@zuplo/runtime 6.71.22 → 6.71.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/out/esm/{chunk-54PA7VDV.js → chunk-4QJJMELB.js} +1 -1
- package/out/esm/{chunk-54PA7VDV.js.map → chunk-4QJJMELB.js.map} +1 -1
- package/out/esm/chunk-MJWTZPC2.js +402 -0
- package/out/esm/chunk-MJWTZPC2.js.map +1 -0
- package/out/esm/index.js +1 -1
- package/out/esm/index.js.map +1 -1
- package/out/esm/mcp-gateway/index.js +7 -7
- package/out/esm/mcp-gateway/index.js.map +1 -1
- package/out/esm/mocks/index.js +1 -1
- package/out/types/index.d.ts +263 -19
- package/out/types/mcp-gateway/index.d.ts +33 -7
- package/package.json +1 -1
- package/out/esm/chunk-36XLJ4X6.js +0 -389
- package/out/esm/chunk-36XLJ4X6.js.map +0 -1
- /package/out/esm/{chunk-36XLJ4X6.js.LEGAL.txt → chunk-MJWTZPC2.js.LEGAL.txt} +0 -0
package/out/esm/mocks/index.js
CHANGED
|
@@ -22,5 +22,5 @@
|
|
|
22
22
|
* DEALINGS IN THE SOFTWARE.
|
|
23
23
|
*--------------------------------------------------------------------------------------------*/
|
|
24
24
|
|
|
25
|
-
import{b as l}from"../chunk-
|
|
25
|
+
import{b as l}from"../chunk-4QJJMELB.js";import{a as o,da as n}from"../chunk-DSZS6PZJ.js";function g(u={request:new Request("https://api.example.com")}){let e=[];function t(i){e.push(Promise.resolve(i))}return o(t,"waitUntil"),{context:new s({event:{waitUntil:t},route:u.route}),invokeResponse:o(async()=>{await Promise.all(e)},"invokeResponse")}}o(g,"createMockContext");var p={path:"/",methods:["GET"],handler:{module:{},export:"default"},raw:o(()=>({}),"raw")},s=class extends EventTarget{static{o(this,"MockZuploContext")}#e;contextId;requestId;log;route;custom;incomingRequestProperties;parentContext;analyticsContext;constructor({event:e,route:t=p,parentContext:r}){super(),this.requestId=crypto.randomUUID(),this.contextId=crypto.randomUUID(),this.log={info:n.console.info,log:n.console.log,debug:n.console.debug,warn:n.console.warn,error:n.console.error,setLogProperties:o(()=>{},"setLogProperties")},this.custom={},this.route=t,this.incomingRequestProperties={asn:1234,asOrganization:"ORGANIZATION",city:"Seattle",region:"Washington",regionCode:"WA",colo:"SEA",continent:"NA",country:"US",postalCode:"98004",metroCode:"SEA",latitude:void 0,longitude:void 0,timezone:void 0,httpProtocol:void 0,clientCert:void 0,clientMtlsVerificationStatus:void 0,clientMtlsVerificationReason:void 0,clientCertFingerprintSha256:void 0,clientCertNotBefore:void 0,clientCertNotAfter:void 0,clientCertIssuerDn:void 0,clientCertSubjectDn:void 0},this.parentContext=r,this.#e=e,this.analyticsContext=new l(this.requestId)}waitUntil(e){this.#e.waitUntil(e)}invokeInboundPolicy(e,t){throw new Error("Not implemented")}invokeOutboundPolicy(e,t,r){throw new Error("Not implemented")}invokeRoute(e,t){throw new Error("Not implemented")}addResponseSendingHook(e){throw new Error("Not implemented")}addResponseSendingFinalHook(e){throw new Error("Not implemented")}addEventListener(e,t,r){let d=o(i=>{try{typeof t=="function"?t(i):t.handleEvent(i)}catch(a){throw this.log.error(`Error invoking event ${e}. See following logs for details.`),a}},"wrapped");super.addEventListener(e,d,r)}};export{s as MockZuploContext,g as createMockContext};
|
|
26
26
|
//# sourceMappingURL=index.js.map
|
package/out/types/index.d.ts
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { Attributes } from "@opentelemetry/api";
|
|
2
2
|
import { CallToolRequest } from "@zuplo/mcp/types";
|
|
3
3
|
import { CallToolResult } from "@zuplo/mcp/types";
|
|
4
|
+
import { InboundPolicyHandler as InboundPolicyHandler_2 } from "../../policies.js";
|
|
4
5
|
import { KeyLike } from "jose";
|
|
5
6
|
import { RequestGeneric as RequestGeneric_2 } from "../../request.js";
|
|
6
7
|
import type { ValidateFunction } from "ajv";
|
|
@@ -181,6 +182,7 @@ export declare function aiGatewayHandler(
|
|
|
181
182
|
* @returns A Request or a Response
|
|
182
183
|
*/
|
|
183
184
|
export declare class AIGatewayMeteringInboundPolicy extends InboundPolicy<AIGatewayMeteringInboundPolicyOptions> {
|
|
185
|
+
static readonly policyType = "ai-gateway-metering";
|
|
184
186
|
/**
|
|
185
187
|
* Set the meter increments for the current request.
|
|
186
188
|
*
|
|
@@ -208,10 +210,6 @@ export declare class AIGatewayMeteringInboundPolicy extends InboundPolicy<AIGate
|
|
|
208
210
|
static getQuotaFallback(
|
|
209
211
|
context: ZuploContext
|
|
210
212
|
): QuotaFallbackModels | undefined;
|
|
211
|
-
constructor(
|
|
212
|
-
options: AIGatewayMeteringInboundPolicyOptions,
|
|
213
|
-
policyName: string
|
|
214
|
-
);
|
|
215
213
|
handler(
|
|
216
214
|
request: ZuploRequest,
|
|
217
215
|
context: ZuploContext
|
|
@@ -897,6 +895,14 @@ declare interface AnthropicMessage {
|
|
|
897
895
|
}>;
|
|
898
896
|
}
|
|
899
897
|
|
|
898
|
+
/**
|
|
899
|
+
* A request to the Anthropic Messages API (`/v1/messages`).
|
|
900
|
+
*
|
|
901
|
+
* The gateway forwards this body to Anthropic verbatim on the native passthrough
|
|
902
|
+
* path, so the shape mirrors Anthropic's API rather than an internal contract.
|
|
903
|
+
* The index signature carries evolving Anthropic fields (`thinking`,
|
|
904
|
+
* `tool_choice`, `top_k`, structured `system` blocks, …) through unchanged.
|
|
905
|
+
*/
|
|
900
906
|
declare interface AnthropicMessagesRequest {
|
|
901
907
|
model: string;
|
|
902
908
|
messages: AnthropicMessage[];
|
|
@@ -908,6 +914,7 @@ declare interface AnthropicMessagesRequest {
|
|
|
908
914
|
stream?: boolean;
|
|
909
915
|
metadata?: Record<string, unknown>;
|
|
910
916
|
tools?: unknown[];
|
|
917
|
+
[key: string]: unknown;
|
|
911
918
|
}
|
|
912
919
|
|
|
913
920
|
/**
|
|
@@ -1343,6 +1350,150 @@ declare interface AuditLogEntry {
|
|
|
1343
1350
|
};
|
|
1344
1351
|
}
|
|
1345
1352
|
|
|
1353
|
+
/**
|
|
1354
|
+
* A CloudEvent 1.0 audit log entry. Most fields are auto-populated by the
|
|
1355
|
+
* runtime; user code only supplies the type/subject/resources/data fields when
|
|
1356
|
+
* calling `AuditLogInboundPolicy.log()`.
|
|
1357
|
+
*
|
|
1358
|
+
* @public
|
|
1359
|
+
*/
|
|
1360
|
+
export declare interface AuditLogEvent {
|
|
1361
|
+
specversion: "1.0";
|
|
1362
|
+
id: string;
|
|
1363
|
+
source: string;
|
|
1364
|
+
type: string;
|
|
1365
|
+
time: string;
|
|
1366
|
+
datacontenttype?: "application/json";
|
|
1367
|
+
subject?: string;
|
|
1368
|
+
bucketid: string;
|
|
1369
|
+
actorsub?: string;
|
|
1370
|
+
actortype?: "user" | "service" | "apikey" | "anonymous";
|
|
1371
|
+
actoremail?: string;
|
|
1372
|
+
actorconnection?: string;
|
|
1373
|
+
resources?: AuditLogResource[];
|
|
1374
|
+
requestid?: string;
|
|
1375
|
+
success?: boolean;
|
|
1376
|
+
httpmethod?: string;
|
|
1377
|
+
httpurl?: string;
|
|
1378
|
+
httpstatus?: number;
|
|
1379
|
+
ipaddress?: string;
|
|
1380
|
+
useragent?: string;
|
|
1381
|
+
country?: string;
|
|
1382
|
+
region?: string;
|
|
1383
|
+
city?: string;
|
|
1384
|
+
mcpserver?: string;
|
|
1385
|
+
mcpvirtualserver?: string;
|
|
1386
|
+
mcptool?: string;
|
|
1387
|
+
data?: Record<string, unknown>;
|
|
1388
|
+
extensions?: Record<string, unknown>;
|
|
1389
|
+
}
|
|
1390
|
+
|
|
1391
|
+
/**
|
|
1392
|
+
* Fields a caller may supply when emitting a custom audit event via
|
|
1393
|
+
* `AuditLogInboundPolicy.log()`. Everything else is filled in by the runtime
|
|
1394
|
+
* from the request context.
|
|
1395
|
+
*
|
|
1396
|
+
* @public
|
|
1397
|
+
*/
|
|
1398
|
+
export declare interface AuditLogEventInput {
|
|
1399
|
+
type: string;
|
|
1400
|
+
subject?: string;
|
|
1401
|
+
resources?: AuditLogResource[];
|
|
1402
|
+
success?: boolean;
|
|
1403
|
+
data?: Record<string, unknown>;
|
|
1404
|
+
/**
|
|
1405
|
+
* Geolocation of the caller. When omitted, these default to the current
|
|
1406
|
+
* request's geo data (from the request context), so custom events carry the
|
|
1407
|
+
* same location information as the auto-emitted per-request event.
|
|
1408
|
+
*/
|
|
1409
|
+
country?: string;
|
|
1410
|
+
region?: string;
|
|
1411
|
+
city?: string;
|
|
1412
|
+
/** Override the auto-derived actor (rare). */
|
|
1413
|
+
actor?: {
|
|
1414
|
+
sub?: string;
|
|
1415
|
+
type?: "user" | "service" | "apikey" | "anonymous";
|
|
1416
|
+
email?: string;
|
|
1417
|
+
connection?: string;
|
|
1418
|
+
};
|
|
1419
|
+
/** MCP-specific helpers. */
|
|
1420
|
+
mcp?: {
|
|
1421
|
+
server?: string;
|
|
1422
|
+
virtualServer?: string;
|
|
1423
|
+
tool?: string;
|
|
1424
|
+
};
|
|
1425
|
+
}
|
|
1426
|
+
|
|
1427
|
+
/**
|
|
1428
|
+
* Capture detailed logs of requests for auditing purposes. The policy emits
|
|
1429
|
+
* one structured CloudEvent per request, and user code can emit additional
|
|
1430
|
+
* events via the static `log()` method.
|
|
1431
|
+
*
|
|
1432
|
+
* @title Audit Logs
|
|
1433
|
+
* @product api-gateway
|
|
1434
|
+
* @public
|
|
1435
|
+
* @enterprise
|
|
1436
|
+
*/
|
|
1437
|
+
export declare class AuditLogInboundPolicy extends InboundPolicy<AuditLogInboundPolicyOptions> {
|
|
1438
|
+
#private;
|
|
1439
|
+
static readonly policyType = "audit-logs";
|
|
1440
|
+
/**
|
|
1441
|
+
* Emit an audit event for the current request.
|
|
1442
|
+
*
|
|
1443
|
+
* Fields not provided are filled in from the request context (bucket id,
|
|
1444
|
+
* request id, time, actor, IP, user agent, etc).
|
|
1445
|
+
*
|
|
1446
|
+
* @param context - The current ZuploContext.
|
|
1447
|
+
* @param event - The event details to record.
|
|
1448
|
+
*/
|
|
1449
|
+
static log(context: ZuploContext, event: AuditLogEventInput): void;
|
|
1450
|
+
constructor(options: AuditLogInboundPolicyOptions, policyName: string);
|
|
1451
|
+
handler(
|
|
1452
|
+
request: ZuploRequest,
|
|
1453
|
+
context: ZuploContext
|
|
1454
|
+
): Promise<ZuploRequest | Response>;
|
|
1455
|
+
}
|
|
1456
|
+
|
|
1457
|
+
/**
|
|
1458
|
+
* The options for the Audit Log Inbound policy.
|
|
1459
|
+
* @public
|
|
1460
|
+
*/
|
|
1461
|
+
export declare interface AuditLogInboundPolicyOptions {
|
|
1462
|
+
/**
|
|
1463
|
+
* Reverse-DNS prefix used for the auto-emitted request event type. Defaults to 'com.zuplo.api'.
|
|
1464
|
+
*/
|
|
1465
|
+
eventTypeBase?: string;
|
|
1466
|
+
/**
|
|
1467
|
+
* Override the bucket id this policy emits events for. Defaults to the bucket id from the runtime environment.
|
|
1468
|
+
*/
|
|
1469
|
+
bucketId?: string;
|
|
1470
|
+
/**
|
|
1471
|
+
* Fraction of requests to capture, between 0 (none) and 1 (all). Defaults to 1.
|
|
1472
|
+
*/
|
|
1473
|
+
samplingRate?: number;
|
|
1474
|
+
/**
|
|
1475
|
+
* Controls which potentially-sensitive parts of each request are captured in the auto-emitted audit event. Disable fields to satisfy your own data-handling and PII policies. All are enabled by default.
|
|
1476
|
+
*/
|
|
1477
|
+
include?: {
|
|
1478
|
+
/**
|
|
1479
|
+
* Include the request's query-string parameters in the logged URL. Disable if query strings may contain sensitive data.
|
|
1480
|
+
*/
|
|
1481
|
+
queryParams?: boolean;
|
|
1482
|
+
/**
|
|
1483
|
+
* Include the authenticated user / actor identity (subject, email, connection).
|
|
1484
|
+
*/
|
|
1485
|
+
user?: boolean;
|
|
1486
|
+
/**
|
|
1487
|
+
* Include the caller's IP address.
|
|
1488
|
+
*/
|
|
1489
|
+
ipAddress?: boolean;
|
|
1490
|
+
/**
|
|
1491
|
+
* Include the caller's geolocation (country, region, city).
|
|
1492
|
+
*/
|
|
1493
|
+
geolocation?: boolean;
|
|
1494
|
+
};
|
|
1495
|
+
}
|
|
1496
|
+
|
|
1346
1497
|
/**
|
|
1347
1498
|
* Configuration options for audit logging
|
|
1348
1499
|
* @public
|
|
@@ -1387,6 +1538,16 @@ declare interface AuditLogRequestFilter {
|
|
|
1387
1538
|
(request: ZuploRequest, context: ZuploContext): Promise<boolean>;
|
|
1388
1539
|
}
|
|
1389
1540
|
|
|
1541
|
+
/**
|
|
1542
|
+
* A resource affected by an audit event.
|
|
1543
|
+
* @public
|
|
1544
|
+
*/
|
|
1545
|
+
export declare interface AuditLogResource {
|
|
1546
|
+
type: string;
|
|
1547
|
+
id: string;
|
|
1548
|
+
metadata?: Record<string, unknown>;
|
|
1549
|
+
}
|
|
1550
|
+
|
|
1390
1551
|
/**
|
|
1391
1552
|
* Authenticate users using Auth0 issued JWT tokens.
|
|
1392
1553
|
*
|
|
@@ -1439,6 +1600,7 @@ export declare interface Auth0JwtInboundPolicyOptions {
|
|
|
1439
1600
|
*/
|
|
1440
1601
|
export declare class AuthZenInboundPolicy extends InboundPolicy<AuthZenInboundPolicyOptions> {
|
|
1441
1602
|
#private;
|
|
1603
|
+
static readonly policyType = "authzen";
|
|
1442
1604
|
constructor(options: AuthZenInboundPolicyOptions, policyName: string);
|
|
1443
1605
|
/**
|
|
1444
1606
|
* The handler that is called each time this policy is invoked
|
|
@@ -1759,6 +1921,7 @@ export declare class AWSLoggingPlugin extends LogPlugin {
|
|
|
1759
1921
|
*/
|
|
1760
1922
|
export declare class AxiomaticsAuthZInboundPolicy extends InboundPolicy<AxiomaticsAuthZInboundPolicyOptions> {
|
|
1761
1923
|
#private;
|
|
1924
|
+
static readonly policyType = "axiomatics-authz";
|
|
1762
1925
|
private pdpService;
|
|
1763
1926
|
static setAuthAttributes(
|
|
1764
1927
|
context: ZuploContext,
|
|
@@ -2126,6 +2289,7 @@ declare interface BatchDispatcherOptions {
|
|
|
2126
2289
|
* @returns A Request or a Response
|
|
2127
2290
|
*/
|
|
2128
2291
|
export declare class BrownoutInboundPolicy extends InboundPolicy<BrownoutInboundPolicyOptions> {
|
|
2292
|
+
static readonly policyType = "brownout";
|
|
2129
2293
|
crons: Cron[];
|
|
2130
2294
|
constructor(options: BrownoutInboundPolicyOptions, policyName: string);
|
|
2131
2295
|
handler(
|
|
@@ -2856,6 +3020,7 @@ export declare type ComplexRateLimitFunction =
|
|
|
2856
3020
|
* @returns A Request or a Response
|
|
2857
3021
|
*/
|
|
2858
3022
|
export declare class ComplexRateLimitInboundPolicy extends InboundPolicy<ComplexRateLimitInboundPolicyOptions> {
|
|
3023
|
+
static readonly policyType = "complex-rate-limit";
|
|
2859
3024
|
/**
|
|
2860
3025
|
* Override the increments for a limit in the current request.
|
|
2861
3026
|
*
|
|
@@ -3863,6 +4028,20 @@ export declare function extractGraphqlErrors(
|
|
|
3863
4028
|
bodyText: string
|
|
3864
4029
|
): GraphqlResponseError[] | null;
|
|
3865
4030
|
|
|
4031
|
+
/**
|
|
4032
|
+
* Pull the incremental ASSISTANT TEXT from a parsed stream event per shape. The
|
|
4033
|
+
* single source of truth for "is this delta assistant text" — chat
|
|
4034
|
+
* `choices[].delta.content`, Responses `response.output_text.delta` only (NOT
|
|
4035
|
+
* tool-args / audio / refusal / code deltas), Anthropic `content_block_delta`.
|
|
4036
|
+
* Stream-scanning policies (e.g. the firewall accumulator) should call this
|
|
4037
|
+
* rather than re-deriving the per-shape extraction.
|
|
4038
|
+
* @public
|
|
4039
|
+
*/
|
|
4040
|
+
export declare function extractStreamTextDelta(
|
|
4041
|
+
parsed: unknown,
|
|
4042
|
+
format: AiFormat
|
|
4043
|
+
): string | undefined;
|
|
4044
|
+
|
|
3866
4045
|
declare interface FetchOptions<T> {
|
|
3867
4046
|
method?: HttpMethod_2;
|
|
3868
4047
|
data?: T;
|
|
@@ -4305,6 +4484,21 @@ export declare interface GraphqlAnalyticsOutboundPolicyOptions {
|
|
|
4305
4484
|
maxScanBytes?: number;
|
|
4306
4485
|
}
|
|
4307
4486
|
|
|
4487
|
+
/**
|
|
4488
|
+
* GraphQL response-cache outcome, as decided by the Zuplo-provided GraphQL
|
|
4489
|
+
* Cache policy (`graphql-cache-inbound`) and reported on its `x-cache`
|
|
4490
|
+
* response header:
|
|
4491
|
+
* - `"hit"` — the response was served from cache.
|
|
4492
|
+
* - `"miss"` — a cache-eligible query that was not in cache (forwarded to
|
|
4493
|
+
* the origin).
|
|
4494
|
+
*
|
|
4495
|
+
* Operations that are not cache-eligible (mutations, subscriptions,
|
|
4496
|
+
* uncacheable/credentialed requests) — or that ran on a route without the
|
|
4497
|
+
* GraphQL Cache policy — carry no cache state (`null`), and are excluded
|
|
4498
|
+
* from the cache-hit-rate denominator.
|
|
4499
|
+
*/
|
|
4500
|
+
export declare type GraphqlCacheState = "hit" | "miss";
|
|
4501
|
+
|
|
4308
4502
|
/**
|
|
4309
4503
|
* One GraphQL error extracted from a response body, reduced to the
|
|
4310
4504
|
* fields the GraphQL Analytics outbound policy consumes for
|
|
@@ -6031,6 +6225,7 @@ declare interface ImageGenerationTool {
|
|
|
6031
6225
|
export declare abstract class InboundPolicy<
|
|
6032
6226
|
TOptions = any,
|
|
6033
6227
|
> extends PolicyBase<TOptions> {
|
|
6228
|
+
readonly direction: PolicyDirection;
|
|
6034
6229
|
/**
|
|
6035
6230
|
* The handler that is called each time this policy is invoked
|
|
6036
6231
|
*
|
|
@@ -6789,6 +6984,7 @@ declare type LokiTransportVersion = 1 | 2;
|
|
|
6789
6984
|
*/
|
|
6790
6985
|
export declare class McpAuth0OAuthInboundPolicy extends InboundPolicy<ValidatedAuth0OAuthOptions> {
|
|
6791
6986
|
#private;
|
|
6987
|
+
static readonly policyType = "mcp-auth0-oauth";
|
|
6792
6988
|
constructor(rawOptions: unknown, policyName: string);
|
|
6793
6989
|
handler(
|
|
6794
6990
|
request: ZuploRequest,
|
|
@@ -6967,6 +7163,7 @@ declare const mcpAuth0OAuthOptionsSchema: z.ZodObject<
|
|
|
6967
7163
|
*/
|
|
6968
7164
|
export declare class McpClerkOAuthInboundPolicy extends InboundPolicy<McpClerkOAuthInboundPolicyOptions> {
|
|
6969
7165
|
#private;
|
|
7166
|
+
static readonly policyType = "mcp-clerk-oauth";
|
|
6970
7167
|
constructor(rawOptions: unknown, policyName: string);
|
|
6971
7168
|
handler(
|
|
6972
7169
|
request: ZuploRequest,
|
|
@@ -7037,6 +7234,7 @@ export declare interface McpClerkOAuthInboundPolicyOptions {
|
|
|
7037
7234
|
*/
|
|
7038
7235
|
export declare class McpCognitoOAuthInboundPolicy extends InboundPolicy<McpCognitoOAuthInboundPolicyOptions> {
|
|
7039
7236
|
#private;
|
|
7237
|
+
static readonly policyType = "mcp-cognito-oauth";
|
|
7040
7238
|
constructor(rawOptions: unknown, policyName: string);
|
|
7041
7239
|
handler(
|
|
7042
7240
|
request: ZuploRequest,
|
|
@@ -7118,6 +7316,7 @@ export declare interface McpCognitoOAuthInboundPolicyOptions {
|
|
|
7118
7316
|
*/
|
|
7119
7317
|
export declare class McpEntraOAuthInboundPolicy extends InboundPolicy<McpEntraOAuthInboundPolicyOptions> {
|
|
7120
7318
|
#private;
|
|
7319
|
+
static readonly policyType = "mcp-entra-oauth";
|
|
7121
7320
|
constructor(rawOptions: unknown, policyName: string);
|
|
7122
7321
|
handler(
|
|
7123
7322
|
request: ZuploRequest,
|
|
@@ -7194,6 +7393,7 @@ export declare interface McpEntraOAuthInboundPolicyOptions {
|
|
|
7194
7393
|
*/
|
|
7195
7394
|
export declare class McpGoogleOAuthInboundPolicy extends InboundPolicy<McpGoogleOAuthInboundPolicyOptions> {
|
|
7196
7395
|
#private;
|
|
7396
|
+
static readonly policyType = "mcp-google-oauth";
|
|
7197
7397
|
constructor(rawOptions: unknown, policyName: string);
|
|
7198
7398
|
handler(
|
|
7199
7399
|
request: ZuploRequest,
|
|
@@ -7264,6 +7464,7 @@ export declare interface McpGoogleOAuthInboundPolicyOptions {
|
|
|
7264
7464
|
*/
|
|
7265
7465
|
export declare class McpKeycloakOAuthInboundPolicy extends InboundPolicy<McpKeycloakOAuthInboundPolicyOptions> {
|
|
7266
7466
|
#private;
|
|
7467
|
+
static readonly policyType = "mcp-keycloak-oauth";
|
|
7267
7468
|
constructor(rawOptions: unknown, policyName: string);
|
|
7268
7469
|
handler(
|
|
7269
7470
|
request: ZuploRequest,
|
|
@@ -7341,6 +7542,7 @@ export declare interface McpKeycloakOAuthInboundPolicyOptions {
|
|
|
7341
7542
|
*/
|
|
7342
7543
|
export declare class McpLogtoOAuthInboundPolicy extends InboundPolicy<McpLogtoOAuthInboundPolicyOptions> {
|
|
7343
7544
|
#private;
|
|
7545
|
+
static readonly policyType = "mcp-logto-oauth";
|
|
7344
7546
|
constructor(rawOptions: unknown, policyName: string);
|
|
7345
7547
|
handler(
|
|
7346
7548
|
request: ZuploRequest,
|
|
@@ -7419,6 +7621,7 @@ export declare interface McpLogtoOAuthInboundPolicyOptions {
|
|
|
7419
7621
|
* @product mcp-gateway
|
|
7420
7622
|
*/
|
|
7421
7623
|
export declare class McpOAuthInboundPolicy extends InboundPolicy<McpOAuthRuntimeConfig> {
|
|
7624
|
+
static readonly policyType = "mcp-oauth";
|
|
7422
7625
|
constructor(rawOptions: unknown, policyName: string);
|
|
7423
7626
|
handler(
|
|
7424
7627
|
request: ZuploRequest,
|
|
@@ -7695,6 +7898,7 @@ declare const mcpOAuthRuntimeConfigSchema: z.ZodObject<
|
|
|
7695
7898
|
*/
|
|
7696
7899
|
export declare class McpOktaOAuthInboundPolicy extends InboundPolicy<McpOktaOAuthInboundPolicyOptions> {
|
|
7697
7900
|
#private;
|
|
7901
|
+
static readonly policyType = "mcp-okta-oauth";
|
|
7698
7902
|
constructor(rawOptions: unknown, policyName: string);
|
|
7699
7903
|
handler(
|
|
7700
7904
|
request: ZuploRequest,
|
|
@@ -7772,6 +7976,7 @@ export declare interface McpOktaOAuthInboundPolicyOptions {
|
|
|
7772
7976
|
*/
|
|
7773
7977
|
export declare class McpOneLoginOAuthInboundPolicy extends InboundPolicy<McpOneLoginOAuthInboundPolicyOptions> {
|
|
7774
7978
|
#private;
|
|
7979
|
+
static readonly policyType = "mcp-onelogin-oauth";
|
|
7775
7980
|
constructor(rawOptions: unknown, policyName: string);
|
|
7776
7981
|
handler(
|
|
7777
7982
|
request: ZuploRequest,
|
|
@@ -7842,6 +8047,7 @@ export declare interface McpOneLoginOAuthInboundPolicyOptions {
|
|
|
7842
8047
|
*/
|
|
7843
8048
|
export declare class McpPingOAuthInboundPolicy extends InboundPolicy<McpPingOAuthInboundPolicyOptions> {
|
|
7844
8049
|
#private;
|
|
8050
|
+
static readonly policyType = "mcp-ping-oauth";
|
|
7845
8051
|
constructor(rawOptions: unknown, policyName: string);
|
|
7846
8052
|
handler(
|
|
7847
8053
|
request: ZuploRequest,
|
|
@@ -7967,6 +8173,7 @@ declare interface McpTool {
|
|
|
7967
8173
|
*/
|
|
7968
8174
|
export declare class McpWorkosOAuthInboundPolicy extends InboundPolicy<McpWorkosOAuthInboundPolicyOptions> {
|
|
7969
8175
|
#private;
|
|
8176
|
+
static readonly policyType = "mcp-workos-oauth";
|
|
7970
8177
|
constructor(rawOptions: unknown, policyName: string);
|
|
7971
8178
|
handler(
|
|
7972
8179
|
request: ZuploRequest,
|
|
@@ -8310,6 +8517,7 @@ export declare interface MoesifInboundPolicyOptions {
|
|
|
8310
8517
|
*/
|
|
8311
8518
|
export declare class MonetizationInboundPolicy extends InboundPolicy<MonetizationInboundPolicyOptions> {
|
|
8312
8519
|
#private;
|
|
8520
|
+
static readonly policyType = "monetization";
|
|
8313
8521
|
/**
|
|
8314
8522
|
* Set the monetization subscription data for the current request.
|
|
8315
8523
|
*
|
|
@@ -8632,6 +8840,7 @@ export declare interface OAuthProtectedResourcePluginOptions {
|
|
|
8632
8840
|
* @returns A Request or a Response
|
|
8633
8841
|
*/
|
|
8634
8842
|
export declare class OktaFGAAuthZInboundPolicy extends BaseOpenFGAAuthZInboundPolicy {
|
|
8843
|
+
static readonly policyType = "oktafga-authz";
|
|
8635
8844
|
constructor(options: OktaFGAAuthZInboundPolicyOptions, policyName: string);
|
|
8636
8845
|
}
|
|
8637
8846
|
|
|
@@ -9371,7 +9580,7 @@ declare namespace OpenAPIV3_1 {
|
|
|
9371
9580
|
* @returns A Request or a Response
|
|
9372
9581
|
*/
|
|
9373
9582
|
export declare class OpenFGAAuthZInboundPolicy extends BaseOpenFGAAuthZInboundPolicy {
|
|
9374
|
-
|
|
9583
|
+
static readonly policyType = "openfga-authz";
|
|
9375
9584
|
}
|
|
9376
9585
|
|
|
9377
9586
|
/**
|
|
@@ -9507,6 +9716,7 @@ export declare interface OpenIdJwtInboundPolicyOptions {
|
|
|
9507
9716
|
*/
|
|
9508
9717
|
export declare class OpenMeterInboundPolicy extends InboundPolicy<OpenMeterInboundPolicyOptions> {
|
|
9509
9718
|
#private;
|
|
9719
|
+
static readonly policyType = "openmeter-metering";
|
|
9510
9720
|
constructor(options: OpenMeterInboundPolicyOptions, policyName: string);
|
|
9511
9721
|
handler(
|
|
9512
9722
|
request: ZuploRequest<RequestGeneric>,
|
|
@@ -9692,6 +9902,7 @@ export declare class OTelMetricsPlugin extends MetricsPlugin {
|
|
|
9692
9902
|
export declare abstract class OutboundPolicy<
|
|
9693
9903
|
TOptions = any,
|
|
9694
9904
|
> extends PolicyBase<TOptions> {
|
|
9905
|
+
readonly direction: PolicyDirection;
|
|
9695
9906
|
/**
|
|
9696
9907
|
* The handler that is called each time this policy is invoked
|
|
9697
9908
|
*
|
|
@@ -9818,16 +10029,11 @@ declare interface ParsedRouteData extends Omit<RouteData, "corsPolicies"> {
|
|
|
9818
10029
|
/* Excluded from this release type: getInboundPolicyInstance */
|
|
9819
10030
|
}
|
|
9820
10031
|
|
|
9821
|
-
/**
|
|
9822
|
-
* The base class for inbound and outbound policies.
|
|
9823
|
-
* Provides common functionality for all policy types.
|
|
9824
|
-
*
|
|
9825
|
-
* @public
|
|
9826
|
-
*/
|
|
9827
10032
|
declare abstract class PolicyBase<TOptions = any> {
|
|
9828
10033
|
options: TOptions;
|
|
9829
10034
|
policyName: string;
|
|
9830
|
-
|
|
10035
|
+
/* Excluded from this release type: policyType */
|
|
10036
|
+
/* Excluded from this release type: direction */
|
|
9831
10037
|
/* Excluded from this release type: __constructor */
|
|
9832
10038
|
}
|
|
9833
10039
|
|
|
@@ -9841,6 +10047,22 @@ export declare interface PolicyConfiguration {
|
|
|
9841
10047
|
options?: unknown;
|
|
9842
10048
|
}
|
|
9843
10049
|
|
|
10050
|
+
/**
|
|
10051
|
+
* The base class for inbound and outbound policies.
|
|
10052
|
+
* Provides common functionality for all policy types.
|
|
10053
|
+
*
|
|
10054
|
+
* @public
|
|
10055
|
+
*/
|
|
10056
|
+
/**
|
|
10057
|
+
* The pipeline phase a policy runs in. Inbound policies run on the request
|
|
10058
|
+
* before the handler; outbound policies run on the response after it. This is
|
|
10059
|
+
* determined structurally by whether a policy extends {@link InboundPolicy} or
|
|
10060
|
+
* {@link OutboundPolicy}, so it can never drift from the policy's real phase.
|
|
10061
|
+
*
|
|
10062
|
+
* @public
|
|
10063
|
+
*/
|
|
10064
|
+
declare type PolicyDirection = "inbound" | "outbound";
|
|
10065
|
+
|
|
9844
10066
|
/**
|
|
9845
10067
|
* @public
|
|
9846
10068
|
*/
|
|
@@ -10118,7 +10340,7 @@ declare interface QuotaFallbackModels {
|
|
|
10118
10340
|
*/
|
|
10119
10341
|
export declare class QuotaInboundPolicy extends InboundPolicy<QuotaInboundPolicyOptions> {
|
|
10120
10342
|
#private;
|
|
10121
|
-
|
|
10343
|
+
static readonly policyType = "quota";
|
|
10122
10344
|
handler(
|
|
10123
10345
|
request: ZuploRequest<RequestGeneric>,
|
|
10124
10346
|
context: ZuploContext
|
|
@@ -10416,6 +10638,28 @@ export declare function ReadmeMetricsInboundPolicy(
|
|
|
10416
10638
|
policyName: string
|
|
10417
10639
|
): Promise<ZuploRequest<RequestGeneric_2>>;
|
|
10418
10640
|
|
|
10641
|
+
/**
|
|
10642
|
+
* Record the GraphQL response-cache outcome for the in-flight operation so
|
|
10643
|
+
* the analytics middleware can emit it as the `cacheState` dimension on the
|
|
10644
|
+
* `graphql_operation` event.
|
|
10645
|
+
*
|
|
10646
|
+
* Called by the Zuplo-provided GraphQL Cache policy (`graphql-cache-inbound`,
|
|
10647
|
+
* in the `@zuplo/graphql` package) the moment it resolves a cache hit or
|
|
10648
|
+
* miss — synchronously during inbound processing, before the analytics
|
|
10649
|
+
* middleware finalizes the event. Mirrors how the GraphQL Analytics outbound
|
|
10650
|
+
* policy feeds errors through {@link getOperationContext}.
|
|
10651
|
+
*
|
|
10652
|
+
* No-op when the request isn't running the GraphQL analytics middleware (the
|
|
10653
|
+
* route lacks the `x-graphql: true` marker, so there's no operation context to
|
|
10654
|
+
* write to), so it's always safe to call.
|
|
10655
|
+
*
|
|
10656
|
+
* @public
|
|
10657
|
+
*/
|
|
10658
|
+
export declare function recordGraphqlCacheState(
|
|
10659
|
+
context: ZuploContext,
|
|
10660
|
+
cacheState: GraphqlCacheState
|
|
10661
|
+
): void;
|
|
10662
|
+
|
|
10419
10663
|
/**
|
|
10420
10664
|
* Handler that returns HTTP redirects.
|
|
10421
10665
|
* Useful for URL shortening, legacy URL handling, or routing to external services.
|
|
@@ -11367,7 +11611,7 @@ export declare type SemanticCacheInboundPolicyOptions = {
|
|
|
11367
11611
|
};
|
|
11368
11612
|
|
|
11369
11613
|
/**
|
|
11370
|
-
*
|
|
11614
|
+
* The semantic similarity threshold for semantic cache matches. Values closer to 0 require closer similarity, while larger values allow more flexible matching. Default is 0.2.
|
|
11371
11615
|
* @public
|
|
11372
11616
|
*/
|
|
11373
11617
|
declare type SemanticTolerance = number;
|
|
@@ -11422,7 +11666,7 @@ export declare interface SetBodyInboundPolicyOptions {
|
|
|
11422
11666
|
* @param policyName - The name of the policy as set in policies.json
|
|
11423
11667
|
* @returns A Request or a Response
|
|
11424
11668
|
*/
|
|
11425
|
-
export declare const SetHeadersInboundPolicy:
|
|
11669
|
+
export declare const SetHeadersInboundPolicy: InboundPolicyHandler_2<SetHeadersInboundPolicyOptions>;
|
|
11426
11670
|
|
|
11427
11671
|
/**
|
|
11428
11672
|
* The options for this policy.
|
|
@@ -11810,10 +12054,7 @@ export declare class StreamingZoneCache {
|
|
|
11810
12054
|
* @returns A Request or a Response
|
|
11811
12055
|
*/
|
|
11812
12056
|
export declare class StripeWebhookVerificationInboundPolicy extends InboundPolicy<StripeWebhookVerificationInboundPolicyOptions> {
|
|
11813
|
-
|
|
11814
|
-
options: StripeWebhookVerificationInboundPolicyOptions,
|
|
11815
|
-
policyName: string
|
|
11816
|
-
);
|
|
12057
|
+
static readonly policyType = "stripe-webhook-verification";
|
|
11817
12058
|
handler(
|
|
11818
12059
|
request: ZuploRequest,
|
|
11819
12060
|
context: ZuploContext
|
|
@@ -12177,6 +12418,7 @@ export declare interface UpstreamFirebaseUserAuthInboundPolicyOptions {
|
|
|
12177
12418
|
* @returns A Request or a Response
|
|
12178
12419
|
*/
|
|
12179
12420
|
export declare class UpstreamGcpFederatedAuthInboundPolicy extends InboundPolicy<UpstreamGcpFederatedAuthInboundPolicyOptions> {
|
|
12421
|
+
static readonly policyType = "upstream-gcp-federated-auth";
|
|
12180
12422
|
private cacheName;
|
|
12181
12423
|
private normalizedWorkloadIdentityProvider;
|
|
12182
12424
|
constructor(
|
|
@@ -12332,6 +12574,7 @@ export declare interface UpstreamGcpServiceAuthInboundPolicyOptions {
|
|
|
12332
12574
|
* @returns A ZuploRequest
|
|
12333
12575
|
*/
|
|
12334
12576
|
export declare class UpstreamZuploJwtAuthInboundPolicy extends InboundPolicy<UpstreamZuploJwtAuthInboundPolicyOptions> {
|
|
12577
|
+
static readonly policyType = "upstream-zuplo-jwt";
|
|
12335
12578
|
constructor(
|
|
12336
12579
|
options: UpstreamZuploJwtAuthInboundPolicyOptions,
|
|
12337
12580
|
policyName: string
|
|
@@ -12833,6 +13076,7 @@ declare interface XacmlRequest {
|
|
|
12833
13076
|
* @returns A Request or a Response
|
|
12834
13077
|
*/
|
|
12835
13078
|
export declare class XmlToJsonOutboundPolicy extends OutboundPolicy<XmlToJsonPolicyOptions> {
|
|
13079
|
+
static readonly policyType = "xml-to-json";
|
|
12836
13080
|
private parser;
|
|
12837
13081
|
private parseOnStatusCodes;
|
|
12838
13082
|
constructor(options: XmlToJsonPolicyOptions, policyName: string);
|