agents 0.13.3 → 0.14.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -4
- package/dist/{agent-tool-types-l98LCbBl.d.ts → agent-tool-types-BAJWu8s4.d.ts} +474 -117
- package/dist/agent-tool-types.d.ts +13 -11
- package/dist/{agent-tools-Bg5ilERh.d.ts → agent-tools-0R6KEert.d.ts} +2 -2
- package/dist/{agent-tools-BAdX1vdI.js → agent-tools-DYrkT-Kx.js} +46 -6
- package/dist/agent-tools-DYrkT-Kx.js.map +1 -0
- package/dist/agent-tools.d.ts +14 -20
- package/dist/agent-tools.js +10 -6
- package/dist/agent-tools.js.map +1 -1
- package/dist/browser/ai.d.ts +1 -1
- package/dist/browser/ai.js +1 -1
- package/dist/browser/index.d.ts +1 -1
- package/dist/browser/index.js +1 -1
- package/dist/browser/tanstack-ai.d.ts +1 -1
- package/dist/browser/tanstack-ai.js +1 -1
- package/dist/chat/index.d.ts +162 -19
- package/dist/chat/index.js +97 -13
- package/dist/chat/index.js.map +1 -1
- package/dist/chat-sdk/index.d.ts +5 -5
- package/dist/chat-sdk/index.js +2 -2
- package/dist/chat-sdk/index.js.map +1 -1
- package/dist/{classPrivateFieldGet2-Evpt0SEr.js → classPrivateFieldGet2-D_obpP6O.js} +5 -5
- package/dist/classPrivateMethodInitSpec-10iTYB7F.js +7 -0
- package/dist/{client-D1kFXo80.js → client-FUizKzj2.js} +299 -95
- package/dist/client-FUizKzj2.js.map +1 -0
- package/dist/client.d.ts +1 -1
- package/dist/{compaction-helpers-B-pG5J22.d.ts → compaction-helpers-BEUILPss.d.ts} +59 -33
- package/dist/{compaction-helpers-fJyf8j4m.js → compaction-helpers-iiKMr2TQ.js} +22 -3
- package/dist/compaction-helpers-iiKMr2TQ.js.map +1 -0
- package/dist/{do-oauth-client-provider-4OKQU9rT.d.ts → do-oauth-client-provider-D4ZwyBDu.d.ts} +21 -1
- package/dist/{email-J0GGS3sa.d.ts → email-CL27preh.d.ts} +1 -1
- package/dist/email.d.ts +2 -2
- package/dist/experimental/memory/session/index.d.ts +30 -25
- package/dist/experimental/memory/session/index.js +7 -2
- package/dist/experimental/memory/session/index.js.map +1 -1
- package/dist/experimental/memory/utils/index.d.ts +12 -10
- package/dist/experimental/memory/utils/index.js +2 -2
- package/dist/{index-DKey3P4s.d.ts → index-RJ4OxMOe.d.ts} +270 -1
- package/dist/index.d.ts +74 -67
- package/dist/index.js +485 -64
- package/dist/index.js.map +1 -1
- package/dist/{internal_context-BZrMS0B5.d.ts → internal_context-Dg4Cgjcu.d.ts} +1 -1
- package/dist/internal_context.d.ts +1 -1
- package/dist/mcp/client.d.ts +17 -13
- package/dist/mcp/client.js +2 -2
- package/dist/mcp/do-oauth-client-provider.d.ts +1 -1
- package/dist/mcp/do-oauth-client-provider.js +143 -17
- package/dist/mcp/do-oauth-client-provider.js.map +1 -1
- package/dist/mcp/index.d.ts +35 -27
- package/dist/mcp/index.js +402 -69
- package/dist/mcp/index.js.map +1 -1
- package/dist/observability/index.d.ts +1 -1
- package/dist/observability/index.js +15 -1
- package/dist/observability/index.js.map +1 -1
- package/dist/react.d.ts +3 -3
- package/dist/react.js +1 -1
- package/dist/{retries-BVdRl5ZE.d.ts → retries-CF_HKSlJ.d.ts} +1 -1
- package/dist/retries.d.ts +1 -1
- package/dist/serializable.d.ts +1 -1
- package/dist/{shared-Cvj92byG.d.ts → shared-4CAYLCTO.d.ts} +1 -1
- package/dist/{shared-CiKaIK4h.js → shared-BIpUk4G5.js} +3 -7
- package/dist/{shared-CiKaIK4h.js.map → shared-BIpUk4G5.js.map} +1 -1
- package/dist/skills/index.d.ts +236 -0
- package/dist/skills/index.js +1326 -0
- package/dist/skills/index.js.map +1 -0
- package/dist/sub-routing.d.ts +6 -6
- package/dist/{tool-output-truncation-CH-khbZ3.js → tool-output-truncation-CNnnGZQ3.js} +1 -1
- package/dist/{tool-output-truncation-CH-khbZ3.js.map → tool-output-truncation-CNnnGZQ3.js.map} +1 -1
- package/dist/{types-_JjKmv-l.d.ts → types-6Zo2zfoO.d.ts} +1 -1
- package/dist/types.d.ts +1 -1
- package/dist/vite.d.ts +1 -1
- package/dist/vite.js +248 -2
- package/dist/vite.js.map +1 -1
- package/dist/{workflow-types-Dkzg4hAx.d.ts → workflow-types-SrZK_o9p.d.ts} +1 -1
- package/dist/workflow-types.d.ts +1 -1
- package/dist/workflows.d.ts +13 -3
- package/dist/workflows.js +10 -1
- package/dist/workflows.js.map +1 -1
- package/package.json +31 -13
- package/skills-module.d.ts +22 -0
- package/dist/agent-tools-BAdX1vdI.js.map +0 -1
- package/dist/client-D1kFXo80.js.map +0 -1
- package/dist/compaction-helpers-fJyf8j4m.js.map +0 -1
package/dist/mcp/client.d.ts
CHANGED
|
@@ -1,16 +1,18 @@
|
|
|
1
1
|
import {
|
|
2
|
-
_t as
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
ut as
|
|
13
|
-
|
|
2
|
+
_t as MCP_SERVER_ID_MAX_LENGTH,
|
|
3
|
+
bt as normalizeServerId,
|
|
4
|
+
ct as MCPClientManager,
|
|
5
|
+
dt as MCPClientOAuthResult,
|
|
6
|
+
ft as MCPConnectionResult,
|
|
7
|
+
gt as MCPServerOptions,
|
|
8
|
+
ht as MCPServerFilter,
|
|
9
|
+
lt as MCPClientManagerOptions,
|
|
10
|
+
mt as MCPOAuthCallbackResult,
|
|
11
|
+
pt as MCPDiscoverResult,
|
|
12
|
+
ut as MCPClientOAuthCallbackConfig,
|
|
13
|
+
vt as RegisterServerOptions,
|
|
14
|
+
yt as getNamespacedData
|
|
15
|
+
} from "../agent-tool-types-BAJWu8s4.js";
|
|
14
16
|
export {
|
|
15
17
|
MCPClientManager,
|
|
16
18
|
MCPClientManagerOptions,
|
|
@@ -21,6 +23,8 @@ export {
|
|
|
21
23
|
MCPOAuthCallbackResult,
|
|
22
24
|
MCPServerFilter,
|
|
23
25
|
MCPServerOptions,
|
|
26
|
+
MCP_SERVER_ID_MAX_LENGTH,
|
|
24
27
|
RegisterServerOptions,
|
|
25
|
-
getNamespacedData
|
|
28
|
+
getNamespacedData,
|
|
29
|
+
normalizeServerId
|
|
26
30
|
};
|
package/dist/mcp/client.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import { n as getNamespacedData, t as MCPClientManager } from "../client-
|
|
2
|
-
export { MCPClientManager, getNamespacedData };
|
|
1
|
+
import { i as normalizeServerId, n as MCP_SERVER_ID_MAX_LENGTH, r as getNamespacedData, t as MCPClientManager } from "../client-FUizKzj2.js";
|
|
2
|
+
export { MCPClientManager, MCP_SERVER_ID_MAX_LENGTH, getNamespacedData, normalizeServerId };
|
|
@@ -2,7 +2,7 @@ import {
|
|
|
2
2
|
n as AgentsOAuthProvider,
|
|
3
3
|
r as DurableObjectOAuthClientProvider,
|
|
4
4
|
t as AgentMcpOAuthProvider
|
|
5
|
-
} from "../do-oauth-client-provider-
|
|
5
|
+
} from "../do-oauth-client-provider-D4ZwyBDu.js";
|
|
6
6
|
export {
|
|
7
7
|
AgentMcpOAuthProvider,
|
|
8
8
|
AgentsOAuthProvider,
|
|
@@ -1,6 +1,30 @@
|
|
|
1
|
+
import { AsyncLocalStorage } from "node:async_hooks";
|
|
1
2
|
import { nanoid } from "nanoid";
|
|
2
3
|
//#region src/mcp/do-oauth-client-provider.ts
|
|
3
4
|
const STATE_EXPIRATION_MS = 600 * 1e3;
|
|
5
|
+
const codeVerifierStateStorage = new AsyncLocalStorage();
|
|
6
|
+
function parseOAuthState(state) {
|
|
7
|
+
const parts = state.split(".");
|
|
8
|
+
if (parts.length !== 2) return;
|
|
9
|
+
const [nonce, serverId] = parts;
|
|
10
|
+
if (!nonce || !serverId) return;
|
|
11
|
+
return {
|
|
12
|
+
nonce,
|
|
13
|
+
serverId
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
function base64UrlEncode(bytes) {
|
|
17
|
+
let binary = "";
|
|
18
|
+
for (const byte of bytes) binary += String.fromCharCode(byte);
|
|
19
|
+
return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
20
|
+
}
|
|
21
|
+
async function createCodeChallenge(verifier) {
|
|
22
|
+
const digest = await crypto.subtle.digest("SHA-256", new TextEncoder().encode(verifier));
|
|
23
|
+
return base64UrlEncode(new Uint8Array(digest));
|
|
24
|
+
}
|
|
25
|
+
function isExpired(createdAt) {
|
|
26
|
+
return Date.now() - createdAt > STATE_EXPIRATION_MS;
|
|
27
|
+
}
|
|
4
28
|
var DurableObjectOAuthClientProvider = class {
|
|
5
29
|
constructor(storage, clientName, baseRedirectUrl) {
|
|
6
30
|
this.storage = storage;
|
|
@@ -80,12 +104,12 @@ var DurableObjectOAuthClientProvider = class {
|
|
|
80
104
|
return state;
|
|
81
105
|
}
|
|
82
106
|
async checkState(state) {
|
|
83
|
-
const
|
|
84
|
-
if (
|
|
107
|
+
const parsed = parseOAuthState(state);
|
|
108
|
+
if (!parsed) return {
|
|
85
109
|
valid: false,
|
|
86
110
|
error: "Invalid state format"
|
|
87
111
|
};
|
|
88
|
-
const
|
|
112
|
+
const { nonce, serverId } = parsed;
|
|
89
113
|
const key = this.stateKey(nonce);
|
|
90
114
|
const storedState = await this.storage.get(key);
|
|
91
115
|
if (!storedState) return {
|
|
@@ -99,8 +123,10 @@ var DurableObjectOAuthClientProvider = class {
|
|
|
99
123
|
error: "State serverId mismatch"
|
|
100
124
|
};
|
|
101
125
|
}
|
|
102
|
-
if (
|
|
103
|
-
|
|
126
|
+
if (isExpired(storedState.createdAt)) {
|
|
127
|
+
const deleteKeys = [key];
|
|
128
|
+
if (this._clientId_) deleteKeys.push(this.stateCodeVerifierKey(this.clientId, nonce));
|
|
129
|
+
await this.storage.delete(deleteKeys);
|
|
104
130
|
return {
|
|
105
131
|
valid: false,
|
|
106
132
|
error: "State expired"
|
|
@@ -112,40 +138,140 @@ var DurableObjectOAuthClientProvider = class {
|
|
|
112
138
|
};
|
|
113
139
|
}
|
|
114
140
|
async consumeState(state) {
|
|
115
|
-
const
|
|
116
|
-
if (
|
|
141
|
+
const parsed = parseOAuthState(state);
|
|
142
|
+
if (!parsed) {
|
|
117
143
|
console.warn(`[OAuth] consumeState called with invalid state format`);
|
|
118
144
|
return;
|
|
119
145
|
}
|
|
120
|
-
|
|
121
|
-
await this.storage.delete(this.stateKey(nonce));
|
|
146
|
+
await this.storage.delete(this.stateKey(parsed.nonce));
|
|
122
147
|
}
|
|
123
148
|
async redirectToAuthorization(authUrl) {
|
|
124
149
|
this._authUrl_ = authUrl.toString();
|
|
150
|
+
const clientId = this._clientId_;
|
|
151
|
+
const serverId = this._serverId_;
|
|
152
|
+
if (!clientId || !serverId) return;
|
|
153
|
+
const state = authUrl.searchParams.get("state");
|
|
154
|
+
const codeChallenge = authUrl.searchParams.get("code_challenge");
|
|
155
|
+
if (!state || !codeChallenge) return;
|
|
156
|
+
const parsed = parseOAuthState(state);
|
|
157
|
+
if (!parsed || parsed.serverId !== serverId) return;
|
|
158
|
+
const challengeKey = this.challengeCodeVerifierKey(clientId, codeChallenge);
|
|
159
|
+
const pendingVerifier = await this.storage.get(challengeKey);
|
|
160
|
+
if (!pendingVerifier) return;
|
|
161
|
+
if (isExpired(pendingVerifier.createdAt)) {
|
|
162
|
+
await this.storage.delete(challengeKey);
|
|
163
|
+
return;
|
|
164
|
+
}
|
|
165
|
+
await this.storage.put(this.stateCodeVerifierKey(clientId, parsed.nonce), pendingVerifier);
|
|
166
|
+
await this.storage.delete(challengeKey);
|
|
125
167
|
}
|
|
126
168
|
async invalidateCredentials(scope) {
|
|
127
169
|
if (!this._clientId_) return;
|
|
128
170
|
const deleteKeys = [];
|
|
129
171
|
if (scope === "all" || scope === "client") deleteKeys.push(this.clientInfoKey(this.clientId));
|
|
130
172
|
if (scope === "all" || scope === "tokens") deleteKeys.push(this.tokenKey(this.clientId));
|
|
131
|
-
if (scope === "all" || scope === "verifier") deleteKeys.push(this.
|
|
173
|
+
if (scope === "all" || scope === "verifier") deleteKeys.push(...await this.codeVerifierKeys(this.clientId, { includeChallengeKeys: true }));
|
|
132
174
|
if (deleteKeys.length > 0) await this.storage.delete(deleteKeys);
|
|
133
175
|
}
|
|
134
176
|
codeVerifierKey(clientId) {
|
|
135
177
|
return `${this.keyPrefix(clientId)}/code_verifier`;
|
|
136
178
|
}
|
|
179
|
+
stateCodeVerifierPrefix(clientId) {
|
|
180
|
+
return `${this.keyPrefix(clientId)}/code_verifier/`;
|
|
181
|
+
}
|
|
182
|
+
stateCodeVerifierKey(clientId, nonce) {
|
|
183
|
+
return `${this.stateCodeVerifierPrefix(clientId)}${nonce}`;
|
|
184
|
+
}
|
|
185
|
+
challengeCodeVerifierPrefix(clientId) {
|
|
186
|
+
return `${this.keyPrefix(clientId)}/code_verifier_challenge/`;
|
|
187
|
+
}
|
|
188
|
+
challengeCodeVerifierKey(clientId, codeChallenge) {
|
|
189
|
+
return `${this.challengeCodeVerifierPrefix(clientId)}${codeChallenge}`;
|
|
190
|
+
}
|
|
191
|
+
async codeVerifierKeys(clientId, options = {}) {
|
|
192
|
+
const legacyKey = this.codeVerifierKey(clientId);
|
|
193
|
+
const keys = [];
|
|
194
|
+
if (await this.storage.get(legacyKey)) keys.push(legacyKey);
|
|
195
|
+
const stateKeys = await this.storage.list({ prefix: this.stateCodeVerifierPrefix(clientId) });
|
|
196
|
+
keys.push(...stateKeys.keys());
|
|
197
|
+
if (options.includeChallengeKeys) {
|
|
198
|
+
const challengeKeys = await this.storage.list({ prefix: this.challengeCodeVerifierPrefix(clientId) });
|
|
199
|
+
keys.push(...challengeKeys.keys());
|
|
200
|
+
}
|
|
201
|
+
return keys;
|
|
202
|
+
}
|
|
137
203
|
async saveCodeVerifier(verifier) {
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
204
|
+
await this.deleteExpiredChallengeCodeVerifiers(this.clientId);
|
|
205
|
+
const codeChallenge = await createCodeChallenge(verifier);
|
|
206
|
+
const storedVerifier = {
|
|
207
|
+
verifier,
|
|
208
|
+
createdAt: Date.now()
|
|
209
|
+
};
|
|
210
|
+
await this.storage.put(this.challengeCodeVerifierKey(this.clientId, codeChallenge), storedVerifier);
|
|
211
|
+
}
|
|
212
|
+
async deleteExpiredChallengeCodeVerifiers(clientId) {
|
|
213
|
+
const expiredKeys = [...(await this.storage.list({ prefix: this.challengeCodeVerifierPrefix(clientId) })).entries()].filter(([, storedVerifier]) => isExpired(storedVerifier.createdAt)).map(([key]) => key);
|
|
214
|
+
if (expiredKeys.length > 0) await this.storage.delete(expiredKeys);
|
|
141
215
|
}
|
|
142
216
|
async codeVerifier() {
|
|
143
|
-
const
|
|
144
|
-
if (
|
|
145
|
-
|
|
217
|
+
const context = codeVerifierStateStorage.getStore();
|
|
218
|
+
if (context) {
|
|
219
|
+
const stateVerifier = await this.codeVerifierForState(context.state);
|
|
220
|
+
if (stateVerifier) {
|
|
221
|
+
context.servedKey = stateVerifier.key;
|
|
222
|
+
return stateVerifier.verifier;
|
|
223
|
+
}
|
|
224
|
+
}
|
|
225
|
+
const legacyVerifier = await this.storage.get(this.codeVerifierKey(this.clientId));
|
|
226
|
+
if (legacyVerifier) {
|
|
227
|
+
if (context) context.servedKey = this.codeVerifierKey(this.clientId);
|
|
228
|
+
return legacyVerifier;
|
|
229
|
+
}
|
|
230
|
+
if (context) throw new Error("No code verifier found for OAuth state");
|
|
231
|
+
const pendingVerifiers = await this.storage.list({ prefix: this.stateCodeVerifierPrefix(this.clientId) });
|
|
232
|
+
const unexpiredPendingVerifiers = [...pendingVerifiers.entries()].filter(([, storedVerifier]) => !isExpired(storedVerifier.createdAt));
|
|
233
|
+
const expiredKeys = [...pendingVerifiers.entries()].filter(([, storedVerifier]) => isExpired(storedVerifier.createdAt)).map(([key]) => key);
|
|
234
|
+
if (expiredKeys.length > 0) await this.storage.delete(expiredKeys);
|
|
235
|
+
if (unexpiredPendingVerifiers.length === 1) {
|
|
236
|
+
const [[, storedVerifier]] = unexpiredPendingVerifiers;
|
|
237
|
+
return storedVerifier.verifier;
|
|
238
|
+
}
|
|
239
|
+
if (unexpiredPendingVerifiers.length > 1) throw new Error("Multiple OAuth code verifiers are pending; complete authorization with the callback state");
|
|
240
|
+
throw new Error("No code verifier found");
|
|
241
|
+
}
|
|
242
|
+
async codeVerifierForState(state) {
|
|
243
|
+
const parsed = parseOAuthState(state);
|
|
244
|
+
if (!parsed) throw new Error("Invalid state format");
|
|
245
|
+
const key = this.stateCodeVerifierKey(this.clientId, parsed.nonce);
|
|
246
|
+
const storedVerifier = await this.storage.get(key);
|
|
247
|
+
if (!storedVerifier) return;
|
|
248
|
+
if (isExpired(storedVerifier.createdAt)) {
|
|
249
|
+
await this.storage.delete(key);
|
|
250
|
+
throw new Error("Code verifier expired");
|
|
251
|
+
}
|
|
252
|
+
return {
|
|
253
|
+
key,
|
|
254
|
+
verifier: storedVerifier.verifier
|
|
255
|
+
};
|
|
256
|
+
}
|
|
257
|
+
async runWithCodeVerifierState(state, callback) {
|
|
258
|
+
return codeVerifierStateStorage.run({ state }, callback);
|
|
146
259
|
}
|
|
147
260
|
async deleteCodeVerifier() {
|
|
148
|
-
|
|
261
|
+
const context = codeVerifierStateStorage.getStore();
|
|
262
|
+
if (context?.servedKey) {
|
|
263
|
+
await this.storage.delete(context.servedKey);
|
|
264
|
+
return;
|
|
265
|
+
}
|
|
266
|
+
if (context) {
|
|
267
|
+
const parsed = parseOAuthState(context.state);
|
|
268
|
+
if (parsed) {
|
|
269
|
+
await this.storage.delete(this.stateCodeVerifierKey(this.clientId, parsed.nonce));
|
|
270
|
+
return;
|
|
271
|
+
}
|
|
272
|
+
}
|
|
273
|
+
const keys = await this.codeVerifierKeys(this.clientId);
|
|
274
|
+
if (keys.length > 0) await this.storage.delete(keys);
|
|
149
275
|
}
|
|
150
276
|
};
|
|
151
277
|
//#endregion
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"do-oauth-client-provider.js","names":[],"sources":["../../src/mcp/do-oauth-client-provider.ts"],"sourcesContent":["import type { OAuthClientProvider } from \"@modelcontextprotocol/sdk/client/auth.js\";\nimport type {\n OAuthClientInformation,\n OAuthClientInformationFull,\n OAuthClientMetadata,\n OAuthTokens\n} from \"@modelcontextprotocol/sdk/shared/auth.js\";\nimport { nanoid } from \"nanoid\";\n\nconst STATE_EXPIRATION_MS = 10 * 60 * 1000; // 10 minutes\n\ninterface StoredState {\n nonce: string;\n serverId: string;\n createdAt: number;\n}\n\n// A slight extension to the standard OAuthClientProvider interface because `redirectToAuthorization` doesn't give us the interface we need\n// This allows us to track authentication for a specific server and associated dynamic client registration\nexport interface AgentMcpOAuthProvider extends OAuthClientProvider {\n authUrl: string | undefined;\n clientId: string | undefined;\n serverId: string | undefined;\n checkState(\n state: string\n ): Promise<{ valid: boolean; serverId?: string; error?: string }>;\n consumeState(state: string): Promise<void>;\n deleteCodeVerifier(): Promise<void>;\n}\n\n/**\n * @deprecated Use {@link AgentMcpOAuthProvider} instead.\n */\nexport type AgentsOAuthProvider = AgentMcpOAuthProvider;\n\nexport class DurableObjectOAuthClientProvider implements AgentMcpOAuthProvider {\n private _authUrl_: string | undefined;\n private _serverId_: string | undefined;\n private _clientId_: string | undefined;\n\n constructor(\n public storage: DurableObjectStorage,\n public clientName: string,\n public baseRedirectUrl: string\n ) {\n if (!storage) {\n throw new Error(\n \"DurableObjectOAuthClientProvider requires a valid DurableObjectStorage instance\"\n );\n }\n }\n\n get clientMetadata(): OAuthClientMetadata {\n return {\n client_name: this.clientName,\n client_uri: this.clientUri,\n grant_types: [\"authorization_code\", \"refresh_token\"],\n redirect_uris: [this.redirectUrl],\n response_types: [\"code\"],\n token_endpoint_auth_method: \"none\"\n };\n }\n\n get clientUri() {\n return new URL(this.redirectUrl).origin;\n }\n\n get redirectUrl() {\n return this.baseRedirectUrl;\n }\n\n get clientId() {\n if (!this._clientId_) {\n throw new Error(\"Trying to access clientId before it was set\");\n }\n return this._clientId_;\n }\n\n set clientId(clientId_: string) {\n this._clientId_ = clientId_;\n }\n\n get serverId() {\n if (!this._serverId_) {\n throw new Error(\"Trying to access serverId before it was set\");\n }\n return this._serverId_;\n }\n\n set serverId(serverId_: string) {\n this._serverId_ = serverId_;\n }\n\n keyPrefix(clientId: string) {\n return `/${this.clientName}/${this.serverId}/${clientId}`;\n }\n\n clientInfoKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/client_info/`;\n }\n\n async clientInformation(): Promise<OAuthClientInformation | undefined> {\n if (!this._clientId_) {\n return undefined;\n }\n return (\n (await this.storage.get<OAuthClientInformation>(\n this.clientInfoKey(this.clientId)\n )) ?? undefined\n );\n }\n\n async saveClientInformation(\n clientInformation: OAuthClientInformationFull\n ): Promise<void> {\n await this.storage.put(\n this.clientInfoKey(clientInformation.client_id),\n clientInformation\n );\n this.clientId = clientInformation.client_id;\n }\n\n tokenKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/token`;\n }\n\n async tokens(): Promise<OAuthTokens | undefined> {\n if (!this._clientId_) {\n return undefined;\n }\n return (\n (await this.storage.get<OAuthTokens>(this.tokenKey(this.clientId))) ??\n undefined\n );\n }\n\n async saveTokens(tokens: OAuthTokens): Promise<void> {\n await this.storage.put(this.tokenKey(this.clientId), tokens);\n }\n\n get authUrl() {\n return this._authUrl_;\n }\n\n stateKey(nonce: string) {\n return `/${this.clientName}/${this.serverId}/state/${nonce}`;\n }\n\n async state(): Promise<string> {\n const nonce = nanoid();\n const state = `${nonce}.${this.serverId}`;\n const storedState: StoredState = {\n nonce,\n serverId: this.serverId,\n createdAt: Date.now()\n };\n await this.storage.put(this.stateKey(nonce), storedState);\n return state;\n }\n\n async checkState(\n state: string\n ): Promise<{ valid: boolean; serverId?: string; error?: string }> {\n const parts = state.split(\".\");\n if (parts.length !== 2) {\n return { valid: false, error: \"Invalid state format\" };\n }\n\n const [nonce, serverId] = parts;\n const key = this.stateKey(nonce);\n const storedState = await this.storage.get<StoredState>(key);\n\n if (!storedState) {\n return { valid: false, error: \"State not found or already used\" };\n }\n\n if (storedState.serverId !== serverId) {\n await this.storage.delete(key);\n return { valid: false, error: \"State serverId mismatch\" };\n }\n\n const age = Date.now() - storedState.createdAt;\n if (age > STATE_EXPIRATION_MS) {\n await this.storage.delete(key);\n return { valid: false, error: \"State expired\" };\n }\n\n return { valid: true, serverId };\n }\n\n async consumeState(state: string): Promise<void> {\n const parts = state.split(\".\");\n if (parts.length !== 2) {\n // This should never happen since checkState validates format first.\n // Log for debugging but don't throw - state consumption is best-effort.\n console.warn(`[OAuth] consumeState called with invalid state format`);\n return;\n }\n const [nonce] = parts;\n await this.storage.delete(this.stateKey(nonce));\n }\n\n async redirectToAuthorization(authUrl: URL): Promise<void> {\n this._authUrl_ = authUrl.toString();\n }\n\n async invalidateCredentials(\n scope: \"all\" | \"client\" | \"tokens\" | \"verifier\"\n ): Promise<void> {\n if (!this._clientId_) return;\n\n const deleteKeys: string[] = [];\n\n if (scope === \"all\" || scope === \"client\") {\n deleteKeys.push(this.clientInfoKey(this.clientId));\n }\n if (scope === \"all\" || scope === \"tokens\") {\n deleteKeys.push(this.tokenKey(this.clientId));\n }\n if (scope === \"all\" || scope === \"verifier\") {\n deleteKeys.push(this.codeVerifierKey(this.clientId));\n }\n\n if (deleteKeys.length > 0) {\n await this.storage.delete(deleteKeys);\n }\n }\n\n codeVerifierKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/code_verifier`;\n }\n\n async saveCodeVerifier(verifier: string): Promise<void> {\n const key = this.codeVerifierKey(this.clientId);\n\n // Don't overwrite existing verifier to preserve first PKCE verifier\n const existing = await this.storage.get<string>(key);\n if (existing) {\n return;\n }\n\n await this.storage.put(key, verifier);\n }\n\n async codeVerifier(): Promise<string> {\n const codeVerifier = await this.storage.get<string>(\n this.codeVerifierKey(this.clientId)\n );\n if (!codeVerifier) {\n throw new Error(\"No code verifier found\");\n }\n return codeVerifier;\n }\n\n async deleteCodeVerifier(): Promise<void> {\n await this.storage.delete(this.codeVerifierKey(this.clientId));\n }\n}\n"],"mappings":";;AASA,MAAM,sBAAsB,MAAU;AA0BtC,IAAa,mCAAb,MAA+E;CAK7E,YACE,SACA,YACA,iBACA;EAHO,KAAA,UAAA;EACA,KAAA,aAAA;EACA,KAAA,kBAAA;EAEP,IAAI,CAAC,SACH,MAAM,IAAI,MACR,iFACF;CAEJ;CAEA,IAAI,iBAAsC;EACxC,OAAO;GACL,aAAa,KAAK;GAClB,YAAY,KAAK;GACjB,aAAa,CAAC,sBAAsB,eAAe;GACnD,eAAe,CAAC,KAAK,WAAW;GAChC,gBAAgB,CAAC,MAAM;GACvB,4BAA4B;EAC9B;CACF;CAEA,IAAI,YAAY;EACd,OAAO,IAAI,IAAI,KAAK,WAAW,EAAE;CACnC;CAEA,IAAI,cAAc;EAChB,OAAO,KAAK;CACd;CAEA,IAAI,WAAW;EACb,IAAI,CAAC,KAAK,YACR,MAAM,IAAI,MAAM,6CAA6C;EAE/D,OAAO,KAAK;CACd;CAEA,IAAI,SAAS,WAAmB;EAC9B,KAAK,aAAa;CACpB;CAEA,IAAI,WAAW;EACb,IAAI,CAAC,KAAK,YACR,MAAM,IAAI,MAAM,6CAA6C;EAE/D,OAAO,KAAK;CACd;CAEA,IAAI,SAAS,WAAmB;EAC9B,KAAK,aAAa;CACpB;CAEA,UAAU,UAAkB;EAC1B,OAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,GAAG;CACjD;CAEA,cAAc,UAAkB;EAC9B,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,MAAM,oBAAiE;EACrE,IAAI,CAAC,KAAK,YACR;EAEF,OACG,MAAM,KAAK,QAAQ,IAClB,KAAK,cAAc,KAAK,QAAQ,CAClC,KAAM,KAAA;CAEV;CAEA,MAAM,sBACJ,mBACe;EACf,MAAM,KAAK,QAAQ,IACjB,KAAK,cAAc,kBAAkB,SAAS,GAC9C,iBACF;EACA,KAAK,WAAW,kBAAkB;CACpC;CAEA,SAAS,UAAkB;EACzB,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,MAAM,SAA2C;EAC/C,IAAI,CAAC,KAAK,YACR;EAEF,OACG,MAAM,KAAK,QAAQ,IAAiB,KAAK,SAAS,KAAK,QAAQ,CAAC,KACjE,KAAA;CAEJ;CAEA,MAAM,WAAW,QAAoC;EACnD,MAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,QAAQ,GAAG,MAAM;CAC7D;CAEA,IAAI,UAAU;EACZ,OAAO,KAAK;CACd;CAEA,SAAS,OAAe;EACtB,OAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,SAAS;CACvD;CAEA,MAAM,QAAyB;EAC7B,MAAM,QAAQ,OAAO;EACrB,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK;EAC/B,MAAM,cAA2B;GAC/B;GACA,UAAU,KAAK;GACf,WAAW,KAAK,IAAI;EACtB;EACA,MAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,GAAG,WAAW;EACxD,OAAO;CACT;CAEA,MAAM,WACJ,OACgE;EAChE,MAAM,QAAQ,MAAM,MAAM,GAAG;EAC7B,IAAI,MAAM,WAAW,GACnB,OAAO;GAAE,OAAO;GAAO,OAAO;EAAuB;EAGvD,MAAM,CAAC,OAAO,YAAY;EAC1B,MAAM,MAAM,KAAK,SAAS,KAAK;EAC/B,MAAM,cAAc,MAAM,KAAK,QAAQ,IAAiB,GAAG;EAE3D,IAAI,CAAC,aACH,OAAO;GAAE,OAAO;GAAO,OAAO;EAAkC;EAGlE,IAAI,YAAY,aAAa,UAAU;GACrC,MAAM,KAAK,QAAQ,OAAO,GAAG;GAC7B,OAAO;IAAE,OAAO;IAAO,OAAO;GAA0B;EAC1D;EAGA,IADY,KAAK,IAAI,IAAI,YAAY,YAC3B,qBAAqB;GAC7B,MAAM,KAAK,QAAQ,OAAO,GAAG;GAC7B,OAAO;IAAE,OAAO;IAAO,OAAO;GAAgB;EAChD;EAEA,OAAO;GAAE,OAAO;GAAM;EAAS;CACjC;CAEA,MAAM,aAAa,OAA8B;EAC/C,MAAM,QAAQ,MAAM,MAAM,GAAG;EAC7B,IAAI,MAAM,WAAW,GAAG;GAGtB,QAAQ,KAAK,uDAAuD;GACpE;EACF;EACA,MAAM,CAAC,SAAS;EAChB,MAAM,KAAK,QAAQ,OAAO,KAAK,SAAS,KAAK,CAAC;CAChD;CAEA,MAAM,wBAAwB,SAA6B;EACzD,KAAK,YAAY,QAAQ,SAAS;CACpC;CAEA,MAAM,sBACJ,OACe;EACf,IAAI,CAAC,KAAK,YAAY;EAEtB,MAAM,aAAuB,CAAC;EAE9B,IAAI,UAAU,SAAS,UAAU,UAC/B,WAAW,KAAK,KAAK,cAAc,KAAK,QAAQ,CAAC;EAEnD,IAAI,UAAU,SAAS,UAAU,UAC/B,WAAW,KAAK,KAAK,SAAS,KAAK,QAAQ,CAAC;EAE9C,IAAI,UAAU,SAAS,UAAU,YAC/B,WAAW,KAAK,KAAK,gBAAgB,KAAK,QAAQ,CAAC;EAGrD,IAAI,WAAW,SAAS,GACtB,MAAM,KAAK,QAAQ,OAAO,UAAU;CAExC;CAEA,gBAAgB,UAAkB;EAChC,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,MAAM,iBAAiB,UAAiC;EACtD,MAAM,MAAM,KAAK,gBAAgB,KAAK,QAAQ;EAI9C,IAAI,MADmB,KAAK,QAAQ,IAAY,GAAG,GAEjD;EAGF,MAAM,KAAK,QAAQ,IAAI,KAAK,QAAQ;CACtC;CAEA,MAAM,eAAgC;EACpC,MAAM,eAAe,MAAM,KAAK,QAAQ,IACtC,KAAK,gBAAgB,KAAK,QAAQ,CACpC;EACA,IAAI,CAAC,cACH,MAAM,IAAI,MAAM,wBAAwB;EAE1C,OAAO;CACT;CAEA,MAAM,qBAAoC;EACxC,MAAM,KAAK,QAAQ,OAAO,KAAK,gBAAgB,KAAK,QAAQ,CAAC;CAC/D;AACF"}
|
|
1
|
+
{"version":3,"file":"do-oauth-client-provider.js","names":[],"sources":["../../src/mcp/do-oauth-client-provider.ts"],"sourcesContent":["import type { OAuthClientProvider } from \"@modelcontextprotocol/sdk/client/auth.js\";\nimport type {\n OAuthClientInformation,\n OAuthClientInformationFull,\n OAuthClientMetadata,\n OAuthTokens\n} from \"@modelcontextprotocol/sdk/shared/auth.js\";\nimport { AsyncLocalStorage } from \"node:async_hooks\";\nimport { nanoid } from \"nanoid\";\n\nconst STATE_EXPIRATION_MS = 10 * 60 * 1000; // 10 minutes\n\nconst codeVerifierStateStorage = new AsyncLocalStorage<{\n state: string;\n servedKey?: string;\n}>();\n\ninterface StoredState {\n nonce: string;\n serverId: string;\n createdAt: number;\n}\n\ninterface StoredCodeVerifier {\n verifier: string;\n createdAt: number;\n}\n\n// A slight extension to the standard OAuthClientProvider interface because `redirectToAuthorization` doesn't give us the interface we need\n// This allows us to track authentication for a specific server and associated dynamic client registration\nexport interface AgentMcpOAuthProvider extends OAuthClientProvider {\n authUrl: string | undefined;\n clientId: string | undefined;\n serverId: string | undefined;\n checkState(\n state: string\n ): Promise<{ valid: boolean; serverId?: string; error?: string }>;\n consumeState(state: string): Promise<void>;\n runWithCodeVerifierState?<T>(\n state: string,\n callback: () => Promise<T>\n ): Promise<T>;\n deleteCodeVerifier(): Promise<void>;\n}\n\nfunction parseOAuthState(\n state: string\n): { nonce: string; serverId: string } | undefined {\n const parts = state.split(\".\");\n if (parts.length !== 2) {\n return undefined;\n }\n\n const [nonce, serverId] = parts;\n if (!nonce || !serverId) {\n return undefined;\n }\n\n return { nonce, serverId };\n}\n\nfunction base64UrlEncode(bytes: Uint8Array): string {\n let binary = \"\";\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary)\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\nasync function createCodeChallenge(verifier: string): Promise<string> {\n const digest = await crypto.subtle.digest(\n \"SHA-256\",\n new TextEncoder().encode(verifier)\n );\n return base64UrlEncode(new Uint8Array(digest));\n}\n\nfunction isExpired(createdAt: number): boolean {\n return Date.now() - createdAt > STATE_EXPIRATION_MS;\n}\n\n/**\n * @deprecated Use {@link AgentMcpOAuthProvider} instead.\n */\nexport type AgentsOAuthProvider = AgentMcpOAuthProvider;\n\nexport class DurableObjectOAuthClientProvider implements AgentMcpOAuthProvider {\n private _authUrl_: string | undefined;\n private _serverId_: string | undefined;\n private _clientId_: string | undefined;\n\n constructor(\n public storage: DurableObjectStorage,\n public clientName: string,\n public baseRedirectUrl: string\n ) {\n if (!storage) {\n throw new Error(\n \"DurableObjectOAuthClientProvider requires a valid DurableObjectStorage instance\"\n );\n }\n }\n\n get clientMetadata(): OAuthClientMetadata {\n return {\n client_name: this.clientName,\n client_uri: this.clientUri,\n grant_types: [\"authorization_code\", \"refresh_token\"],\n redirect_uris: [this.redirectUrl],\n response_types: [\"code\"],\n token_endpoint_auth_method: \"none\"\n };\n }\n\n get clientUri() {\n return new URL(this.redirectUrl).origin;\n }\n\n get redirectUrl() {\n return this.baseRedirectUrl;\n }\n\n get clientId() {\n if (!this._clientId_) {\n throw new Error(\"Trying to access clientId before it was set\");\n }\n return this._clientId_;\n }\n\n set clientId(clientId_: string) {\n this._clientId_ = clientId_;\n }\n\n get serverId() {\n if (!this._serverId_) {\n throw new Error(\"Trying to access serverId before it was set\");\n }\n return this._serverId_;\n }\n\n set serverId(serverId_: string) {\n this._serverId_ = serverId_;\n }\n\n keyPrefix(clientId: string) {\n return `/${this.clientName}/${this.serverId}/${clientId}`;\n }\n\n clientInfoKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/client_info/`;\n }\n\n async clientInformation(): Promise<OAuthClientInformation | undefined> {\n if (!this._clientId_) {\n return undefined;\n }\n return (\n (await this.storage.get<OAuthClientInformation>(\n this.clientInfoKey(this.clientId)\n )) ?? undefined\n );\n }\n\n async saveClientInformation(\n clientInformation: OAuthClientInformationFull\n ): Promise<void> {\n await this.storage.put(\n this.clientInfoKey(clientInformation.client_id),\n clientInformation\n );\n this.clientId = clientInformation.client_id;\n }\n\n tokenKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/token`;\n }\n\n async tokens(): Promise<OAuthTokens | undefined> {\n if (!this._clientId_) {\n return undefined;\n }\n return (\n (await this.storage.get<OAuthTokens>(this.tokenKey(this.clientId))) ??\n undefined\n );\n }\n\n async saveTokens(tokens: OAuthTokens): Promise<void> {\n await this.storage.put(this.tokenKey(this.clientId), tokens);\n }\n\n get authUrl() {\n return this._authUrl_;\n }\n\n stateKey(nonce: string) {\n return `/${this.clientName}/${this.serverId}/state/${nonce}`;\n }\n\n async state(): Promise<string> {\n const nonce = nanoid();\n const state = `${nonce}.${this.serverId}`;\n const storedState: StoredState = {\n nonce,\n serverId: this.serverId,\n createdAt: Date.now()\n };\n await this.storage.put(this.stateKey(nonce), storedState);\n return state;\n }\n\n async checkState(\n state: string\n ): Promise<{ valid: boolean; serverId?: string; error?: string }> {\n const parsed = parseOAuthState(state);\n if (!parsed) {\n return { valid: false, error: \"Invalid state format\" };\n }\n\n const { nonce, serverId } = parsed;\n const key = this.stateKey(nonce);\n const storedState = await this.storage.get<StoredState>(key);\n\n if (!storedState) {\n return { valid: false, error: \"State not found or already used\" };\n }\n\n if (storedState.serverId !== serverId) {\n await this.storage.delete(key);\n return { valid: false, error: \"State serverId mismatch\" };\n }\n\n if (isExpired(storedState.createdAt)) {\n const deleteKeys = [key];\n if (this._clientId_) {\n deleteKeys.push(this.stateCodeVerifierKey(this.clientId, nonce));\n }\n await this.storage.delete(deleteKeys);\n return { valid: false, error: \"State expired\" };\n }\n\n return { valid: true, serverId };\n }\n\n async consumeState(state: string): Promise<void> {\n const parsed = parseOAuthState(state);\n if (!parsed) {\n // This should never happen since checkState validates format first.\n // Log for debugging but don't throw - state consumption is best-effort.\n console.warn(`[OAuth] consumeState called with invalid state format`);\n return;\n }\n await this.storage.delete(this.stateKey(parsed.nonce));\n }\n\n async redirectToAuthorization(authUrl: URL): Promise<void> {\n this._authUrl_ = authUrl.toString();\n\n const clientId = this._clientId_;\n const serverId = this._serverId_;\n if (!clientId || !serverId) {\n return;\n }\n\n const state = authUrl.searchParams.get(\"state\");\n const codeChallenge = authUrl.searchParams.get(\"code_challenge\");\n if (!state || !codeChallenge) {\n return;\n }\n\n const parsed = parseOAuthState(state);\n if (!parsed || parsed.serverId !== serverId) {\n return;\n }\n\n const challengeKey = this.challengeCodeVerifierKey(clientId, codeChallenge);\n const pendingVerifier =\n await this.storage.get<StoredCodeVerifier>(challengeKey);\n if (!pendingVerifier) {\n return;\n }\n\n if (isExpired(pendingVerifier.createdAt)) {\n await this.storage.delete(challengeKey);\n return;\n }\n\n await this.storage.put(\n this.stateCodeVerifierKey(clientId, parsed.nonce),\n pendingVerifier\n );\n await this.storage.delete(challengeKey);\n }\n\n async invalidateCredentials(\n scope: \"all\" | \"client\" | \"tokens\" | \"verifier\"\n ): Promise<void> {\n if (!this._clientId_) return;\n\n const deleteKeys: string[] = [];\n\n if (scope === \"all\" || scope === \"client\") {\n deleteKeys.push(this.clientInfoKey(this.clientId));\n }\n if (scope === \"all\" || scope === \"tokens\") {\n deleteKeys.push(this.tokenKey(this.clientId));\n }\n if (scope === \"all\" || scope === \"verifier\") {\n deleteKeys.push(\n ...(await this.codeVerifierKeys(this.clientId, {\n includeChallengeKeys: true\n }))\n );\n }\n\n if (deleteKeys.length > 0) {\n await this.storage.delete(deleteKeys);\n }\n }\n\n codeVerifierKey(clientId: string) {\n return `${this.keyPrefix(clientId)}/code_verifier`;\n }\n\n stateCodeVerifierPrefix(clientId: string) {\n return `${this.keyPrefix(clientId)}/code_verifier/`;\n }\n\n stateCodeVerifierKey(clientId: string, nonce: string) {\n return `${this.stateCodeVerifierPrefix(clientId)}${nonce}`;\n }\n\n challengeCodeVerifierPrefix(clientId: string) {\n return `${this.keyPrefix(clientId)}/code_verifier_challenge/`;\n }\n\n challengeCodeVerifierKey(clientId: string, codeChallenge: string) {\n return `${this.challengeCodeVerifierPrefix(clientId)}${codeChallenge}`;\n }\n\n async codeVerifierKeys(\n clientId: string,\n options: { includeChallengeKeys?: boolean } = {}\n ): Promise<string[]> {\n const legacyKey = this.codeVerifierKey(clientId);\n const keys: string[] = [];\n\n if (await this.storage.get(legacyKey)) {\n keys.push(legacyKey);\n }\n\n const stateKeys = await this.storage.list({\n prefix: this.stateCodeVerifierPrefix(clientId)\n });\n keys.push(...stateKeys.keys());\n\n if (options.includeChallengeKeys) {\n const challengeKeys = await this.storage.list({\n prefix: this.challengeCodeVerifierPrefix(clientId)\n });\n keys.push(...challengeKeys.keys());\n }\n\n return keys;\n }\n\n async saveCodeVerifier(verifier: string): Promise<void> {\n await this.deleteExpiredChallengeCodeVerifiers(this.clientId);\n\n const codeChallenge = await createCodeChallenge(verifier);\n const storedVerifier: StoredCodeVerifier = {\n verifier,\n createdAt: Date.now()\n };\n\n await this.storage.put(\n this.challengeCodeVerifierKey(this.clientId, codeChallenge),\n storedVerifier\n );\n }\n\n private async deleteExpiredChallengeCodeVerifiers(\n clientId: string\n ): Promise<void> {\n const challengeVerifiers = await this.storage.list<StoredCodeVerifier>({\n prefix: this.challengeCodeVerifierPrefix(clientId)\n });\n const expiredKeys = [...challengeVerifiers.entries()]\n .filter(([, storedVerifier]) => isExpired(storedVerifier.createdAt))\n .map(([key]) => key);\n if (expiredKeys.length > 0) {\n await this.storage.delete(expiredKeys);\n }\n }\n\n async codeVerifier(): Promise<string> {\n const context = codeVerifierStateStorage.getStore();\n if (context) {\n const stateVerifier = await this.codeVerifierForState(context.state);\n if (stateVerifier) {\n context.servedKey = stateVerifier.key;\n return stateVerifier.verifier;\n }\n }\n\n const legacyVerifier = await this.storage.get<string>(\n this.codeVerifierKey(this.clientId)\n );\n if (legacyVerifier) {\n if (context) {\n context.servedKey = this.codeVerifierKey(this.clientId);\n }\n return legacyVerifier;\n }\n\n if (context) {\n throw new Error(\"No code verifier found for OAuth state\");\n }\n\n const pendingVerifiers = await this.storage.list<StoredCodeVerifier>({\n prefix: this.stateCodeVerifierPrefix(this.clientId)\n });\n const unexpiredPendingVerifiers = [...pendingVerifiers.entries()].filter(\n ([, storedVerifier]) => !isExpired(storedVerifier.createdAt)\n );\n const expiredKeys = [...pendingVerifiers.entries()]\n .filter(([, storedVerifier]) => isExpired(storedVerifier.createdAt))\n .map(([key]) => key);\n if (expiredKeys.length > 0) {\n await this.storage.delete(expiredKeys);\n }\n\n if (unexpiredPendingVerifiers.length === 1) {\n const [[, storedVerifier]] = unexpiredPendingVerifiers;\n return storedVerifier.verifier;\n }\n\n if (unexpiredPendingVerifiers.length > 1) {\n throw new Error(\n \"Multiple OAuth code verifiers are pending; complete authorization with the callback state\"\n );\n }\n\n throw new Error(\"No code verifier found\");\n }\n\n private async codeVerifierForState(\n state: string\n ): Promise<{ key: string; verifier: string } | undefined> {\n const parsed = parseOAuthState(state);\n if (!parsed) {\n throw new Error(\"Invalid state format\");\n }\n\n const key = this.stateCodeVerifierKey(this.clientId, parsed.nonce);\n const storedVerifier = await this.storage.get<StoredCodeVerifier>(key);\n if (!storedVerifier) {\n return undefined;\n }\n\n if (isExpired(storedVerifier.createdAt)) {\n await this.storage.delete(key);\n throw new Error(\"Code verifier expired\");\n }\n\n return { key, verifier: storedVerifier.verifier };\n }\n\n async runWithCodeVerifierState<T>(\n state: string,\n callback: () => Promise<T>\n ): Promise<T> {\n return codeVerifierStateStorage.run({ state }, callback);\n }\n\n async deleteCodeVerifier(): Promise<void> {\n const context = codeVerifierStateStorage.getStore();\n if (context?.servedKey) {\n await this.storage.delete(context.servedKey);\n return;\n }\n\n if (context) {\n const parsed = parseOAuthState(context.state);\n if (parsed) {\n await this.storage.delete(\n this.stateCodeVerifierKey(this.clientId, parsed.nonce)\n );\n return;\n }\n }\n\n const keys = await this.codeVerifierKeys(this.clientId);\n if (keys.length > 0) {\n await this.storage.delete(keys);\n }\n }\n}\n"],"mappings":";;;AAUA,MAAM,sBAAsB,MAAU;AAEtC,MAAM,2BAA2B,IAAI,kBAGlC;AA8BH,SAAS,gBACP,OACiD;CACjD,MAAM,QAAQ,MAAM,MAAM,GAAG;CAC7B,IAAI,MAAM,WAAW,GACnB;CAGF,MAAM,CAAC,OAAO,YAAY;CAC1B,IAAI,CAAC,SAAS,CAAC,UACb;CAGF,OAAO;EAAE;EAAO;CAAS;AAC3B;AAEA,SAAS,gBAAgB,OAA2B;CAClD,IAAI,SAAS;CACb,KAAK,MAAM,QAAQ,OACjB,UAAU,OAAO,aAAa,IAAI;CAEpC,OAAO,KAAK,MAAM,EACf,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,EAAE;AACtB;AAEA,eAAe,oBAAoB,UAAmC;CACpE,MAAM,SAAS,MAAM,OAAO,OAAO,OACjC,WACA,IAAI,YAAY,EAAE,OAAO,QAAQ,CACnC;CACA,OAAO,gBAAgB,IAAI,WAAW,MAAM,CAAC;AAC/C;AAEA,SAAS,UAAU,WAA4B;CAC7C,OAAO,KAAK,IAAI,IAAI,YAAY;AAClC;AAOA,IAAa,mCAAb,MAA+E;CAK7E,YACE,SACA,YACA,iBACA;EAHO,KAAA,UAAA;EACA,KAAA,aAAA;EACA,KAAA,kBAAA;EAEP,IAAI,CAAC,SACH,MAAM,IAAI,MACR,iFACF;CAEJ;CAEA,IAAI,iBAAsC;EACxC,OAAO;GACL,aAAa,KAAK;GAClB,YAAY,KAAK;GACjB,aAAa,CAAC,sBAAsB,eAAe;GACnD,eAAe,CAAC,KAAK,WAAW;GAChC,gBAAgB,CAAC,MAAM;GACvB,4BAA4B;EAC9B;CACF;CAEA,IAAI,YAAY;EACd,OAAO,IAAI,IAAI,KAAK,WAAW,EAAE;CACnC;CAEA,IAAI,cAAc;EAChB,OAAO,KAAK;CACd;CAEA,IAAI,WAAW;EACb,IAAI,CAAC,KAAK,YACR,MAAM,IAAI,MAAM,6CAA6C;EAE/D,OAAO,KAAK;CACd;CAEA,IAAI,SAAS,WAAmB;EAC9B,KAAK,aAAa;CACpB;CAEA,IAAI,WAAW;EACb,IAAI,CAAC,KAAK,YACR,MAAM,IAAI,MAAM,6CAA6C;EAE/D,OAAO,KAAK;CACd;CAEA,IAAI,SAAS,WAAmB;EAC9B,KAAK,aAAa;CACpB;CAEA,UAAU,UAAkB;EAC1B,OAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,GAAG;CACjD;CAEA,cAAc,UAAkB;EAC9B,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,MAAM,oBAAiE;EACrE,IAAI,CAAC,KAAK,YACR;EAEF,OACG,MAAM,KAAK,QAAQ,IAClB,KAAK,cAAc,KAAK,QAAQ,CAClC,KAAM,KAAA;CAEV;CAEA,MAAM,sBACJ,mBACe;EACf,MAAM,KAAK,QAAQ,IACjB,KAAK,cAAc,kBAAkB,SAAS,GAC9C,iBACF;EACA,KAAK,WAAW,kBAAkB;CACpC;CAEA,SAAS,UAAkB;EACzB,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,MAAM,SAA2C;EAC/C,IAAI,CAAC,KAAK,YACR;EAEF,OACG,MAAM,KAAK,QAAQ,IAAiB,KAAK,SAAS,KAAK,QAAQ,CAAC,KACjE,KAAA;CAEJ;CAEA,MAAM,WAAW,QAAoC;EACnD,MAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,QAAQ,GAAG,MAAM;CAC7D;CAEA,IAAI,UAAU;EACZ,OAAO,KAAK;CACd;CAEA,SAAS,OAAe;EACtB,OAAO,IAAI,KAAK,WAAW,GAAG,KAAK,SAAS,SAAS;CACvD;CAEA,MAAM,QAAyB;EAC7B,MAAM,QAAQ,OAAO;EACrB,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK;EAC/B,MAAM,cAA2B;GAC/B;GACA,UAAU,KAAK;GACf,WAAW,KAAK,IAAI;EACtB;EACA,MAAM,KAAK,QAAQ,IAAI,KAAK,SAAS,KAAK,GAAG,WAAW;EACxD,OAAO;CACT;CAEA,MAAM,WACJ,OACgE;EAChE,MAAM,SAAS,gBAAgB,KAAK;EACpC,IAAI,CAAC,QACH,OAAO;GAAE,OAAO;GAAO,OAAO;EAAuB;EAGvD,MAAM,EAAE,OAAO,aAAa;EAC5B,MAAM,MAAM,KAAK,SAAS,KAAK;EAC/B,MAAM,cAAc,MAAM,KAAK,QAAQ,IAAiB,GAAG;EAE3D,IAAI,CAAC,aACH,OAAO;GAAE,OAAO;GAAO,OAAO;EAAkC;EAGlE,IAAI,YAAY,aAAa,UAAU;GACrC,MAAM,KAAK,QAAQ,OAAO,GAAG;GAC7B,OAAO;IAAE,OAAO;IAAO,OAAO;GAA0B;EAC1D;EAEA,IAAI,UAAU,YAAY,SAAS,GAAG;GACpC,MAAM,aAAa,CAAC,GAAG;GACvB,IAAI,KAAK,YACP,WAAW,KAAK,KAAK,qBAAqB,KAAK,UAAU,KAAK,CAAC;GAEjE,MAAM,KAAK,QAAQ,OAAO,UAAU;GACpC,OAAO;IAAE,OAAO;IAAO,OAAO;GAAgB;EAChD;EAEA,OAAO;GAAE,OAAO;GAAM;EAAS;CACjC;CAEA,MAAM,aAAa,OAA8B;EAC/C,MAAM,SAAS,gBAAgB,KAAK;EACpC,IAAI,CAAC,QAAQ;GAGX,QAAQ,KAAK,uDAAuD;GACpE;EACF;EACA,MAAM,KAAK,QAAQ,OAAO,KAAK,SAAS,OAAO,KAAK,CAAC;CACvD;CAEA,MAAM,wBAAwB,SAA6B;EACzD,KAAK,YAAY,QAAQ,SAAS;EAElC,MAAM,WAAW,KAAK;EACtB,MAAM,WAAW,KAAK;EACtB,IAAI,CAAC,YAAY,CAAC,UAChB;EAGF,MAAM,QAAQ,QAAQ,aAAa,IAAI,OAAO;EAC9C,MAAM,gBAAgB,QAAQ,aAAa,IAAI,gBAAgB;EAC/D,IAAI,CAAC,SAAS,CAAC,eACb;EAGF,MAAM,SAAS,gBAAgB,KAAK;EACpC,IAAI,CAAC,UAAU,OAAO,aAAa,UACjC;EAGF,MAAM,eAAe,KAAK,yBAAyB,UAAU,aAAa;EAC1E,MAAM,kBACJ,MAAM,KAAK,QAAQ,IAAwB,YAAY;EACzD,IAAI,CAAC,iBACH;EAGF,IAAI,UAAU,gBAAgB,SAAS,GAAG;GACxC,MAAM,KAAK,QAAQ,OAAO,YAAY;GACtC;EACF;EAEA,MAAM,KAAK,QAAQ,IACjB,KAAK,qBAAqB,UAAU,OAAO,KAAK,GAChD,eACF;EACA,MAAM,KAAK,QAAQ,OAAO,YAAY;CACxC;CAEA,MAAM,sBACJ,OACe;EACf,IAAI,CAAC,KAAK,YAAY;EAEtB,MAAM,aAAuB,CAAC;EAE9B,IAAI,UAAU,SAAS,UAAU,UAC/B,WAAW,KAAK,KAAK,cAAc,KAAK,QAAQ,CAAC;EAEnD,IAAI,UAAU,SAAS,UAAU,UAC/B,WAAW,KAAK,KAAK,SAAS,KAAK,QAAQ,CAAC;EAE9C,IAAI,UAAU,SAAS,UAAU,YAC/B,WAAW,KACT,GAAI,MAAM,KAAK,iBAAiB,KAAK,UAAU,EAC7C,sBAAsB,KACxB,CAAC,CACH;EAGF,IAAI,WAAW,SAAS,GACtB,MAAM,KAAK,QAAQ,OAAO,UAAU;CAExC;CAEA,gBAAgB,UAAkB;EAChC,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,wBAAwB,UAAkB;EACxC,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,qBAAqB,UAAkB,OAAe;EACpD,OAAO,GAAG,KAAK,wBAAwB,QAAQ,IAAI;CACrD;CAEA,4BAA4B,UAAkB;EAC5C,OAAO,GAAG,KAAK,UAAU,QAAQ,EAAE;CACrC;CAEA,yBAAyB,UAAkB,eAAuB;EAChE,OAAO,GAAG,KAAK,4BAA4B,QAAQ,IAAI;CACzD;CAEA,MAAM,iBACJ,UACA,UAA8C,CAAC,GAC5B;EACnB,MAAM,YAAY,KAAK,gBAAgB,QAAQ;EAC/C,MAAM,OAAiB,CAAC;EAExB,IAAI,MAAM,KAAK,QAAQ,IAAI,SAAS,GAClC,KAAK,KAAK,SAAS;EAGrB,MAAM,YAAY,MAAM,KAAK,QAAQ,KAAK,EACxC,QAAQ,KAAK,wBAAwB,QAAQ,EAC/C,CAAC;EACD,KAAK,KAAK,GAAG,UAAU,KAAK,CAAC;EAE7B,IAAI,QAAQ,sBAAsB;GAChC,MAAM,gBAAgB,MAAM,KAAK,QAAQ,KAAK,EAC5C,QAAQ,KAAK,4BAA4B,QAAQ,EACnD,CAAC;GACD,KAAK,KAAK,GAAG,cAAc,KAAK,CAAC;EACnC;EAEA,OAAO;CACT;CAEA,MAAM,iBAAiB,UAAiC;EACtD,MAAM,KAAK,oCAAoC,KAAK,QAAQ;EAE5D,MAAM,gBAAgB,MAAM,oBAAoB,QAAQ;EACxD,MAAM,iBAAqC;GACzC;GACA,WAAW,KAAK,IAAI;EACtB;EAEA,MAAM,KAAK,QAAQ,IACjB,KAAK,yBAAyB,KAAK,UAAU,aAAa,GAC1D,cACF;CACF;CAEA,MAAc,oCACZ,UACe;EAIf,MAAM,cAAc,CAAC,IAAG,MAHS,KAAK,QAAQ,KAAyB,EACrE,QAAQ,KAAK,4BAA4B,QAAQ,EACnD,CAAC,GAC0C,QAAQ,CAAC,EACjD,QAAQ,GAAG,oBAAoB,UAAU,eAAe,SAAS,CAAC,EAClE,KAAK,CAAC,SAAS,GAAG;EACrB,IAAI,YAAY,SAAS,GACvB,MAAM,KAAK,QAAQ,OAAO,WAAW;CAEzC;CAEA,MAAM,eAAgC;EACpC,MAAM,UAAU,yBAAyB,SAAS;EAClD,IAAI,SAAS;GACX,MAAM,gBAAgB,MAAM,KAAK,qBAAqB,QAAQ,KAAK;GACnE,IAAI,eAAe;IACjB,QAAQ,YAAY,cAAc;IAClC,OAAO,cAAc;GACvB;EACF;EAEA,MAAM,iBAAiB,MAAM,KAAK,QAAQ,IACxC,KAAK,gBAAgB,KAAK,QAAQ,CACpC;EACA,IAAI,gBAAgB;GAClB,IAAI,SACF,QAAQ,YAAY,KAAK,gBAAgB,KAAK,QAAQ;GAExD,OAAO;EACT;EAEA,IAAI,SACF,MAAM,IAAI,MAAM,wCAAwC;EAG1D,MAAM,mBAAmB,MAAM,KAAK,QAAQ,KAAyB,EACnE,QAAQ,KAAK,wBAAwB,KAAK,QAAQ,EACpD,CAAC;EACD,MAAM,4BAA4B,CAAC,GAAG,iBAAiB,QAAQ,CAAC,EAAE,QAC/D,GAAG,oBAAoB,CAAC,UAAU,eAAe,SAAS,CAC7D;EACA,MAAM,cAAc,CAAC,GAAG,iBAAiB,QAAQ,CAAC,EAC/C,QAAQ,GAAG,oBAAoB,UAAU,eAAe,SAAS,CAAC,EAClE,KAAK,CAAC,SAAS,GAAG;EACrB,IAAI,YAAY,SAAS,GACvB,MAAM,KAAK,QAAQ,OAAO,WAAW;EAGvC,IAAI,0BAA0B,WAAW,GAAG;GAC1C,MAAM,CAAC,GAAG,mBAAmB;GAC7B,OAAO,eAAe;EACxB;EAEA,IAAI,0BAA0B,SAAS,GACrC,MAAM,IAAI,MACR,2FACF;EAGF,MAAM,IAAI,MAAM,wBAAwB;CAC1C;CAEA,MAAc,qBACZ,OACwD;EACxD,MAAM,SAAS,gBAAgB,KAAK;EACpC,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,sBAAsB;EAGxC,MAAM,MAAM,KAAK,qBAAqB,KAAK,UAAU,OAAO,KAAK;EACjE,MAAM,iBAAiB,MAAM,KAAK,QAAQ,IAAwB,GAAG;EACrE,IAAI,CAAC,gBACH;EAGF,IAAI,UAAU,eAAe,SAAS,GAAG;GACvC,MAAM,KAAK,QAAQ,OAAO,GAAG;GAC7B,MAAM,IAAI,MAAM,uBAAuB;EACzC;EAEA,OAAO;GAAE;GAAK,UAAU,eAAe;EAAS;CAClD;CAEA,MAAM,yBACJ,OACA,UACY;EACZ,OAAO,yBAAyB,IAAI,EAAE,MAAM,GAAG,QAAQ;CACzD;CAEA,MAAM,qBAAoC;EACxC,MAAM,UAAU,yBAAyB,SAAS;EAClD,IAAI,SAAS,WAAW;GACtB,MAAM,KAAK,QAAQ,OAAO,QAAQ,SAAS;GAC3C;EACF;EAEA,IAAI,SAAS;GACX,MAAM,SAAS,gBAAgB,QAAQ,KAAK;GAC5C,IAAI,QAAQ;IACV,MAAM,KAAK,QAAQ,OACjB,KAAK,qBAAqB,KAAK,UAAU,OAAO,KAAK,CACvD;IACA;GACF;EACF;EAEA,MAAM,OAAO,MAAM,KAAK,iBAAiB,KAAK,QAAQ;EACtD,IAAI,KAAK,SAAS,GAChB,MAAM,KAAK,QAAQ,OAAO,IAAI;CAElC;AACF"}
|
package/dist/mcp/index.d.ts
CHANGED
|
@@ -1,32 +1,38 @@
|
|
|
1
1
|
import {
|
|
2
|
-
At as
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
2
|
+
At as ClearableEventStore,
|
|
3
|
+
Bt as SSEEdgeClientTransport,
|
|
4
|
+
Ct as RPCServerTransport,
|
|
5
|
+
Dt as ElicitRequestSchema,
|
|
6
|
+
Et as ElicitRequest,
|
|
7
|
+
Ft as McpAuthContext,
|
|
8
|
+
Ht as McpClientOptions,
|
|
9
|
+
It as getMcpAuthContext,
|
|
10
|
+
Lt as TransportState,
|
|
11
|
+
Mt as CreateMcpHandlerOptions,
|
|
12
|
+
Nt as createMcpHandler,
|
|
13
|
+
Ot as ElicitResult,
|
|
14
|
+
Pt as experimental_createMcpHandler,
|
|
15
|
+
Rt as WorkerTransport,
|
|
16
|
+
St as RPCClientTransportOptions,
|
|
17
|
+
Tt as RPC_DO_PREFIX,
|
|
18
|
+
Vt as StreamableHTTPEdgeClientTransport,
|
|
19
|
+
_t as MCP_SERVER_ID_MAX_LENGTH,
|
|
20
|
+
bt as normalizeServerId,
|
|
21
|
+
dt as MCPClientOAuthResult,
|
|
22
|
+
ft as MCPConnectionResult,
|
|
23
|
+
gt as MCPServerOptions,
|
|
24
|
+
jt as DurableObjectEventStore,
|
|
25
|
+
kt as McpAgent,
|
|
26
|
+
pt as MCPDiscoverResult,
|
|
27
|
+
ut as MCPClientOAuthCallbackConfig,
|
|
28
|
+
wt as RPCServerTransportOptions,
|
|
29
|
+
xt as RPCClientTransport,
|
|
30
|
+
zt as WorkerTransportOptions
|
|
31
|
+
} from "../agent-tool-types-BAJWu8s4.js";
|
|
28
32
|
export {
|
|
33
|
+
type ClearableEventStore,
|
|
29
34
|
type CreateMcpHandlerOptions,
|
|
35
|
+
DurableObjectEventStore,
|
|
30
36
|
type ElicitRequest,
|
|
31
37
|
ElicitRequestSchema,
|
|
32
38
|
type ElicitResult,
|
|
@@ -35,6 +41,7 @@ export {
|
|
|
35
41
|
type MCPConnectionResult,
|
|
36
42
|
type MCPDiscoverResult,
|
|
37
43
|
type MCPServerOptions,
|
|
44
|
+
MCP_SERVER_ID_MAX_LENGTH,
|
|
38
45
|
McpAgent,
|
|
39
46
|
type McpAuthContext,
|
|
40
47
|
type McpClientOptions,
|
|
@@ -50,5 +57,6 @@ export {
|
|
|
50
57
|
type WorkerTransportOptions,
|
|
51
58
|
createMcpHandler,
|
|
52
59
|
experimental_createMcpHandler,
|
|
53
|
-
getMcpAuthContext
|
|
60
|
+
getMcpAuthContext,
|
|
61
|
+
normalizeServerId
|
|
54
62
|
};
|