npm - agentstudio - Versions diffs - 0.1.18 → 0.1.21 - Mend

agentstudio 0.1.18 → 0.1.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (664) hide show

package/README.md +26 -505
package/bin/agentstudio.js +305 -0
package/bin/agentstudio.js.map +1 -0
package/bin/serviceManager.d.ts +16 -0
package/bin/serviceManager.d.ts.map +1 -0
package/bin/serviceManager.js +434 -0
package/bin/serviceManager.js.map +1 -0
package/config/index.d.ts +74 -0
package/config/index.d.ts.map +1 -0
package/config/index.js +166 -0
package/config/index.js.map +1 -0
package/config/paths.d.ts +81 -0
package/config/paths.d.ts.map +1 -0
package/config/paths.js +98 -0
package/config/paths.js.map +1 -0
package/index.d.ts +4 -0
package/index.d.ts.map +1 -0
package/index.js +369 -0
package/index.js.map +1 -0
package/jobs/taskTimeoutMonitor.d.ts +25 -0
package/jobs/taskTimeoutMonitor.d.ts.map +1 -0
package/jobs/taskTimeoutMonitor.js +94 -0
package/jobs/taskTimeoutMonitor.js.map +1 -0
package/middleware/a2aAuth.d.ts +38 -0
package/middleware/a2aAuth.d.ts.map +1 -0
package/middleware/a2aAuth.js +134 -0
package/middleware/a2aAuth.js.map +1 -0
package/{backend/dist/middleware → middleware}/auth.d.ts +3 -1
package/middleware/auth.d.ts.map +1 -0
package/middleware/auth.js +35 -0
package/middleware/auth.js.map +1 -0
package/middleware/httpsOnly.d.ts +38 -0
package/middleware/httpsOnly.d.ts.map +1 -0
package/middleware/httpsOnly.js +105 -0
package/middleware/httpsOnly.js.map +1 -0
package/middleware/rateLimiting.d.ts +37 -0
package/middleware/rateLimiting.d.ts.map +1 -0
package/middleware/rateLimiting.js +118 -0
package/middleware/rateLimiting.js.map +1 -0
package/package.json +43 -38
package/public/assets/AgentsPage-Nvg2xu6K.js +10 -0
package/public/assets/Button-Co56C389.js +1 -0
package/public/assets/ChatPage-D6sol0ad.js +442 -0
package/public/assets/CommandForm-Bk7F_HU8.js +7 -0
package/public/assets/CommandsPage-DZHyOdKd.js +1 -0
package/public/assets/DashboardPage-29qC7Ev1.js +15 -0
package/public/assets/FileBrowser-BYweUPH4.js +6 -0
package/public/assets/FileExplorer-DNYj6Tsx.js +1 -0
package/public/assets/GeneralSettingsPage-D9Xa7Nd8.js +1 -0
package/public/assets/LandingPage-CjnT-cvO.js +1 -0
package/public/assets/LoginPage-DcaGNCXH.js +16 -0
package/public/assets/McpAdminSettingsPage-DgR3E2Bd.js +7 -0
package/public/assets/McpPage-CtWf1CoL.js +40 -0
package/public/assets/MemorySettingsPage-JTry4Ccp.js +1 -0
package/public/assets/PluginsPage-D-BHjQ3P.js +1 -0
package/public/assets/ProjectSelector-DSXOjMQC.js +1 -0
package/public/assets/ProjectsPage-lLUk4-Xa.js +21 -0
package/public/assets/ScheduledTasksPage-5hPbd9Vs.js +1 -0
package/public/assets/SettingsLayout-DGJspXLp.js +1 -0
package/public/assets/SkillsPage-DBw0m7D2.js +18 -0
package/{backend/dist/frontend/assets/SubagentForm-DXtTTIKg.js → public/assets/SubagentForm-BdUK1U4y.js} +2 -2
package/public/assets/SubagentsPage-Dnq70IFd.js +1 -0
package/{backend/dist/frontend/assets/ToastTestPage-DT4wuN5C.js → public/assets/ToastTestPage-BfJQRFIm.js} +1 -1
package/public/assets/ToolsList-Dl5F2fWk.js +1 -0
package/public/assets/UnifiedToolSelector-CNbPsiuq.js +1 -0
package/public/assets/VersionSettingsPage-BfoCcham.js +5 -0
package/public/assets/_basePickBy-7C_e0Xv1.js +1 -0
package/public/assets/_baseUniq-eGJNLBzx.js +1 -0
package/public/assets/agents-ChrA1R0y.js +1 -0
package/public/assets/arc-CuA752eE.js +1 -0
package/public/assets/architectureDiagram-VXUJARFQ-BnPYh1OW.js +36 -0
package/public/assets/blockDiagram-VD42YOAC-72nsMt_i.js +122 -0
package/public/assets/c4Diagram-YG6GDRKO-BNJSAXcg.js +10 -0
package/public/assets/channel-CIunGC5m.js +1 -0
package/public/assets/chunk-4BX2VUAB-RPxkCWhH.js +1 -0
package/public/assets/chunk-55IACEB6-3ePDt0kp.js +1 -0
package/public/assets/chunk-B4BG7PRW-CBg_BBfl.js +165 -0
package/public/assets/chunk-DI55MBZ5-DIh69TUJ.js +220 -0
package/public/assets/chunk-FMBD7UC4-BbjwhyTe.js +15 -0
package/public/assets/chunk-QN33PNHL-BpH-o_YR.js +1 -0
package/public/assets/chunk-QZHKN3VN-DYB7rh5Q.js +1 -0
package/public/assets/chunk-TZMSLE5B-DPCYEVb3.js +1 -0
package/public/assets/classDiagram-2ON5EDUG-aUQHFsTA.js +1 -0
package/public/assets/classDiagram-v2-WZHVMYZB-aUQHFsTA.js +1 -0
package/public/assets/clone-Ckf7tA1V.js +1 -0
package/public/assets/cose-bilkent-S5V4N54A-CnpfmL-Y.js +1 -0
package/public/assets/cytoscape.esm-DtBltrT8.js +331 -0
package/public/assets/dagre-6UL2VRFP-DR9x77Xf.js +4 -0
package/{backend/dist/frontend/assets/data-structures-DLJedtzx.js → public/assets/data-structures-C0h9Oap1.js} +1 -1
package/public/assets/defaultLocale-C4B-KCzX.js +1 -0
package/public/assets/diagram-PSM6KHXK-SONPsQNx.js +24 -0
package/public/assets/diagram-QEK2KX5R-BKYFSfC1.js +43 -0
package/public/assets/diagram-S2PKOQOG-CkM0APZj.js +24 -0
package/public/assets/erDiagram-Q2GNP2WA-BX1DpOGx.js +60 -0
package/public/assets/flowDiagram-NV44I4VS-HAAlzNbq.js +162 -0
package/public/assets/ganttDiagram-LVOFAZNH-BqzWexqa.js +267 -0
package/public/assets/gitGraphDiagram-NY62KEGX-CIPmSp43.js +65 -0
package/public/assets/graph-m515btDj.js +1 -0
package/public/assets/index-Bn3v3S9-.js +293 -0
package/public/assets/index-DWieeYj4.css +1 -0
package/public/assets/infoDiagram-F6ZHWCRC-Pn4yNWrF.js +2 -0
package/public/assets/init-Gi6I4Gst.js +1 -0
package/public/assets/journeyDiagram-XKPGCS4Q-BfzTomS0.js +139 -0
package/public/assets/kanban-definition-3W4ZIXB7-Cgju7b-L.js +89 -0
package/public/assets/katex-qrhCpa0F.js +261 -0
package/public/assets/layout-BKQfQSxJ.js +1 -0
package/public/assets/linear-DigtLz3B.js +1 -0
package/public/assets/mindmap-definition-VGOIOE7T-qopraVFy.js +68 -0
package/public/assets/monaco-editor-DHKm5-VF.js +19 -0
package/public/assets/ordinal-Cboi1Yqb.js +1 -0
package/public/assets/pieDiagram-ADFJNKIX-BcoaAI-L.js +30 -0
package/public/assets/quadrantDiagram-AYHSOK5B-D-DwcoSd.js +7 -0
package/public/assets/requirementDiagram-UZGBJVZJ-DbQCpx77.js +64 -0
package/public/assets/sankeyDiagram-TZEHDZUN-BVk8387S.js +10 -0
package/public/assets/sequenceDiagram-WL72ISMW-BdzICjxO.js +145 -0
package/public/assets/stateDiagram-FKZM4ZOC-CYY-uUvJ.js +1 -0
package/public/assets/stateDiagram-v2-4FDKWEC3-Dh2Kvomq.js +1 -0
package/{backend/dist/frontend/assets/syntax-highlighting-YWvMU4Hm.js → public/assets/syntax-highlighting-CnREyncB.js} +5 -5
package/public/assets/tabManager-B2LQO_Ll.js +30 -0
package/{backend/dist/frontend/assets/table-D6q1rytw.js → public/assets/table-D0L2RL5i.js} +1 -1
package/public/assets/timeline-definition-IT6M3QCI-BAvjPYvX.js +61 -0
package/public/assets/tools-IcPNZlPj.js +1 -0
package/public/assets/treemap-KMMF4GRG-DtkpVA56.js +128 -0
package/{backend/dist/frontend/assets/ui-components-Cw21Epuw.js → public/assets/ui-components-D1St49qC.js} +231 -96
package/public/assets/useAgents-BnDTkOG8.js +2 -0
package/public/assets/useClaudeVersions-CD59tFWM.js +1 -0
package/public/assets/useCommands-mvMu3mMD.js +1 -0
package/public/assets/useProjects-YXOjaOwL.js +1 -0
package/public/assets/xychartDiagram-PRI3JC2R-ByBTDWE2.js +7 -0
package/{backend/dist/frontend → public}/index.html +8 -8
package/routes/__tests__/a2a.integration.test.d.ts +11 -0
package/routes/__tests__/a2a.integration.test.d.ts.map +1 -0
package/routes/__tests__/a2a.integration.test.js +314 -0
package/routes/__tests__/a2a.integration.test.js.map +1 -0
package/routes/__tests__/a2a.test.d.ts +6 -0
package/routes/__tests__/a2a.test.d.ts.map +1 -0
package/routes/__tests__/a2a.test.js +622 -0
package/routes/__tests__/a2a.test.js.map +1 -0
package/routes/__tests__/agents.test.d.ts +6 -0
package/routes/__tests__/agents.test.d.ts.map +1 -0
package/routes/__tests__/agents.test.js +315 -0
package/routes/__tests__/agents.test.js.map +1 -0
package/routes/__tests__/sessions.test.d.ts +7 -0
package/routes/__tests__/sessions.test.d.ts.map +1 -0
package/routes/__tests__/sessions.test.js +330 -0
package/routes/__tests__/sessions.test.js.map +1 -0
package/routes/a2a.d.ts +18 -0
package/routes/a2a.d.ts.map +1 -0
package/routes/a2a.js +649 -0
package/routes/a2a.js.map +1 -0
package/routes/a2a.streaming.test.d.ts +2 -0
package/routes/a2a.streaming.test.d.ts.map +1 -0
package/routes/a2a.streaming.test.js +167 -0
package/routes/a2a.streaming.test.js.map +1 -0
package/routes/a2aManagement.d.ts +21 -0
package/routes/a2aManagement.d.ts.map +1 -0
package/routes/a2aManagement.js +466 -0
package/routes/a2aManagement.js.map +1 -0
package/{backend/dist/routes → routes}/agents.d.ts.map +1 -1
package/routes/agents.js +997 -0
package/routes/agents.js.map +1 -0
package/{backend/dist/routes → routes}/auth.d.ts.map +1 -1
package/routes/auth.js +135 -0
package/routes/auth.js.map +1 -0
package/{backend/dist/routes → routes}/commands.d.ts.map +1 -1
package/{backend/dist/routes → routes}/commands.js +115 -31
package/routes/commands.js.map +1 -0
package/routes/config.d.ts +4 -0
package/routes/config.d.ts.map +1 -0
package/routes/config.js +211 -0
package/routes/config.js.map +1 -0
package/{backend/dist/routes → routes}/files.d.ts.map +1 -1
package/{backend/dist/routes → routes}/files.js +103 -43
package/routes/files.js.map +1 -0
package/routes/mcp.d.ts +27 -0
package/routes/mcp.d.ts.map +1 -0
package/{backend/dist/routes → routes}/mcp.js +195 -105
package/routes/mcp.js.map +1 -0
package/routes/mcpAdmin.d.ts +16 -0
package/routes/mcpAdmin.d.ts.map +1 -0
package/routes/mcpAdmin.js +308 -0
package/routes/mcpAdmin.js.map +1 -0
package/routes/mcpAdminManagement.d.ts +17 -0
package/routes/mcpAdminManagement.d.ts.map +1 -0
package/routes/mcpAdminManagement.js +345 -0
package/routes/mcpAdminManagement.js.map +1 -0
package/routes/media.d.ts.map +1 -0
package/{backend/dist/routes → routes}/media.js +52 -42
package/routes/media.js.map +1 -0
package/routes/mediaAuth.d.ts +8 -0
package/routes/mediaAuth.d.ts.map +1 -0
package/routes/mediaAuth.js +136 -0
package/routes/mediaAuth.js.map +1 -0
package/routes/plugins.d.ts +4 -0
package/routes/plugins.d.ts.map +1 -0
package/routes/plugins.js +339 -0
package/routes/plugins.js.map +1 -0
package/{backend/dist/routes → routes}/projects.d.ts.map +1 -1
package/routes/projects.js +884 -0
package/routes/projects.js.map +1 -0
package/routes/scheduledTasks.d.ts +9 -0
package/routes/scheduledTasks.d.ts.map +1 -0
package/routes/scheduledTasks.js +320 -0
package/routes/scheduledTasks.js.map +1 -0
package/{backend/dist/routes → routes}/sessions.d.ts.map +1 -1
package/{backend/dist/routes → routes}/sessions.js +258 -39
package/routes/sessions.js.map +1 -0
package/{backend/dist/routes → routes}/settings.d.ts.map +1 -1
package/{backend/dist/routes → routes}/settings.js +82 -241
package/routes/settings.js.map +1 -0
package/{backend/dist/routes/mcp.d.ts → routes/skills.d.ts} +1 -1
package/routes/skills.d.ts.map +1 -0
package/routes/skills.js +272 -0
package/routes/skills.js.map +1 -0
package/routes/slack.d.ts +10 -0
package/routes/slack.d.ts.map +1 -0
package/routes/slack.js +189 -0
package/routes/slack.js.map +1 -0
package/{backend/dist/routes → routes}/slides.d.ts.map +1 -1
package/{backend/dist/routes → routes}/slides.js +29 -27
package/routes/slides.js.map +1 -0
package/{backend/dist/routes → routes}/subagents.js +27 -22
package/routes/subagents.js.map +1 -0
package/schemas/a2a.d.ts +858 -0
package/schemas/a2a.d.ts.map +1 -0
package/schemas/a2a.js +300 -0
package/schemas/a2a.js.map +1 -0
package/scripts/postinstall.js +10 -0
package/services/__tests__/pluginInstaller.test.d.ts +5 -0
package/services/__tests__/pluginInstaller.test.d.ts.map +1 -0
package/services/__tests__/pluginInstaller.test.js +290 -0
package/services/__tests__/pluginInstaller.test.js.map +1 -0
package/services/__tests__/pluginParser.test.d.ts +5 -0
package/services/__tests__/pluginParser.test.d.ts.map +1 -0
package/services/__tests__/pluginParser.test.js +272 -0
package/services/__tests__/pluginParser.test.js.map +1 -0
package/services/__tests__/pluginPaths.test.d.ts +5 -0
package/services/__tests__/pluginPaths.test.d.ts.map +1 -0
package/services/__tests__/pluginPaths.test.js +221 -0
package/services/__tests__/pluginPaths.test.js.map +1 -0
package/services/__tests__/pluginScanner.test.d.ts +5 -0
package/services/__tests__/pluginScanner.test.d.ts.map +1 -0
package/services/__tests__/pluginScanner.test.js +272 -0
package/services/__tests__/pluginScanner.test.js.map +1 -0
package/services/__tests__/pluginSymlink.test.d.ts +5 -0
package/services/__tests__/pluginSymlink.test.d.ts.map +1 -0
package/services/__tests__/pluginSymlink.test.js +318 -0
package/services/__tests__/pluginSymlink.test.js.map +1 -0
package/services/__tests__/slackAIService.test.d.ts +5 -0
package/services/__tests__/slackAIService.test.d.ts.map +1 -0
package/services/__tests__/slackAIService.test.js +477 -0
package/services/__tests__/slackAIService.test.js.map +1 -0
package/services/__tests__/slackThreadMapper.test.d.ts +5 -0
package/services/__tests__/slackThreadMapper.test.d.ts.map +1 -0
package/services/__tests__/slackThreadMapper.test.js +194 -0
package/services/__tests__/slackThreadMapper.test.js.map +1 -0
package/services/a2a/__tests__/a2aClientTool.integration.test.d.ts +6 -0
package/services/a2a/__tests__/a2aClientTool.integration.test.d.ts.map +1 -0
package/services/a2a/__tests__/a2aClientTool.integration.test.js +264 -0
package/services/a2a/__tests__/a2aClientTool.integration.test.js.map +1 -0
package/services/a2a/__tests__/a2aClientTool.test.d.ts +6 -0
package/services/a2a/__tests__/a2aClientTool.test.d.ts.map +1 -0
package/services/a2a/__tests__/a2aClientTool.test.js +418 -0
package/services/a2a/__tests__/a2aClientTool.test.js.map +1 -0
package/services/a2a/__tests__/a2aConfigService.test.d.ts +6 -0
package/services/a2a/__tests__/a2aConfigService.test.d.ts.map +1 -0
package/services/a2a/__tests__/a2aConfigService.test.js +431 -0
package/services/a2a/__tests__/a2aConfigService.test.js.map +1 -0
package/services/a2a/__tests__/a2aConfigServicePath.test.d.ts +2 -0
package/services/a2a/__tests__/a2aConfigServicePath.test.d.ts.map +1 -0
package/services/a2a/__tests__/a2aConfigServicePath.test.js +49 -0
package/services/a2a/__tests__/a2aConfigServicePath.test.js.map +1 -0
package/services/a2a/__tests__/a2aSdkMcp.test.d.ts +10 -0
package/services/a2a/__tests__/a2aSdkMcp.test.d.ts.map +1 -0
package/services/a2a/__tests__/a2aSdkMcp.test.js +239 -0
package/services/a2a/__tests__/a2aSdkMcp.test.js.map +1 -0
package/services/a2a/__tests__/agentCardService.test.d.ts +6 -0
package/services/a2a/__tests__/agentCardService.test.d.ts.map +1 -0
package/services/a2a/__tests__/agentCardService.test.js +292 -0
package/services/a2a/__tests__/agentCardService.test.js.map +1 -0
package/services/a2a/__tests__/apiKeyService.test.d.ts +6 -0
package/services/a2a/__tests__/apiKeyService.test.d.ts.map +1 -0
package/services/a2a/__tests__/apiKeyService.test.js +284 -0
package/services/a2a/__tests__/apiKeyService.test.js.map +1 -0
package/services/a2a/__tests__/buildQueryOptionsIntegration.test.d.ts +2 -0
package/services/a2a/__tests__/buildQueryOptionsIntegration.test.d.ts.map +1 -0
package/services/a2a/__tests__/buildQueryOptionsIntegration.test.js +70 -0
package/services/a2a/__tests__/buildQueryOptionsIntegration.test.js.map +1 -0
package/services/a2a/__tests__/dynamic_config_verification.test.d.ts +2 -0
package/services/a2a/__tests__/dynamic_config_verification.test.d.ts.map +1 -0
package/services/a2a/__tests__/dynamic_config_verification.test.js +67 -0
package/services/a2a/__tests__/dynamic_config_verification.test.js.map +1 -0
package/services/a2a/__tests__/integrateA2AMcpServer.test.d.ts +2 -0
package/services/a2a/__tests__/integrateA2AMcpServer.test.d.ts.map +1 -0
package/services/a2a/__tests__/integrateA2AMcpServer.test.js +112 -0
package/services/a2a/__tests__/integrateA2AMcpServer.test.js.map +1 -0
package/services/a2a/__tests__/taskManager.integration.test.d.ts +7 -0
package/services/a2a/__tests__/taskManager.integration.test.d.ts.map +1 -0
package/services/a2a/__tests__/taskManager.integration.test.js +346 -0
package/services/a2a/__tests__/taskManager.integration.test.js.map +1 -0
package/services/a2a/__tests__/taskManager.test.d.ts +7 -0
package/services/a2a/__tests__/taskManager.test.d.ts.map +1 -0
package/services/a2a/__tests__/taskManager.test.js +423 -0
package/services/a2a/__tests__/taskManager.test.js.map +1 -0
package/services/a2a/a2aClientTool.d.ts +73 -0
package/services/a2a/a2aClientTool.d.ts.map +1 -0
package/services/a2a/a2aClientTool.js +572 -0
package/services/a2a/a2aClientTool.js.map +1 -0
package/services/a2a/a2aConfigService.d.ts +50 -0
package/services/a2a/a2aConfigService.d.ts.map +1 -0
package/services/a2a/a2aConfigService.js +186 -0
package/services/a2a/a2aConfigService.js.map +1 -0
package/services/a2a/a2aHistoryService.d.ts +32 -0
package/services/a2a/a2aHistoryService.d.ts.map +1 -0
package/services/a2a/a2aHistoryService.js +108 -0
package/services/a2a/a2aHistoryService.js.map +1 -0
package/services/a2a/a2aIntegration.d.ts +9 -0
package/services/a2a/a2aIntegration.d.ts.map +1 -0
package/services/a2a/a2aIntegration.js +41 -0
package/services/a2a/a2aIntegration.js.map +1 -0
package/services/a2a/a2aQueryService.d.ts +71 -0
package/services/a2a/a2aQueryService.d.ts.map +1 -0
package/services/a2a/a2aQueryService.js +166 -0
package/services/a2a/a2aQueryService.js.map +1 -0
package/services/a2a/a2aSdkMcp.d.ts +51 -0
package/services/a2a/a2aSdkMcp.d.ts.map +1 -0
package/services/a2a/a2aSdkMcp.js +185 -0
package/services/a2a/a2aSdkMcp.js.map +1 -0
package/services/a2a/a2aStreamEvents.d.ts +94 -0
package/services/a2a/a2aStreamEvents.d.ts.map +1 -0
package/services/a2a/a2aStreamEvents.js +92 -0
package/services/a2a/a2aStreamEvents.js.map +1 -0
package/services/a2a/agentCardService.d.ts +34 -0
package/services/a2a/agentCardService.d.ts.map +1 -0
package/services/a2a/agentCardService.js +228 -0
package/services/a2a/agentCardService.js.map +1 -0
package/services/a2a/agentMappingService.d.ts +53 -0
package/services/a2a/agentMappingService.d.ts.map +1 -0
package/services/a2a/agentMappingService.js +185 -0
package/services/a2a/agentMappingService.js.map +1 -0
package/services/a2a/apiKeyService.d.ts +101 -0
package/services/a2a/apiKeyService.d.ts.map +1 -0
package/services/a2a/apiKeyService.js +314 -0
package/services/a2a/apiKeyService.js.map +1 -0
package/services/a2a/taskCleanup.d.ts +30 -0
package/services/a2a/taskCleanup.d.ts.map +1 -0
package/services/a2a/taskCleanup.js +184 -0
package/services/a2a/taskCleanup.js.map +1 -0
package/services/a2a/taskManager.d.ts +86 -0
package/services/a2a/taskManager.d.ts.map +1 -0
package/services/a2a/taskManager.js +263 -0
package/services/a2a/taskManager.js.map +1 -0
package/services/agentStorage.d.ts +27 -0
package/services/agentStorage.d.ts.map +1 -0
package/services/agentStorage.js +487 -0
package/services/agentStorage.js.map +1 -0
package/services/askUserQuestion/askUserQuestionIntegration.d.ts +24 -0
package/services/askUserQuestion/askUserQuestionIntegration.d.ts.map +1 -0
package/services/askUserQuestion/askUserQuestionIntegration.js +52 -0
package/services/askUserQuestion/askUserQuestionIntegration.js.map +1 -0
package/services/askUserQuestion/askUserQuestionMcp.d.ts +103 -0
package/services/askUserQuestion/askUserQuestionMcp.d.ts.map +1 -0
package/services/askUserQuestion/askUserQuestionMcp.js +129 -0
package/services/askUserQuestion/askUserQuestionMcp.js.map +1 -0
package/services/askUserQuestion/index.d.ts +13 -0
package/services/askUserQuestion/index.d.ts.map +1 -0
package/services/askUserQuestion/index.js +35 -0
package/services/askUserQuestion/index.js.map +1 -0
package/services/askUserQuestion/init.d.ts +17 -0
package/services/askUserQuestion/init.d.ts.map +1 -0
package/services/askUserQuestion/init.js +47 -0
package/services/askUserQuestion/init.js.map +1 -0
package/services/askUserQuestion/notificationChannel.d.ts +97 -0
package/services/askUserQuestion/notificationChannel.d.ts.map +1 -0
package/services/askUserQuestion/notificationChannel.js +147 -0
package/services/askUserQuestion/notificationChannel.js.map +1 -0
package/services/askUserQuestion/slackNotificationChannel.d.ts +35 -0
package/services/askUserQuestion/slackNotificationChannel.d.ts.map +1 -0
package/services/askUserQuestion/slackNotificationChannel.js +129 -0
package/services/askUserQuestion/slackNotificationChannel.js.map +1 -0
package/services/askUserQuestion/sseNotificationChannel.d.ts +36 -0
package/services/askUserQuestion/sseNotificationChannel.d.ts.map +1 -0
package/services/askUserQuestion/sseNotificationChannel.js +88 -0
package/services/askUserQuestion/sseNotificationChannel.js.map +1 -0
package/services/askUserQuestion/userInputRegistry.d.ts +107 -0
package/services/askUserQuestion/userInputRegistry.d.ts.map +1 -0
package/services/askUserQuestion/userInputRegistry.js +253 -0
package/services/askUserQuestion/userInputRegistry.js.map +1 -0
package/{backend/dist/services → services}/claudeSession.d.ts +20 -5
package/services/claudeSession.d.ts.map +1 -0
package/{backend/dist/services → services}/claudeSession.js +123 -41
package/services/claudeSession.js.map +1 -0
package/services/claudeVersionStorage.d.ts +20 -0
package/services/claudeVersionStorage.d.ts.map +1 -0
package/services/claudeVersionStorage.js +331 -0
package/services/claudeVersionStorage.js.map +1 -0
package/services/mcpAdmin/__tests__/adminApiKeyService.test.d.ts +5 -0
package/services/mcpAdmin/__tests__/adminApiKeyService.test.d.ts.map +1 -0
package/services/mcpAdmin/__tests__/adminApiKeyService.test.js +289 -0
package/services/mcpAdmin/__tests__/adminApiKeyService.test.js.map +1 -0
package/services/mcpAdmin/__tests__/mcpAdminRoutes.test.d.ts +5 -0
package/services/mcpAdmin/__tests__/mcpAdminRoutes.test.d.ts.map +1 -0
package/services/mcpAdmin/__tests__/mcpAdminRoutes.test.js +345 -0
package/services/mcpAdmin/__tests__/mcpAdminRoutes.test.js.map +1 -0
package/services/mcpAdmin/__tests__/mcpAdminServer.test.d.ts +5 -0
package/services/mcpAdmin/__tests__/mcpAdminServer.test.d.ts.map +1 -0
package/services/mcpAdmin/__tests__/mcpAdminServer.test.js +453 -0
package/services/mcpAdmin/__tests__/mcpAdminServer.test.js.map +1 -0
package/services/mcpAdmin/__tests__/tools.test.d.ts +5 -0
package/services/mcpAdmin/__tests__/tools.test.d.ts.map +1 -0
package/services/mcpAdmin/__tests__/tools.test.js +371 -0
package/services/mcpAdmin/__tests__/tools.test.js.map +1 -0
package/services/mcpAdmin/adminApiKeyService.d.ts +61 -0
package/services/mcpAdmin/adminApiKeyService.d.ts.map +1 -0
package/services/mcpAdmin/adminApiKeyService.js +270 -0
package/services/mcpAdmin/adminApiKeyService.js.map +1 -0
package/services/mcpAdmin/index.d.ts +10 -0
package/services/mcpAdmin/index.d.ts.map +1 -0
package/services/mcpAdmin/index.js +43 -0
package/services/mcpAdmin/index.js.map +1 -0
package/services/mcpAdmin/mcpAdminServer.d.ts +76 -0
package/services/mcpAdmin/mcpAdminServer.d.ts.map +1 -0
package/services/mcpAdmin/mcpAdminServer.js +243 -0
package/services/mcpAdmin/mcpAdminServer.js.map +1 -0
package/services/mcpAdmin/tools/agentTools.d.ts +27 -0
package/services/mcpAdmin/tools/agentTools.d.ts.map +1 -0
package/services/mcpAdmin/tools/agentTools.js +359 -0
package/services/mcpAdmin/tools/agentTools.js.map +1 -0
package/services/mcpAdmin/tools/index.d.ts +15 -0
package/services/mcpAdmin/tools/index.d.ts.map +1 -0
package/services/mcpAdmin/tools/index.js +30 -0
package/services/mcpAdmin/tools/index.js.map +1 -0
package/services/mcpAdmin/tools/mcpServerTools.d.ts +27 -0
package/services/mcpAdmin/tools/mcpServerTools.d.ts.map +1 -0
package/services/mcpAdmin/tools/mcpServerTools.js +334 -0
package/services/mcpAdmin/tools/mcpServerTools.js.map +1 -0
package/services/mcpAdmin/tools/projectTools.d.ts +27 -0
package/services/mcpAdmin/tools/projectTools.d.ts.map +1 -0
package/services/mcpAdmin/tools/projectTools.js +353 -0
package/services/mcpAdmin/tools/projectTools.js.map +1 -0
package/services/mcpAdmin/tools/systemTools.d.ts +23 -0
package/services/mcpAdmin/tools/systemTools.d.ts.map +1 -0
package/services/mcpAdmin/tools/systemTools.js +241 -0
package/services/mcpAdmin/tools/systemTools.js.map +1 -0
package/services/mcpAdmin/types.d.ts +124 -0
package/services/mcpAdmin/types.d.ts.map +1 -0
package/services/mcpAdmin/types.js +18 -0
package/services/mcpAdmin/types.js.map +1 -0
package/{backend/dist/services → services}/messageQueue.d.ts.map +1 -1
package/{backend/dist/services → services}/messageQueue.js +16 -3
package/services/messageQueue.js.map +1 -0
package/services/pluginInstaller.d.ts +58 -0
package/services/pluginInstaller.d.ts.map +1 -0
package/services/pluginInstaller.js +321 -0
package/services/pluginInstaller.js.map +1 -0
package/services/pluginParser.d.ts +45 -0
package/services/pluginParser.d.ts.map +1 -0
package/services/pluginParser.js +437 -0
package/services/pluginParser.js.map +1 -0
package/services/pluginPaths.d.ts +80 -0
package/services/pluginPaths.d.ts.map +1 -0
package/services/pluginPaths.js +274 -0
package/services/pluginPaths.js.map +1 -0
package/services/pluginScanner.d.ts +36 -0
package/services/pluginScanner.d.ts.map +1 -0
package/services/pluginScanner.js +251 -0
package/services/pluginScanner.js.map +1 -0
package/services/pluginSymlink.d.ts +54 -0
package/services/pluginSymlink.d.ts.map +1 -0
package/services/pluginSymlink.js +223 -0
package/services/pluginSymlink.js.map +1 -0
package/services/projectMetadataStorage.d.ts +114 -0
package/services/projectMetadataStorage.d.ts.map +1 -0
package/services/projectMetadataStorage.js +711 -0
package/services/projectMetadataStorage.js.map +1 -0
package/services/scheduledTaskStorage.d.ts +52 -0
package/services/scheduledTaskStorage.d.ts.map +1 -0
package/services/scheduledTaskStorage.js +285 -0
package/services/scheduledTaskStorage.js.map +1 -0
package/services/schedulerService.d.ts +81 -0
package/services/schedulerService.d.ts.map +1 -0
package/services/schedulerService.js +743 -0
package/services/schedulerService.js.map +1 -0
package/{backend/dist/services → services}/sessionManager.d.ts +6 -4
package/services/sessionManager.d.ts.map +1 -0
package/{backend/dist/services → services}/sessionManager.js +77 -16
package/services/sessionManager.js.map +1 -0
package/services/skillStorage.d.ts +60 -0
package/services/skillStorage.d.ts.map +1 -0
package/services/skillStorage.js +398 -0
package/services/skillStorage.js.map +1 -0
package/services/slackAIService.d.ts +81 -0
package/services/slackAIService.d.ts.map +1 -0
package/services/slackAIService.js +1091 -0
package/services/slackAIService.js.map +1 -0
package/services/slackClient.d.ts +46 -0
package/services/slackClient.d.ts.map +1 -0
package/services/slackClient.js +85 -0
package/services/slackClient.js.map +1 -0
package/services/slackSessionLock.d.ts +79 -0
package/services/slackSessionLock.d.ts.map +1 -0
package/services/slackSessionLock.js +353 -0
package/services/slackSessionLock.js.map +1 -0
package/services/slackThreadMapper.d.ts +57 -0
package/services/slackThreadMapper.d.ts.map +1 -0
package/services/slackThreadMapper.js +140 -0
package/services/slackThreadMapper.js.map +1 -0
package/types/a2a.d.ts +275 -0
package/types/a2a.d.ts.map +1 -0
package/types/a2a.js +23 -0
package/types/a2a.js.map +1 -0
package/types/agents.d.ts +95 -0
package/types/agents.d.ts.map +1 -0
package/types/agents.js +46 -0
package/types/agents.js.map +1 -0
package/types/claude-history.d.ts +62 -0
package/types/claude-history.d.ts.map +1 -0
package/types/claude-history.js +4 -0
package/types/claude-history.js.map +1 -0
package/types/claude-versions.d.ts +36 -0
package/types/claude-versions.d.ts.map +1 -0
package/types/claude-versions.js +3 -0
package/types/claude-versions.js.map +1 -0
package/types/commands.d.ts +50 -0
package/types/commands.d.ts.map +1 -0
package/types/commands.js +23 -0
package/types/commands.js.map +1 -0
package/types/plugins.d.ts +144 -0
package/types/plugins.d.ts.map +1 -0
package/types/plugins.js +8 -0
package/types/plugins.js.map +1 -0
package/types/projects.d.ts +42 -0
package/types/projects.d.ts.map +1 -0
package/types/projects.js +4 -0
package/types/projects.js.map +1 -0
package/types/scheduledTasks.d.ts +164 -0
package/types/scheduledTasks.d.ts.map +1 -0
package/types/scheduledTasks.js +17 -0
package/types/scheduledTasks.js.map +1 -0
package/types/skills.d.ts +91 -0
package/types/skills.d.ts.map +1 -0
package/types/skills.js +6 -0
package/types/skills.js.map +1 -0
package/types/slack.d.ts +97 -0
package/types/slack.d.ts.map +1 -0
package/types/slack.js +8 -0
package/types/slack.js.map +1 -0
package/types/streaming.d.ts +12 -0
package/types/streaming.d.ts.map +1 -0
package/types/streaming.js +8 -0
package/types/streaming.js.map +1 -0
package/types/subagents.d.ts +26 -0
package/types/subagents.d.ts.map +1 -0
package/types/subagents.js +3 -0
package/types/subagents.js.map +1 -0
package/utils/__tests__/claudeUtils.test.d.ts +5 -0
package/utils/__tests__/claudeUtils.test.d.ts.map +1 -0
package/utils/__tests__/claudeUtils.test.js +282 -0
package/utils/__tests__/claudeUtils.test.js.map +1 -0
package/utils/__tests__/sessionUtils.test.d.ts +5 -0
package/utils/__tests__/sessionUtils.test.d.ts.map +1 -0
package/utils/__tests__/sessionUtils.test.js +295 -0
package/utils/__tests__/sessionUtils.test.js.map +1 -0
package/utils/agentCardCache.d.ts +93 -0
package/utils/agentCardCache.d.ts.map +1 -0
package/utils/agentCardCache.js +212 -0
package/utils/agentCardCache.js.map +1 -0
package/utils/claudeUtils.d.ts +54 -0
package/utils/claudeUtils.d.ts.map +1 -0
package/utils/claudeUtils.js +387 -0
package/utils/claudeUtils.js.map +1 -0
package/utils/fileUtils.d.ts +2 -0
package/utils/fileUtils.d.ts.map +1 -0
package/utils/fileUtils.js +11 -0
package/utils/fileUtils.js.map +1 -0
package/utils/jwt.d.ts +30 -0
package/utils/jwt.d.ts.map +1 -0
package/utils/jwt.js +95 -0
package/utils/jwt.js.map +1 -0
package/utils/sessionUtils.d.ts +64 -0
package/utils/sessionUtils.d.ts.map +1 -0
package/utils/sessionUtils.js +266 -0
package/utils/sessionUtils.js.map +1 -0
package/README.zh-CN.md +0 -525
package/backend/dist/bin/agentstudio.js +0 -120
package/backend/dist/bin/agentstudio.js.map +0 -1
package/backend/dist/frontend/assets/AgentsPage-Dqb_aqAA.js +0 -1
package/backend/dist/frontend/assets/ChatPage-L8Paywyc.js +0 -91
package/backend/dist/frontend/assets/CommandForm-DLl7EIMS.js +0 -7
package/backend/dist/frontend/assets/CommandsPage-Bzavq0Ec.js +0 -1
package/backend/dist/frontend/assets/DashboardPage-B3o4AYFT.js +0 -15
package/backend/dist/frontend/assets/FileBrowser-DL3ayaqb.js +0 -1
package/backend/dist/frontend/assets/GeneralSettingsPage-CBN_de-V.js +0 -1
package/backend/dist/frontend/assets/LandingPage-Dl4ioKos.js +0 -1
package/backend/dist/frontend/assets/LoginPage-4QqRdiSi.js +0 -12
package/backend/dist/frontend/assets/McpPage-CY3tYiqj.js +0 -39
package/backend/dist/frontend/assets/MemorySettingsPage-DGxrok5K.js +0 -1
package/backend/dist/frontend/assets/ProjectSelector-hgmGYVFh.js +0 -1
package/backend/dist/frontend/assets/ProjectsPage-D399IM0c.js +0 -14
package/backend/dist/frontend/assets/SettingsLayout-CL_K-lzJ.js +0 -1
package/backend/dist/frontend/assets/SubagentsPage-Chbhj8p2.js +0 -1
package/backend/dist/frontend/assets/UnifiedToolSelector-CsM9qBvs.js +0 -1
package/backend/dist/frontend/assets/VersionSettingsPage-74Q-LVgA.js +0 -5
package/backend/dist/frontend/assets/agents-ClAzIJTw.js +0 -1
package/backend/dist/frontend/assets/authFetch-BATQyPG5.js +0 -1
package/backend/dist/frontend/assets/index-B9YHa7XT.css +0 -1
package/backend/dist/frontend/assets/index-B_CTNvca.js +0 -268
package/backend/dist/frontend/assets/monaco-editor-C7Z4sOhS.js +0 -19
package/backend/dist/frontend/assets/tabManager-DV8urRBM.js +0 -30
package/backend/dist/frontend/assets/tools-C4EPanYi.js +0 -1
package/backend/dist/frontend/assets/useAgents-DwnOE1_k.js +0 -2
package/backend/dist/frontend/assets/useClaudeVersions-CQdGnCqv.js +0 -1
package/backend/dist/frontend/assets/useCommands-CCVaurbt.js +0 -1
package/backend/dist/index.d.ts +0 -3
package/backend/dist/index.d.ts.map +0 -1
package/backend/dist/index.js +0 -157
package/backend/dist/index.js.map +0 -1
package/backend/dist/middleware/auth.d.ts.map +0 -1
package/backend/dist/middleware/auth.js +0 -21
package/backend/dist/middleware/auth.js.map +0 -1
package/backend/dist/routes/agents.js +0 -803
package/backend/dist/routes/agents.js.map +0 -1
package/backend/dist/routes/auth.js +0 -60
package/backend/dist/routes/auth.js.map +0 -1
package/backend/dist/routes/commands.js.map +0 -1
package/backend/dist/routes/files.js.map +0 -1
package/backend/dist/routes/mcp.d.ts.map +0 -1
package/backend/dist/routes/mcp.js.map +0 -1
package/backend/dist/routes/media.d.ts.map +0 -1
package/backend/dist/routes/media.js.map +0 -1
package/backend/dist/routes/projects.js +0 -528
package/backend/dist/routes/projects.js.map +0 -1
package/backend/dist/routes/sessions.js.map +0 -1
package/backend/dist/routes/settings.js.map +0 -1
package/backend/dist/routes/slides.js.map +0 -1
package/backend/dist/routes/subagents.js.map +0 -1
package/backend/dist/services/claudeSession.d.ts.map +0 -1
package/backend/dist/services/claudeSession.js.map +0 -1
package/backend/dist/services/messageQueue.js.map +0 -1
package/backend/dist/services/sessionManager.d.ts.map +0 -1
package/backend/dist/services/sessionManager.js.map +0 -1
package/backend/dist/utils/jwt.d.ts +0 -15
package/backend/dist/utils/jwt.d.ts.map +0 -1
package/backend/dist/utils/jwt.js +0 -28
package/backend/dist/utils/jwt.js.map +0 -1
/package/{backend/dist/bin → bin}/agentstudio.d.ts +0 -0
/package/{backend/dist/bin → bin}/agentstudio.d.ts.map +0 -0
/package/{backend/dist/frontend → public}/assets/ChatPage-BvQmXfcP.css +0 -0
/package/{backend/dist/frontend → public}/assets/agents-DwCY2K8p.css +0 -0
/package/{backend/dist/frontend → public}/assets/dateFormat-CXa8VnEC.js +0 -0
/package/{backend/dist/frontend → public}/cc-studio.png +0 -0
/package/{backend/dist/frontend → public}/vite.svg +0 -0
/package/{backend/dist/routes → routes}/agents.d.ts +0 -0
/package/{backend/dist/routes → routes}/auth.d.ts +0 -0
/package/{backend/dist/routes → routes}/commands.d.ts +0 -0
/package/{backend/dist/routes → routes}/files.d.ts +0 -0
/package/{backend/dist/routes → routes}/media.d.ts +0 -0
/package/{backend/dist/routes → routes}/projects.d.ts +0 -0
/package/{backend/dist/routes → routes}/sessions.d.ts +0 -0
/package/{backend/dist/routes → routes}/settings.d.ts +0 -0
/package/{backend/dist/routes → routes}/slides.d.ts +0 -0
/package/{backend/dist/routes → routes}/subagents.d.ts +0 -0
/package/{backend/dist/routes → routes}/subagents.d.ts.map +0 -0
/package/{backend/dist/services → services}/messageQueue.d.ts +0 -0

package/middleware/a2aAuth.js ADDED Viewed

@@ -0,0 +1,134 @@
+"use strict";
+/**
+ * A2A Authentication Middleware
+ *
+ * Validates API keys for all A2A protocol endpoints.
+ * Extracts API key from Authorization header, resolves a2aAgentId to projectId,
+ * and validates the key against project's API key registry.
+ *
+ * Usage: Apply to all routes under /a2a/:a2aAgentId/*
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.a2aAuth = a2aAuth;
+exports.optionalA2AAuth = optionalA2AAuth;
+const agentMappingService_js_1 = require("../services/a2a/agentMappingService.js");
+const apiKeyService_js_1 = require("../services/a2a/apiKeyService.js");
+/**
+ * A2A Authentication Middleware
+ *
+ * Steps:
+ * 1. Extract API key from Authorization header
+ * 2. Resolve a2aAgentId from URL params to projectId/agentType
+ * 3. Validate API key against project's API key registry
+ * 4. Attach A2A context to request object
+ */
+async function a2aAuth(req, res, next) {
+    try {
+        // Step 1: Extract API key from Authorization header
+        const authHeader = req.headers.authorization;
+        if (!authHeader) {
+            res.status(401).json({
+                error: 'Missing Authorization header',
+                code: 'MISSING_AUTH_HEADER',
+                message: 'A2A endpoints require API key authentication. Include: Authorization: Bearer <api-key>',
+            });
+            return;
+        }
+        if (!authHeader.startsWith('Bearer ')) {
+            res.status(401).json({
+                error: 'Invalid Authorization header format',
+                code: 'INVALID_AUTH_FORMAT',
+                message: 'Authorization header must use Bearer scheme: Authorization: Bearer <api-key>',
+            });
+            return;
+        }
+        const apiKey = authHeader.substring(7); // Remove 'Bearer ' prefix
+        if (!apiKey) {
+            res.status(401).json({
+                error: 'Empty API key',
+                code: 'EMPTY_API_KEY',
+                message: 'API key cannot be empty',
+            });
+            return;
+        }
+        // Step 2: Resolve a2aAgentId to projectId/agentType
+        const a2aAgentId = req.params.a2aAgentId;
+        if (!a2aAgentId) {
+            res.status(400).json({
+                error: 'Missing a2aAgentId in URL',
+                code: 'MISSING_AGENT_ID',
+                message: 'A2A agent ID must be specified in URL path: /a2a/:a2aAgentId/...',
+            });
+            return;
+        }
+        const agentMapping = await (0, agentMappingService_js_1.resolveA2AId)(a2aAgentId);
+        if (!agentMapping) {
+            res.status(404).json({
+                error: 'Agent not found',
+                code: 'AGENT_NOT_FOUND',
+                message: `No agent found with A2A ID: ${a2aAgentId}`,
+            });
+            return;
+        }
+        // Step 3: Validate API key against project's API key registry
+        // Use workingDirectory as the path for API key storage, not projectId
+        const { projectId, workingDirectory } = agentMapping;
+        const validation = await (0, apiKeyService_js_1.validateApiKey)(workingDirectory, apiKey);
+        if (!validation.valid) {
+            // Log failed authentication attempt (for security monitoring)
+            console.warn('[A2A Auth] Failed authentication attempt:', {
+                a2aAgentId,
+                projectId,
+                workingDirectory,
+                timestamp: new Date().toISOString(),
+                ip: req.ip,
+            });
+            res.status(401).json({
+                error: 'Invalid API key',
+                code: 'INVALID_API_KEY',
+                message: 'The provided API key is invalid or has been revoked',
+            });
+            return;
+        }
+        // Step 4: Attach A2A context to request
+        req.a2aContext = {
+            a2aAgentId,
+            projectId: agentMapping.projectId,
+            agentType: agentMapping.agentType,
+            workingDirectory: agentMapping.workingDirectory,
+            apiKeyId: validation.keyId,
+        };
+        // Log successful authentication (for monitoring)
+        console.info('[A2A Auth] Successful authentication:', {
+            a2aAgentId,
+            projectId: agentMapping.projectId,
+            agentType: agentMapping.agentType,
+            keyId: validation.keyId,
+            timestamp: new Date().toISOString(),
+        });
+        next();
+    }
+    catch (error) {
+        console.error('[A2A Auth] Authentication error:', error);
+        res.status(500).json({
+            error: 'Authentication error',
+            code: 'AUTH_ERROR',
+            message: 'An error occurred during authentication',
+        });
+    }
+}
+/**
+ * Optional middleware to allow unauthenticated access (for public endpoints like health checks)
+ * This should be used sparingly - most A2A endpoints should require authentication
+ */
+function optionalA2AAuth(req, res, next) {
+    // If Authorization header is present, validate it
+    if (req.headers.authorization) {
+        a2aAuth(req, res, next);
+    }
+    else {
+        // Otherwise, continue without authentication
+        next();
+    }
+}
+//# sourceMappingURL=a2aAuth.js.map

package/middleware/a2aAuth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"a2aAuth.js","sourceRoot":"","sources":["../../src/middleware/a2aAuth.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AA4BH,0BA4GC;AAMD,0CAQC;AAnJD,mFAAsE;AACtE,uEAAkE;AAelE;;;;;;;;GAQG;AACI,KAAK,UAAU,OAAO,CAAC,GAAe,EAAE,GAAa,EAAE,IAAkB;IAC9E,IAAI,CAAC;QACH,oDAAoD;QACpD,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,8BAA8B;gBACrC,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,wFAAwF;aAClG,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,qCAAqC;gBAC5C,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,8EAA8E;aACxF,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAElE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,eAAe;gBACtB,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,yBAAyB;aACnC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,oDAAoD;QACpD,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC;QAEzC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,2BAA2B;gBAClC,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,kEAAkE;aAC5E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAAY,EAAC,UAAU,CAAC,CAAC;QAEpD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,+BAA+B,UAAU,EAAE;aACrD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,8DAA8D;QAC9D,sEAAsE;QACtE,MAAM,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAC;QACrD,MAAM,UAAU,GAAG,MAAM,IAAA,iCAAc,EAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;QAElE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,8DAA8D;YAC9D,OAAO,CAAC,IAAI,CAAC,2CAA2C,EAAE;gBACxD,UAAU;gBACV,SAAS;gBACT,gBAAgB;gBAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,EAAE,EAAE,GAAG,CAAC,EAAE;aACX,CAAC,CAAC;YAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,qDAAqD;aAC/D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,wCAAwC;QACxC,GAAG,CAAC,UAAU,GAAG;YACf,UAAU;YACV,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;YAC/C,QAAQ,EAAE,UAAU,CAAC,KAAM;SAC5B,CAAC;QAEF,iDAAiD;QACjD,OAAO,CAAC,IAAI,CAAC,uCAAuC,EAAE;YACpD,UAAU;YACV,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,KAAK,EAAE,UAAU,CAAC,KAAK;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAEzD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,sBAAsB;YAC7B,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,yCAAyC;SACnD,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,GAAe,EAAE,GAAa,EAAE,IAAkB;IAChF,kDAAkD;IAClD,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC9B,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,6CAA6C;QAC7C,IAAI,EAAE,CAAC;IACT,CAAC;AACH,CAAC"}

package/{backend/dist/middleware → middleware}/auth.d.ts RENAMED Viewed

@@ -1,7 +1,9 @@
 import { Request, Response, NextFunction } from 'express';
 /**
  * Middleware to authenticate requests using JWT token
- * Expects token in Authorization header as "Bearer <token>"
+ * Supports:
+ * 1. Authorization header as "Bearer <token>"
+ * 2. Query parameter "token=<token>" (for EventSource/SSE connections)
  */
 export declare function authMiddleware(req: Request, res: Response, next: NextFunction): void;
 //# sourceMappingURL=auth.d.ts.map

package/middleware/auth.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG1D;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CA6BpF"}

package/middleware/auth.js ADDED Viewed

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authMiddleware = authMiddleware;
+const jwt_1 = require("../utils/jwt");
+/**
+ * Middleware to authenticate requests using JWT token
+ * Supports:
+ * 1. Authorization header as "Bearer <token>"
+ * 2. Query parameter "token=<token>" (for EventSource/SSE connections)
+ */
+function authMiddleware(req, res, next) {
+    const authHeader = req.headers.authorization;
+    const queryToken = req.query.token;
+    let token;
+    // Check Authorization header first
+    if (authHeader && authHeader.startsWith('Bearer ')) {
+        token = authHeader.substring(7); // Remove "Bearer " prefix
+    }
+    // Fall back to query parameter (for EventSource/SSE)
+    else if (queryToken) {
+        token = queryToken;
+    }
+    if (!token) {
+        res.status(401).json({ error: 'Unauthorized: No token provided' });
+        return;
+    }
+    const payload = (0, jwt_1.verifyToken)(token);
+    if (!payload) {
+        res.status(401).json({ error: 'Unauthorized: Invalid or expired token' });
+        return;
+    }
+    // Token is valid, proceed to next middleware
+    next();
+}
+//# sourceMappingURL=auth.js.map

package/middleware/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":";;AASA,wCA6BC;AArCD,sCAA2C;AAE3C;;;;;GAKG;AACH,SAAgB,cAAc,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IAC5E,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IAC7C,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,KAA2B,CAAC;IAEzD,IAAI,KAAyB,CAAC;IAE9B,mCAAmC;IACnC,IAAI,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACnD,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;IAC7D,CAAC;IACD,qDAAqD;SAChD,IAAI,UAAU,EAAE,CAAC;QACpB,KAAK,GAAG,UAAU,CAAC;IACrB,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC,CAAC;QACnE,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,iBAAW,EAAC,KAAK,CAAC,CAAC;IAEnC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wCAAwC,EAAE,CAAC,CAAC;QAC1E,OAAO;IACT,CAAC;IAED,6CAA6C;IAC7C,IAAI,EAAE,CAAC;AACT,CAAC"}

package/middleware/httpsOnly.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+/**
+ * HTTPS Enforcement Middleware
+ *
+ * Ensures that A2A endpoints are only accessible over HTTPS in production.
+ * This prevents man-in-the-middle attacks and protects API keys in transit.
+ *
+ * Phase 10 (Polish): T089 - HTTPS enforcement middleware for production
+ *
+ * Note: IP address access is exempt from HTTPS requirement, as these are typically
+ * internal/development access patterns or behind reverse proxies like Nginx.
+ */
+import type { Request, Response, NextFunction } from 'express';
+/**
+ * Check if a hostname is an IP address (IPv4 or IPv6)
+ *
+ * @param hostname - The hostname to check
+ * @returns true if the hostname is an IP address
+ */
+export declare function isIPAddress(hostname: string): boolean;
+/**
+ * Middleware to enforce HTTPS for specific routes in production
+ * Exempt: IP address access (internal/development patterns)
+ *
+ * @param req - Express request object
+ * @param res - Express response object
+ * @param next - Express next function
+ */
+export declare function httpsOnly(req: Request, res: Response, next: NextFunction): any;
+/**
+ * Middleware to enforce HTTPS and redirect HTTP to HTTPS
+ * Use this for user-facing pages that should redirect
+ *
+ * @param req - Express request object
+ * @param res - Express response object
+ * @param next - Express next function
+ */
+export declare function httpsRedirect(req: Request, res: Response, next: NextFunction): any;
+//# sourceMappingURL=httpsOnly.d.ts.map

package/middleware/httpsOnly.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"httpsOnly.d.ts","sourceRoot":"","sources":["../../src/middleware/httpsOnly.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE/D;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CA6BrD;AAED;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,GAAG,CA6B9E;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,GAAG,CAmBlF"}

package/middleware/httpsOnly.js ADDED Viewed

@@ -0,0 +1,105 @@
+"use strict";
+/**
+ * HTTPS Enforcement Middleware
+ *
+ * Ensures that A2A endpoints are only accessible over HTTPS in production.
+ * This prevents man-in-the-middle attacks and protects API keys in transit.
+ *
+ * Phase 10 (Polish): T089 - HTTPS enforcement middleware for production
+ *
+ * Note: IP address access is exempt from HTTPS requirement, as these are typically
+ * internal/development access patterns or behind reverse proxies like Nginx.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isIPAddress = isIPAddress;
+exports.httpsOnly = httpsOnly;
+exports.httpsRedirect = httpsRedirect;
+/**
+ * Check if a hostname is an IP address (IPv4 or IPv6)
+ *
+ * @param hostname - The hostname to check
+ * @returns true if the hostname is an IP address
+ */
+function isIPAddress(hostname) {
+    if (!hostname)
+        return false;
+    // Remove port if present
+    const hostWithoutPort = hostname.split(':')[0];
+    // IPv4 pattern: xxx.xxx.xxx.xxx
+    const ipv4Pattern = /^(\d{1,3}\.){3}\d{1,3}$/;
+    if (ipv4Pattern.test(hostWithoutPort)) {
+        // Validate each octet is 0-255
+        const octets = hostWithoutPort.split('.');
+        return octets.every((octet) => {
+            const num = parseInt(octet, 10);
+            return num >= 0 && num <= 255;
+        });
+    }
+    // IPv6 patterns (simplified check for common formats)
+    // Full IPv6: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
+    // Compressed IPv6: ::1, ::ffff:192.0.2.1, etc.
+    const ipv6Pattern = /^([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}$/;
+    const ipv6LoopbackPattern = /^::1$/;
+    const ipv6MappedPattern = /^::ffff:\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/i;
+    return (ipv6Pattern.test(hostWithoutPort) ||
+        ipv6LoopbackPattern.test(hostWithoutPort) ||
+        ipv6MappedPattern.test(hostWithoutPort));
+}
+/**
+ * Middleware to enforce HTTPS for specific routes in production
+ * Exempt: IP address access (internal/development patterns)
+ *
+ * @param req - Express request object
+ * @param res - Express response object
+ * @param next - Express next function
+ */
+function httpsOnly(req, res, next) {
+    // Only enforce HTTPS in production
+    if (process.env.NODE_ENV !== 'production') {
+        return next();
+    }
+    // Allow IP address access without HTTPS (internal/proxy scenarios)
+    const host = req.get('host') || '';
+    if (isIPAddress(host)) {
+        return next();
+    }
+    // Check if request is secure (HTTPS)
+    // req.secure checks for req.protocol === 'https'
+    // Also check X-Forwarded-Proto header for proxy/load balancer scenarios
+    const isSecure = req.secure ||
+        req.headers['x-forwarded-proto'] === 'https' ||
+        req.headers['x-forwarded-proto']?.includes('https');
+    if (!isSecure) {
+        return res.status(403).json({
+            error: 'HTTPS required',
+            code: 'HTTPS_REQUIRED',
+            message: 'This endpoint requires HTTPS connection in production environment',
+        });
+    }
+    next();
+}
+/**
+ * Middleware to enforce HTTPS and redirect HTTP to HTTPS
+ * Use this for user-facing pages that should redirect
+ *
+ * @param req - Express request object
+ * @param res - Express response object
+ * @param next - Express next function
+ */
+function httpsRedirect(req, res, next) {
+    // Only enforce HTTPS in production
+    if (process.env.NODE_ENV !== 'production') {
+        return next();
+    }
+    // Check if request is secure
+    const isSecure = req.secure ||
+        req.headers['x-forwarded-proto'] === 'https' ||
+        req.headers['x-forwarded-proto']?.includes('https');
+    if (!isSecure) {
+        // Redirect to HTTPS
+        const httpsUrl = `https://${req.get('host')}${req.originalUrl}`;
+        return res.redirect(301, httpsUrl);
+    }
+    next();
+}
+//# sourceMappingURL=httpsOnly.js.map

package/middleware/httpsOnly.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"httpsOnly.js","sourceRoot":"","sources":["../../src/middleware/httpsOnly.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;AAUH,kCA6BC;AAUD,8BA6BC;AAUD,sCAmBC;AAvGD;;;;;GAKG;AACH,SAAgB,WAAW,CAAC,QAAgB;IAC1C,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE5B,yBAAyB;IACzB,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAE/C,gCAAgC;IAChC,MAAM,WAAW,GAAG,yBAAyB,CAAC;IAC9C,IAAI,WAAW,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;QACtC,+BAA+B;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAChC,OAAO,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC;QAChC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,qDAAqD;IACrD,+CAA+C;IAC/C,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,mBAAmB,GAAG,OAAO,CAAC;IACpC,MAAM,iBAAiB,GAAG,8CAA8C,CAAC;IAEzE,OAAO,CACL,WAAW,CAAC,IAAI,CAAC,eAAe,CAAC;QACjC,mBAAmB,CAAC,IAAI,CAAC,eAAe,CAAC;QACzC,iBAAiB,CAAC,IAAI,CAAC,eAAe,CAAC,CACxC,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,SAAS,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IACvE,mCAAmC;IACnC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QAC1C,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,mEAAmE;IACnE,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACnC,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;QACtB,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,qCAAqC;IACrC,iDAAiD;IACjD,wEAAwE;IACxE,MAAM,QAAQ,GACZ,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;QAC5C,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEtD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YAC1B,KAAK,EAAE,gBAAgB;YACvB,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,mEAAmE;SAC7E,CAAC,CAAC;IACL,CAAC;IAED,IAAI,EAAE,CAAC;AACT,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB;IAC3E,mCAAmC;IACnC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QAC1C,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GACZ,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO;QAC5C,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEtD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,oBAAoB;QACpB,MAAM,QAAQ,GAAG,WAAW,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QAChE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACrC,CAAC;IAED,IAAI,EAAE,CAAC;AACT,CAAC"}

package/middleware/rateLimiting.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+/**
+ * Rate Limiting Middleware for A2A Endpoints
+ *
+ * Limits requests to 100 per hour per API key to prevent abuse.
+ * Returns 429 Too Many Requests with retryAfter header when limit exceeded.
+ *
+ * Uses in-memory storage (resets on server restart).
+ */
+import rateLimit from 'express-rate-limit';
+/**
+ * Rate limiter configuration for A2A endpoints
+ *
+ * - Window: 1 hour (60 minutes)
+ * - Max requests: 100 per window
+ * - Key generator: Uses API key from a2aContext (set by a2aAuth middleware)
+ * - Response: 429 with retryAfter header
+ */
+export declare const a2aRateLimiter: import("express-rate-limit").RateLimitRequestHandler;
+/**
+ * Stricter rate limiter for sensitive operations (e.g., task creation)
+ *
+ * - Window: 1 hour
+ * - Max requests: 50 per window
+ */
+export declare const a2aStrictRateLimiter: import("express-rate-limit").RateLimitRequestHandler;
+/**
+ * Custom rate limiter factory for flexible configuration
+ *
+ * @param options - Rate limiter options
+ * @returns Configured rate limiter middleware
+ */
+export declare function createA2ARateLimiter(options: {
+    windowMs?: number;
+    max?: number;
+    message?: string;
+}): ReturnType<typeof rateLimit>;
+//# sourceMappingURL=rateLimiting.d.ts.map

package/middleware/rateLimiting.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rateLimiting.d.ts","sourceRoot":"","sources":["../../src/middleware/rateLimiting.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAI3C;;;;;;;GAOG;AACH,eAAO,MAAM,cAAc,sDAkDzB,CAAC;AAEH;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,sDAiB/B,CAAC;AAEH;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB,GAAG,UAAU,CAAC,OAAO,SAAS,CAAC,CAqB/B"}

package/middleware/rateLimiting.js ADDED Viewed

@@ -0,0 +1,118 @@
+"use strict";
+/**
+ * Rate Limiting Middleware for A2A Endpoints
+ *
+ * Limits requests to 100 per hour per API key to prevent abuse.
+ * Returns 429 Too Many Requests with retryAfter header when limit exceeded.
+ *
+ * Uses in-memory storage (resets on server restart).
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.a2aStrictRateLimiter = exports.a2aRateLimiter = void 0;
+exports.createA2ARateLimiter = createA2ARateLimiter;
+const express_rate_limit_1 = __importDefault(require("express-rate-limit"));
+/**
+ * Rate limiter configuration for A2A endpoints
+ *
+ * - Window: 1 hour (60 minutes)
+ * - Max requests: 100 per window
+ * - Key generator: Uses API key from a2aContext (set by a2aAuth middleware)
+ * - Response: 429 with retryAfter header
+ */
+exports.a2aRateLimiter = (0, express_rate_limit_1.default)({
+    // Rate limit window (1 hour)
+    windowMs: 60 * 60 * 1000, // 60 minutes
+    // Maximum requests per window
+    max: 100,
+    // Use API key as identifier (from a2aContext set by auth middleware)
+    keyGenerator: (req) => {
+        const a2aReq = req;
+        // If a2aContext is available, use API key ID
+        if (a2aReq.a2aContext?.apiKeyId) {
+            return a2aReq.a2aContext.apiKeyId;
+        }
+        // Fallback to IP address if no API key (shouldn't happen with auth middleware)
+        return req.ip || 'unknown';
+    },
+    // Standardized error response
+    handler: (req, res) => {
+        const a2aReq = req;
+        const keyId = a2aReq.a2aContext?.apiKeyId || 'unknown';
+        console.warn('[A2A Rate Limit] Rate limit exceeded:', {
+            keyId,
+            projectId: a2aReq.a2aContext?.projectId,
+            a2aAgentId: a2aReq.a2aContext?.a2aAgentId,
+            ip: req.ip,
+            timestamp: new Date().toISOString(),
+        });
+        res.status(429).json({
+            error: 'Rate limit exceeded',
+            code: 'RATE_LIMIT_EXCEEDED',
+            message: 'Too many requests. Maximum 100 requests per hour per API key.',
+            retryAfter: 3600, // 1 hour in seconds
+        });
+    },
+    // Skip successful requests from rate limit counting (only count actual processing)
+    skip: (req) => {
+        // Don't skip any requests - count all attempts
+        return false;
+    },
+    // Include rate limit info in response headers
+    standardHeaders: true, // Return rate limit info in `RateLimit-*` headers
+    legacyHeaders: false, // Disable `X-RateLimit-*` headers
+});
+/**
+ * Stricter rate limiter for sensitive operations (e.g., task creation)
+ *
+ * - Window: 1 hour
+ * - Max requests: 50 per window
+ */
+exports.a2aStrictRateLimiter = (0, express_rate_limit_1.default)({
+    windowMs: 60 * 60 * 1000, // 1 hour
+    max: 50, // Stricter limit
+    keyGenerator: (req) => {
+        const a2aReq = req;
+        return a2aReq.a2aContext?.apiKeyId || req.ip || 'unknown';
+    },
+    handler: (req, res) => {
+        res.status(429).json({
+            error: 'Rate limit exceeded',
+            code: 'RATE_LIMIT_EXCEEDED',
+            message: 'Too many task creation requests. Maximum 50 per hour per API key.',
+            retryAfter: 3600,
+        });
+    },
+    standardHeaders: true,
+    legacyHeaders: false,
+});
+/**
+ * Custom rate limiter factory for flexible configuration
+ *
+ * @param options - Rate limiter options
+ * @returns Configured rate limiter middleware
+ */
+function createA2ARateLimiter(options) {
+    const { windowMs = 60 * 60 * 1000, max = 100, message = 'Rate limit exceeded' } = options;
+    return (0, express_rate_limit_1.default)({
+        windowMs,
+        max,
+        keyGenerator: (req) => {
+            const a2aReq = req;
+            return a2aReq.a2aContext?.apiKeyId || req.ip || 'unknown';
+        },
+        handler: (req, res) => {
+            res.status(429).json({
+                error: 'Rate limit exceeded',
+                code: 'RATE_LIMIT_EXCEEDED',
+                message,
+                retryAfter: Math.ceil(windowMs / 1000),
+            });
+        },
+        standardHeaders: true,
+        legacyHeaders: false,
+    });
+}
+//# sourceMappingURL=rateLimiting.js.map

package/middleware/rateLimiting.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rateLimiting.js","sourceRoot":"","sources":["../../src/middleware/rateLimiting.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;AAiGH,oDAyBC;AAxHD,4EAA2C;AAI3C;;;;;;;GAOG;AACU,QAAA,cAAc,GAAG,IAAA,4BAAS,EAAC;IACtC,6BAA6B;IAC7B,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;IAEvC,8BAA8B;IAC9B,GAAG,EAAE,GAAG;IAER,qEAAqE;IACrE,YAAY,EAAE,CAAC,GAAY,EAAU,EAAE;QACrC,MAAM,MAAM,GAAG,GAAiB,CAAC;QAEjC,6CAA6C;QAC7C,IAAI,MAAM,CAAC,UAAU,EAAE,QAAQ,EAAE,CAAC;YAChC,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC;QACpC,CAAC;QAED,+EAA+E;QAC/E,OAAO,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;IAC7B,CAAC;IAED,8BAA8B;IAC9B,OAAO,EAAE,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;QAC7C,MAAM,MAAM,GAAG,GAAiB,CAAC;QACjC,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,EAAE,QAAQ,IAAI,SAAS,CAAC;QAEvD,OAAO,CAAC,IAAI,CAAC,uCAAuC,EAAE;YACpD,KAAK;YACL,SAAS,EAAE,MAAM,CAAC,UAAU,EAAE,SAAS;YACvC,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,UAAU;YACzC,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,qBAAqB;YAC5B,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,+DAA+D;YACxE,UAAU,EAAE,IAAI,EAAE,oBAAoB;SACvC,CAAC,CAAC;IACL,CAAC;IAED,mFAAmF;IACnF,IAAI,EAAE,CAAC,GAAY,EAAW,EAAE;QAC9B,+CAA+C;QAC/C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,8CAA8C;IAC9C,eAAe,EAAE,IAAI,EAAE,kDAAkD;IACzE,aAAa,EAAE,KAAK,EAAE,kCAAkC;CACzD,CAAC,CAAC;AAEH;;;;;GAKG;AACU,QAAA,oBAAoB,GAAG,IAAA,4BAAS,EAAC;IAC5C,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,SAAS;IACnC,GAAG,EAAE,EAAE,EAAE,iBAAiB;IAC1B,YAAY,EAAE,CAAC,GAAY,EAAU,EAAE;QACrC,MAAM,MAAM,GAAG,GAAiB,CAAC;QACjC,OAAO,MAAM,CAAC,UAAU,EAAE,QAAQ,IAAI,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;IAC5D,CAAC;IACD,OAAO,EAAE,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;QAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,qBAAqB;YAC5B,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,mEAAmE;YAC5E,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IACD,eAAe,EAAE,IAAI;IACrB,aAAa,EAAE,KAAK;CACrB,CAAC,CAAC;AAEH;;;;;GAKG;AACH,SAAgB,oBAAoB,CAAC,OAIpC;IACC,MAAM,EAAE,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,GAAG,GAAG,GAAG,EAAE,OAAO,GAAG,qBAAqB,EAAE,GAAG,OAAO,CAAC;IAE1F,OAAO,IAAA,4BAAS,EAAC;QACf,QAAQ;QACR,GAAG;QACH,YAAY,EAAE,CAAC,GAAY,EAAU,EAAE;YACrC,MAAM,MAAM,GAAG,GAAiB,CAAC;YACjC,OAAO,MAAM,CAAC,UAAU,EAAE,QAAQ,IAAI,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC5D,CAAC;QACD,OAAO,EAAE,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;YAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,qBAAqB;gBAC5B,IAAI,EAAE,qBAAqB;gBAC3B,OAAO;gBACP,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;aACvC,CAAC,CAAC;QACL,CAAC;QACD,eAAe,EAAE,IAAI;QACrB,aAAa,EAAE,KAAK;KACrB,CAAC,CAAC;AACL,CAAC"}

package/package.json CHANGED Viewed

@@ -1,59 +1,64 @@
 {
   "name": "agentstudio",
-  "version": "0.1.18",
-  "description": "Claude-powered AgentStudio with React frontend and Node.js backend, built on top of Claude Code SDK",
-  "type": "module",
-  "private": false,
-  "main": "./backend/dist/index.js",
+  "version": "0.1.21",
+  "description": "AgentStudio - AI-powered agent workspace with Claude integration. One command to start your AI agent studio.",
+  "main": "index.js",
   "bin": {
-    "agentstudio": "./backend/dist/bin/agentstudio.js"
+    "agentstudio": "bin/agentstudio.js"
   },
-  "files": [
-    "backend/dist/**/*"
-  ],
   "scripts": {
-    "start": "node backend/dist/index.js",
-    "build": "node scripts/build-complete.js",
-    "build:backend": "cd backend && npm install && npm run build",
-    "build:complete": "node scripts/build-complete.js"
-  },
-  "keywords": [
-    "ai",
-    "agent",
-    "studio",
-    "editor",
-    "react",
-    "typescript"
-  ],
-  "author": "jeffkit <bbmyth@gmail.com>",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/git-men/agentstudio.git"
-  },
-  "homepage": "https://github.com/git-men/agentstudio#readme",
-  "bugs": {
-    "url": "https://github.com/git-men/agentstudio/issues"
-  },
-  "devDependencies": {
-    "concurrently": "^8.2.2",
-    "typescript": "^5.9.2"
+    "start": "node index.js",
+    "postinstall": "node scripts/postinstall.js || true"
   },
   "dependencies": {
-    "agentstudio-shared": "^0.1.0",
+    "@a2a-js/sdk": "^0.2.5",
     "@ai-sdk/anthropic": "^1.0.5",
     "@ai-sdk/openai": "^1.0.7",
-    "@anthropic-ai/claude-code": "^2.0.10",
+    "@anthropic-ai/claude-agent-sdk": "^0.1.62",
+    "@types/js-yaml": "^4.0.9",
     "ai": "^5.0.22",
+    "bcryptjs": "^2.4.3",
     "commander": "^11.1.0",
     "cors": "^2.8.5",
     "dotenv": "^16.3.1",
     "eventsource": "^4.0.0",
     "express": "^4.18.2",
+    "express-rate-limit": "^6.11.2",
     "fs-extra": "^11.1.1",
     "gray-matter": "^4.0.3",
     "helmet": "^7.0.0",
+    "js-yaml": "^4.1.0",
     "jsonwebtoken": "^9.0.2",
+    "node-cron": "^4.2.1",
+    "proper-lockfile": "^4.1.2",
+    "undici": "^7.16.0",
     "zod": "^3.22.2"
+  },
+  "author": "okguitar <okguitar@gmail.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/okguitar/agentstudio.git"
+  },
+  "homepage": "https://github.com/okguitar/agentstudio#readme",
+  "bugs": {
+    "url": "https://github.com/okguitar/agentstudio/issues"
+  },
+  "keywords": [
+    "ai",
+    "agent",
+    "studio",
+    "claude",
+    "anthropic",
+    "mcp",
+    "ai-assistant",
+    "workspace",
+    "cli"
+  ],
+  "files": [
+    "**/*"
+  ],
+  "engines": {
+    "node": ">=18.0.0"
   }
-}
+}