cipher.getAuthTag();
|
|
30
|
+
return iv.toString('hex') + ':' + authTag.toString('hex') + ':' + encrypted;
|
|
31
|
+
}
|
|
32
|
+
decrypt(encryptedData) {
|
|
33
|
+
const parts = encryptedData.split(':');
|
|
34
|
+
if (parts.length !== 3) {
|
|
35
|
+
throw new Error('Invalid encrypted data format');
|
|
36
|
+
}
|
|
37
|
+
const iv = Buffer.from(parts[0], 'hex');
|
|
38
|
+
const authTag = Buffer.from(parts[1], 'hex');
|
|
39
|
+
const encrypted = parts[2];
|
|
40
|
+
const decipher = crypto.createDecipheriv('aes-256-gcm', this.encryptionKey, iv);
|
|
41
|
+
decipher.setAuthTag(authTag);
|
|
42
|
+
let decrypted = decipher.update(encrypted, 'hex', 'utf8');
|
|
43
|
+
decrypted += decipher.final('utf8');
|
|
44
|
+
return decrypted;
|
|
45
|
+
}
|
|
46
|
+
async ensureDirectoryExists() {
|
|
47
|
+
const dir = path.dirname(this.tokenFilePath);
|
|
48
|
+
await fs.mkdir(dir, { recursive: true, mode: 0o700 });
|
|
49
|
+
}
|
|
50
|
+
async loadTokens() {
|
|
51
|
+
try {
|
|
52
|
+
const data = await fs.readFile(this.tokenFilePath, 'utf-8');
|
|
53
|
+
const decrypted = this.decrypt(data);
|
|
54
|
+
const tokens = JSON.parse(decrypted);
|
|
55
|
+
return new Map(Object.entries(tokens));
|
|
56
|
+
}
|
|
57
|
+
catch (error) {
|
|
58
|
+
const err = error;
|
|
59
|
+
if (err.code === 'ENOENT') {
|
|
60
|
+
throw new Error('Token file does not exist');
|
|
61
|
+
}
|
|
62
|
+
if (err.message?.includes('Invalid encrypted data format') ||
|
|
63
|
+
err.message?.includes('Unsupported state or unable to authenticate data')) {
|
|
64
|
+
throw new Error('Token file corrupted');
|
|
65
|
+
}
|
|
66
|
+
throw error;
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
async saveTokens(tokens) {
|
|
70
|
+
await this.ensureDirectoryExists();
|
|
71
|
+
const data = Object.fromEntries(tokens);
|
|
72
|
+
const json = JSON.stringify(data, null, 2);
|
|
73
|
+
const encrypted = this.encrypt(json);
|
|
74
|
+
await fs.writeFile(this.tokenFilePath, encrypted, { mode: 0o600 });
|
|
75
|
+
}
|
|
76
|
+
async getCredentials(serverName) {
|
|
77
|
+
const tokens = await this.loadTokens();
|
|
78
|
+
const credentials = tokens.get(serverName);
|
|
79
|
+
if (!credentials) {
|
|
80
|
+
return null;
|
|
81
|
+
}
|
|
82
|
+
if (this.isTokenExpired(credentials)) {
|
|
83
|
+
return null;
|
|
84
|
+
}
|
|
85
|
+
return credentials;
|
|
86
|
+
}
|
|
87
|
+
async setCredentials(credentials) {
|
|
88
|
+
this.validateCredentials(credentials);
|
|
89
|
+
const tokens = await this.loadTokens();
|
|
90
|
+
const updatedCredentials = {
|
|
91
|
+
...credentials,
|
|
92
|
+
updatedAt: Date.now(),
|
|
93
|
+
};
|
|
94
|
+
tokens.set(credentials.serverName, updatedCredentials);
|
|
95
|
+
await this.saveTokens(tokens);
|
|
96
|
+
}
|
|
97
|
+
async deleteCredentials(serverName) {
|
|
98
|
+
const tokens = await this.loadTokens();
|
|
99
|
+
if (!tokens.has(serverName)) {
|
|
100
|
+
throw new Error(`No credentials found for ${serverName}`);
|
|
101
|
+
}
|
|
102
|
+
tokens.delete(serverName);
|
|
103
|
+
if (tokens.size === 0) {
|
|
104
|
+
try {
|
|
105
|
+
await fs.unlink(this.tokenFilePath);
|
|
106
|
+
}
|
|
107
|
+
catch (error) {
|
|
108
|
+
const err = error;
|
|
109
|
+
if (err.code !== 'ENOENT') {
|
|
110
|
+
throw error;
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
else {
|
|
115
|
+
await this.saveTokens(tokens);
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
async listServers() {
|
|
119
|
+
const tokens = await this.loadTokens();
|
|
120
|
+
return Array.from(tokens.keys());
|
|
121
|
+
}
|
|
122
|
+
async getAllCredentials() {
|
|
123
|
+
const tokens = await this.loadTokens();
|
|
124
|
+
const result = new Map();
|
|
125
|
+
for (const [serverName, credentials] of tokens) {
|
|
126
|
+
if (!this.isTokenExpired(credentials)) {
|
|
127
|
+
result.set(serverName, credentials);
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
return result;
|
|
131
|
+
}
|
|
132
|
+
async clearAll() {
|
|
133
|
+
try {
|
|
134
|
+
await fs.unlink(this.tokenFilePath);
|
|
135
|
+
}
|
|
136
|
+
catch (error) {
|
|
137
|
+
const err = error;
|
|
138
|
+
if (err.code !== 'ENOENT') {
|
|
139
|
+
throw error;
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
//# sourceMappingURL=file-token-storage.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"file-token-storage.js","sourceRoot":"","sources":["../../../../src/mcp/token-storage/file-token-storage.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,MAAM,OAAO,gBAAiB,SAAQ,gBAAgB;IACnC,aAAa,CAAS;IACtB,aAAa,CAAS;IAEvC,YAAY,WAAmB;QAC7B,KAAK,CAAC,WAAW,CAAC,CAAC;QACnB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,0BAA0B,CAAC,CAAC;QACtE,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;IAClD,CAAC;IAEO,mBAAmB;QACzB,MAAM,IAAI,GAAG,GAAG,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,aAAa,CAAC;QACrE,OAAO,MAAM,CAAC,UAAU,CAAC,kBAAkB,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAEO,OAAO,CAAC,IAAY;QAC1B,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAE5E,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QACnD,SAAS,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,GAAG,SAAS,CAAC;IAC9E,CAAC;IAEO,OAAO,CAAC,aAAqB;QACnC,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACxC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAE3B,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,aAAa,EACb,IAAI,CAAC,aAAa,EAClB,EAAE,CACH,CAAC;QACF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1D,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,qBAAqB;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACxD,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAC5D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAGlC,CAAC;YACF,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,KAAqD,CAAC;YAClE,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC/C,CAAC;YACD,IACE,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,+BAA+B,CAAC;gBACtD,GAAG,CAAC,OAAO,EAAE,QAAQ,CACnB,kDAAkD,CACnD,EACD,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;YAC1C,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,UAAU,CACtB,MAAwC;QAExC,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAEnC,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAErC,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,UAAkB;QAElB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,WAAgC;QACnD,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,MAAM,kBAAkB,GAAwB;YAC9C,GAAG,WAAW;YACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;QAEF,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC;QACvD,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QACxC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAEvC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,4BAA4B,UAAU,EAAE,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAE1B,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACtC,CAAC;YAAC,OAAO,KAAc,EAAE,CAAC;gBACxB,MAAM,GAAG,GAAG,KAA8B,CAAC;gBAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC1B,MAAM,KAAK,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,iBAAiB;QACrB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,GAAG,EAA+B,CAAC;QAEtD,KAAK,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC,IAAI,MAAM,EAAE,CAAC;YAC/C,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtC,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,KAA8B,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { BaseTokenStorage } from './base-token-storage.js';
|
|
7
|
+
import type { OAuthCredentials } from './types.js';
|
|
8
|
+
import { TokenStorageType } from './types.js';
|
|
9
|
+
export declare class HybridTokenStorage extends BaseTokenStorage {
|
|
10
|
+
private storage;
|
|
11
|
+
private storageType;
|
|
12
|
+
private storageInitPromise;
|
|
13
|
+
constructor(serviceName: string);
|
|
14
|
+
private initializeStorage;
|
|
15
|
+
private getStorage;
|
|
16
|
+
getCredentials(serverName: string): Promise<OAuthCredentials | null>;
|
|
17
|
+
setCredentials(credentials: OAuthCredentials): Promise<void>;
|
|
18
|
+
deleteCredentials(serverName: string): Promise<void>;
|
|
19
|
+
listServers(): Promise<string[]>;
|
|
20
|
+
getAllCredentials(): Promise<Map<string, OAuthCredentials>>;
|
|
21
|
+
clearAll(): Promise<void>;
|
|
22
|
+
getStorageType(): Promise<TokenStorageType>;
|
|
23
|
+
}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { BaseTokenStorage } from './base-token-storage.js';
|
|
7
|
+
import { FileTokenStorage } from './file-token-storage.js';
|
|
8
|
+
import { TokenStorageType } from './types.js';
|
|
9
|
+
const FORCE_FILE_STORAGE_ENV_VAR = 'GEMINI_FORCE_FILE_STORAGE';
|
|
10
|
+
export class HybridTokenStorage extends BaseTokenStorage {
|
|
11
|
+
storage = null;
|
|
12
|
+
storageType = null;
|
|
13
|
+
storageInitPromise = null;
|
|
14
|
+
constructor(serviceName) {
|
|
15
|
+
super(serviceName);
|
|
16
|
+
}
|
|
17
|
+
async initializeStorage() {
|
|
18
|
+
const forceFileStorage = process.env[FORCE_FILE_STORAGE_ENV_VAR] === 'true';
|
|
19
|
+
if (!forceFileStorage) {
|
|
20
|
+
try {
|
|
21
|
+
const { KeychainTokenStorage } = await import('./keychain-token-storage.js');
|
|
22
|
+
const keychainStorage = new KeychainTokenStorage(this.serviceName);
|
|
23
|
+
const isAvailable = await keychainStorage.isAvailable();
|
|
24
|
+
if (isAvailable) {
|
|
25
|
+
this.storage = keychainStorage;
|
|
26
|
+
this.storageType = TokenStorageType.KEYCHAIN;
|
|
27
|
+
return this.storage;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
catch (_e) {
|
|
31
|
+
// Fallback to file storage if keychain fails to initialize
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
this.storage = new FileTokenStorage(this.serviceName);
|
|
35
|
+
this.storageType = TokenStorageType.ENCRYPTED_FILE;
|
|
36
|
+
return this.storage;
|
|
37
|
+
}
|
|
38
|
+
async getStorage() {
|
|
39
|
+
if (this.storage !== null) {
|
|
40
|
+
return this.storage;
|
|
41
|
+
}
|
|
42
|
+
// Use a single initialization promise to avoid race conditions
|
|
43
|
+
if (!this.storageInitPromise) {
|
|
44
|
+
this.storageInitPromise = this.initializeStorage();
|
|
45
|
+
}
|
|
46
|
+
// Wait for initialization to complete
|
|
47
|
+
return await this.storageInitPromise;
|
|
48
|
+
}
|
|
49
|
+
async getCredentials(serverName) {
|
|
50
|
+
const storage = await this.getStorage();
|
|
51
|
+
return storage.getCredentials(serverName);
|
|
52
|
+
}
|
|
53
|
+
async setCredentials(credentials) {
|
|
54
|
+
const storage = await this.getStorage();
|
|
55
|
+
await storage.setCredentials(credentials);
|
|
56
|
+
}
|
|
57
|
+
async deleteCredentials(serverName) {
|
|
58
|
+
const storage = await this.getStorage();
|
|
59
|
+
await storage.deleteCredentials(serverName);
|
|
60
|
+
}
|
|
61
|
+
async listServers() {
|
|
62
|
+
const storage = await this.getStorage();
|
|
63
|
+
return storage.listServers();
|
|
64
|
+
}
|
|
65
|
+
async getAllCredentials() {
|
|
66
|
+
const storage = await this.getStorage();
|
|
67
|
+
return storage.getAllCredentials();
|
|
68
|
+
}
|
|
69
|
+
async clearAll() {
|
|
70
|
+
const storage = await this.getStorage();
|
|
71
|
+
await storage.clearAll();
|
|
72
|
+
}
|
|
73
|
+
async getStorageType() {
|
|
74
|
+
await this.getStorage();
|
|
75
|
+
return this.storageType;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
//# sourceMappingURL=hybrid-token-storage.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hybrid-token-storage.js","sourceRoot":"","sources":["../../../../src/mcp/token-storage/hybrid-token-storage.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,0BAA0B,GAAG,2BAA2B,CAAC;AAE/D,MAAM,OAAO,kBAAmB,SAAQ,gBAAgB;IAC9C,OAAO,GAAwB,IAAI,CAAC;IACpC,WAAW,GAA4B,IAAI,CAAC;IAC5C,kBAAkB,GAAiC,IAAI,CAAC;IAEhE,YAAY,WAAmB;QAC7B,KAAK,CAAC,WAAW,CAAC,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,iBAAiB;QAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,KAAK,MAAM,CAAC;QAE5E,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,6BAA6B,CAC9B,CAAC;gBACF,MAAM,eAAe,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBAEnE,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,WAAW,EAAE,CAAC;gBACxD,IAAI,WAAW,EAAE,CAAC;oBAChB,IAAI,CAAC,OAAO,GAAG,eAAe,CAAC;oBAC/B,IAAI,CAAC,WAAW,GAAG,gBAAgB,CAAC,QAAQ,CAAC;oBAC7C,OAAO,IAAI,CAAC,OAAO,CAAC;gBACtB,CAAC;YACH,CAAC;YAAC,OAAO,EAAE,EAAE,CAAC;gBACZ,2DAA2D;YAC7D,CAAC;QACH,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtD,IAAI,CAAC,WAAW,GAAG,gBAAgB,CAAC,cAAc,CAAC;QACnD,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,OAAO,CAAC;QACtB,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7B,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACrD,CAAC;QAED,sCAAsC;QACtC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,UAAkB;QACrC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,OAAO,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,WAA6B;QAChD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,MAAM,OAAO,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QACxC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,MAAM,OAAO,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,OAAO,OAAO,CAAC,WAAW,EAAE,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,iBAAiB;QACrB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,OAAO,OAAO,CAAC,iBAAiB,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,MAAM,OAAO,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,WAAY,CAAC;IAC3B,CAAC;CACF"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2025 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { BaseTokenStorage } from './base-token-storage.js';
|
|
7
|
+
import type { OAuthCredentials } from './types.js';
|
|
8
|
+
interface Keytar {
|
|
9
|
+
getPassword(service: string, account: string): Promise<string | null>;
|
|
10
|
+
setPassword(service: string, account: string, password: string): Promise<void>;
|
|
11
|
+
deletePassword(service: string, account: string): Promise<boolean>;
|
|
12
|
+
findCredentials(service: string): Promise<Array<{
|
|
13
|
+
account: string;
|
|
14
|
+
password: string;
|
|
15
|
+
}>>;
|
|
16
|
+
}
|
|
17
|
+
export declare class KeychainTokenStorage extends BaseTokenStorage {
|
|
18
|
+
private keychainAvailable;
|
|
19
|
+
private keytarModule;
|
|
20
|
+
private keytarLoadAttempted;
|
|
21
|
+
getKeytar(): Promise<Keytar | null>;
|
|
22
|
+
getCredentials(serverName: string): Promise<OAuthCredentials | null>;
|
|
23
|
+
setCredentials(credentials: OAuthCredentials): Promise<void>;
|
|
24
|
+
deleteCredentials(serverName: string): Promise<void>;
|
|
25
|
+
listServers(): Promise<string[]>;
|
|
26
|
+
getAllCredentials(): Promise<Map<string, OAuthCredentials>>;
|
|
27
|
+
clearAll(): Promise<void>;
|
|
28
|
+
checkKeychainAvailability(): Promise<boolean>;
|
|
29
|
+
isAvailable(): Promise<boolean>;
|
|
30
|
+
}
|
|
31
|
+
export {};
|