npm - claude-flow-novice - Versions diffs - 2.15.11 → 2.16.1 - Mend

claude-flow-novice 2.15.11 → 2.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (741) hide show

package/dist/mcp/playwright-mcp-server-auth.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../src/mcp/playwright-mcp-server-auth.js"],"sourcesContent":["#!/usr/bin/env node\r\n\r\n/*\r\n Enhanced Playwright MCP Server with Authentication\r\n * Includes token-based authentication and authorization\r\n /\r\n\r\nconst { chromium } = require('playwright');\r\nconst readline = require('readline');\r\nconst MCPAuthMiddleware = require('./auth-middleware.js');\r\n\r\nclass AuthenticatedPlaywrightMCPServer {\r\n constructor(options = {}) {\r\n this.browser = null;\r\n this.page = null;\r\n this.rl = readline.createInterface({\r\n input: process.stdin,\r\n output: process.stdout,\r\n terminal: false\r\n });\r\n\r\n // Initialize authentication middleware\r\n this.auth = new MCPAuthMiddleware({\r\n redisUrl: options.redisUrl \|\| process.env.CFN_REDIS_URL \|\| process.env.MCP_REDIS_URL \|\| `redis://${process.env.CFN_REDIS_HOST \|\| 'cfn-redis'}:${process.env.CFN_REDIS_PORT \|\| 6379}`,\r\n authRequired: options.authRequired !== false && process.env.MCP_AUTH_REQUIRED !== 'false',\r\n agentConfigPath: options.agentConfigPath \|\| process.env.MCP_AGENT_CONFIG \|\| './config/agent-whitelist.json',\r\n skillConfigPath: options.skillConfigPath \|\| process.env.MCP_SKILL_CONFIG \|\| './config/skill-requirements.json',\r\n rateLimitMax: options.rateLimitMax \|\| parseInt(process.env.MCP_RATE_LIMIT_MAX) \|\| 60,\r\n rateLimitWindow: options.rateLimitWindow \|\| parseInt(process.env.MCP_RATE_LIMIT_WINDOW) \|\| 60\r\n });\r\n\r\n this.tools = {\r\n take_screenshot: {\r\n name: 'take_screenshot',\r\n description: 'Take a screenshot of a webpage (requires browser-automation, screenshot-capture skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n url: { type: 'string', description: 'URL to capture' },\r\n filename: { type: 'string', description: 'Screenshot filename (optional)' },\r\n fullPage: { type: 'boolean', default: false, description: 'Capture full page' },\r\n waitTime: { type: 'number', default: 3000, description: 'Wait time before screenshot (ms)' }\r\n },\r\n required: ['url']\r\n },\r\n skillRequirements: ['browser-automation', 'screenshot-capture']\r\n },\r\n search_google: {\r\n name: 'search_google',\r\n description: 'Search Google and return results (requires browser-automation, web-search skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n query: { type: 'string', description: 'Search query' },\r\n screenshot: { type: 'boolean', default: true, description: 'Take screenshot of results' },\r\n resultCount: { type: 'number', default: 5, description: 'Number of results to return' }\r\n },\r\n required: ['query']\r\n },\r\n skillRequirements: ['browser-automation', 'web-search']\r\n },\r\n navigate_and_interact: {\r\n name: 'navigate_and_interact',\r\n description: 'Navigate to a webpage and interact with elements (requires browser-automation, web-interaction skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n url: { type: 'string', description: 'URL to navigate to' },\r\n actions: {\r\n type: 'array',\r\n description: 'Array of actions to perform',\r\n items: {\r\n type: 'object',\r\n properties: {\r\n type: { type: 'string', enum: ['click', 'fill', 'press', 'wait'] },\r\n selector: { type: 'string', description: 'CSS selector' },\r\n value: { type: 'string', description: 'Value for fill actions' },\r\n key: { type: 'string', description: 'Key for press actions' }\r\n }\r\n }\r\n },\r\n screenshot: { type: 'boolean', default: false }\r\n },\r\n required: ['url']\r\n },\r\n skillRequirements: ['browser-automation', 'web-interaction']\r\n }\r\n };\r\n\r\n this.stats = {\r\n totalRequests: 0,\r\n authorizedRequests: 0,\r\n rejectedRequests: 0,\r\n toolUsage: {},\r\n lastActivity: null\r\n };\r\n }\r\n\r\n async initialize() {\r\n try {\r\n // Initialize authentication\r\n await this.auth.initialize();\r\n console.error('[MCP-Server] Authentication middleware initialized');\r\n\r\n // Initialize Playwright browser\r\n await this.initBrowser();\r\n console.error('[MCP-Server] Playwright browser initialized');\r\n\r\n console.error('[MCP-Server] Authenticated Playwright MCP Server ready');\r\n } catch (error) {\r\n console.error('[MCP-Server] Failed to initialize:', error);\r\n process.exit(1);\r\n }\r\n }\r\n\r\n async initBrowser() {\r\n if (!this.browser) {\r\n this.browser = await chromium.launch({\r\n headless: true,\r\n args: [\r\n '--no-sandbox',\r\n '--disable-setuid-sandbox',\r\n '--disable-dev-shm-usage',\r\n '--disable-gpu'\r\n ]\r\n });\r\n this.page = await this.browser.newPage();\r\n }\r\n }\r\n\r\n async takeScreenshot(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Taking screenshot for ${agentContext.agentType}`);\r\n\r\n await this.page.goto(args.url, {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n if (args.waitTime > 0) {\r\n await this.page.waitForTimeout(args.waitTime);\r\n }\r\n\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = args.filename \|\| `screenshot-${agentContext.agentType}-${timestamp}.png`;\r\n const filepath = `/app/screenshots/${filename}`;\r\n\r\n await this.page.screenshot({\r\n path: filepath,\r\n fullPage: args.fullPage \|\| false\r\n });\r\n\r\n return {\r\n success: true,\r\n filename: filename,\r\n filepath: filepath,\r\n url: args.url,\r\n title: await this.page.title(),\r\n size: `${this.page.viewportSize()?.width \|\| 1280}x${this.page.viewportSize()?.height \|\| 720}`,\r\n capturedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async searchGoogle(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Google search for ${agentContext.agentType}: \"${args.query}\"`);\r\n\r\n await this.page.goto('https://www.google.com', {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n // Handle cookies popup if present\r\n try {\r\n await this.page.waitForSelector('button[aria-label=\"Accept\"], button[aria-label=\"agree\"]', { timeout: 3000 });\r\n await this.page.click('button[aria-label=\"Accept\"], button[aria-label*=\"agree\"]');\r\n await this.page.waitForTimeout(1000);\r\n } catch (e) {\r\n // No cookie popup, continue\r\n }\r\n\r\n // Perform search\r\n const searchBox = await this.page.waitForSelector('textarea[name=\"q\"], input[name=\"q\"]', { timeout: 10000 });\r\n await searchBox.fill(args.query);\r\n await searchBox.press('Enter');\r\n\r\n // Wait for results\r\n await this.page.waitForSelector('[role=\"main\"], #search', { timeout: 15000 });\r\n\r\n // Extract results\r\n const results = await this.page.$$eval('div[data-hveid] h3', elements =>\r\n elements.slice(0, args.resultCount \|\| 5).map(el => el.textContent.trim())\r\n );\r\n\r\n let screenshotInfo = null;\r\n if (args.screenshot) {\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = `google-search-${args.query.toLowerCase().replace(/\\s+/g, '-')}-${timestamp}.png`;\r\n await this.page.screenshot({ path: `/app/screenshots/${filename}` });\r\n screenshotInfo = {\r\n filename,\r\n path: `/app/screenshots/${filename}`,\r\n url: this.page.url()\r\n };\r\n }\r\n\r\n return {\r\n success: true,\r\n query: args.query,\r\n results: results,\r\n resultCount: results.length,\r\n screenshot: screenshotInfo,\r\n url: this.page.url(),\r\n title: await this.page.title(),\r\n searchedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async navigateAndInteract(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Page interaction for ${agentContext.agentType}: ${args.url}`);\r\n\r\n await this.page.goto(args.url, {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n const results = [];\r\n\r\n for (const action of args.actions \|\| []) {\r\n try {\r\n switch (action.type) {\r\n case 'click':\r\n await this.page.waitForSelector(action.selector, { timeout: 5000 });\r\n await this.page.click(action.selector);\r\n results.push({ action: 'click', selector: action.selector, success: true });\r\n break;\r\n\r\n case 'fill':\r\n await this.page.waitForSelector(action.selector, { timeout: 5000 });\r\n await this.page.fill(action.selector, action.value);\r\n results.push({ action: 'fill', selector: action.selector, value: action.value, success: true });\r\n break;\r\n\r\n case 'press':\r\n await this.page.press(action.selector \|\| 'body', action.key);\r\n results.push({ action: 'press', key: action.key, success: true });\r\n break;\r\n\r\n case 'wait':\r\n await this.page.waitForTimeout(parseInt(action.value) \|\| 1000);\r\n results.push({ action: 'wait', duration: action.value, success: true });\r\n break;\r\n }\r\n } catch (error) {\r\n results.push({\r\n action: action.type,\r\n selector: action.selector,\r\n success: false,\r\n error: error.message\r\n });\r\n }\r\n }\r\n\r\n let screenshotInfo = null;\r\n if (args.screenshot) {\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = `interaction-${agentContext.agentType}-${timestamp}.png`;\r\n await this.page.screenshot({ path: `/app/screenshots/${filename}` });\r\n screenshotInfo = {\r\n filename,\r\n path: `/app/screenshots/${filename}`\r\n };\r\n }\r\n\r\n return {\r\n success: true,\r\n url: args.url,\r\n actions: results,\r\n screenshot: screenshotInfo,\r\n title: await this.page.title(),\r\n interactedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async handleMessage(message) {\r\n try {\r\n this.stats.totalRequests++;\r\n this.stats.lastActivity = Date.now();\r\n\r\n // Initialize request context\r\n const request = {\r\n headers: {\r\n 'x-agent-token': message.params?.context?.agentToken,\r\n 'x-agent-type': message.params?.context?.agentType\r\n },\r\n body: message\r\n };\r\n\r\n const response = {\r\n writeHead: () => {},\r\n end: (data) => {\r\n // For JSON-RPC, we'll just return the data directly\r\n this.responseData = JSON.parse(data);\r\n }\r\n };\r\n\r\n // Authenticate request\r\n let authenticationPassed = false;\r\n await this.auth.authenticateRequest(request, response, () => {\r\n authenticationPassed = true;\r\n });\r\n\r\n if (!authenticationPassed) {\r\n this.stats.rejectedRequests++;\r\n return this.responseData \|\| {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n error: {\r\n code: -32001,\r\n message: 'Authentication failed'\r\n }\r\n };\r\n }\r\n\r\n this.stats.authorizedRequests++;\r\n\r\n // Authentication passed, process request\r\n if (message.method === 'initialize') {\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: {\r\n protocolVersion: '2024-11-05',\r\n capabilities: {\r\n tools: {}\r\n },\r\n serverInfo: {\r\n name: 'playwright-mcp-server-authenticated',\r\n version: '1.0.0',\r\n authentication: 'enabled'\r\n }\r\n }\r\n };\r\n } else if (message.method === 'tools/list') {\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: { tools: Object.values(this.tools) }\r\n };\r\n } else if (message.method === 'tools/call') {\r\n const toolName = message.params.name;\r\n const args = message.params.arguments \|\| {};\r\n const agentContext = request.agentContext \|\| {\r\n agentType: 'unknown',\r\n authenticated: false\r\n };\r\n\r\n // Update tool usage stats\r\n this.stats.toolUsage[toolName] = (this.stats.toolUsage[toolName] \|\| 0) + 1;\r\n\r\n let result;\r\n if (toolName === 'take_screenshot') {\r\n result = await this.takeScreenshot(args, agentContext);\r\n } else if (toolName === 'search_google') {\r\n result = await this.searchGoogle(args, agentContext);\r\n } else if (toolName === 'navigate_and_interact') {\r\n result = await this.navigateAndInteract(args, agentContext);\r\n } else {\r\n throw new Error(`Unknown tool: ${toolName}`);\r\n }\r\n\r\n console.error(`[MCP-Server] Tool ${toolName} executed by ${agentContext.agentType}`);\r\n\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: {\r\n content: [{\r\n type: 'text',\r\n text: JSON.stringify(result, null, 2)\r\n }]\r\n }\r\n };\r\n }\r\n } catch (error) {\r\n console.error('[MCP-Server] Error handling message:', error);\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id \|\| null,\r\n error: {\r\n code: -32000,\r\n message: error.message\r\n }\r\n };\r\n }\r\n }\r\n\r\n async start() {\r\n await this.initialize();\r\n\r\n this.rl.on('line', async (line) => {\r\n try {\r\n const message = JSON.parse(line);\r\n const response = await this.handleMessage(message);\r\n console.log(JSON.stringify(response));\r\n } catch (error) {\r\n console.log(JSON.stringify({\r\n jsonrpc: '2.0',\r\n id: null,\r\n error: {\r\n code: -32700,\r\n message: `Parse error: ${error.message}`\r\n }\r\n }));\r\n }\r\n });\r\n\r\n // Cleanup on exit\r\n process.on('SIGINT', async () => {\r\n console.error('[MCP-Server] Shutting down authenticated Playwright MCP Server...');\r\n await this.shutdown();\r\n process.exit(0);\r\n });\r\n\r\n // Log statistics periodically\r\n setInterval(() => {\r\n console.error(`[MCP-Server] Stats: ${this.stats.totalRequests} total, ${this.stats.authorizedRequests} authorized, ${this.stats.rejectedRequests} rejected`);\r\n console.error(`[MCP-Server] Tool usage:`, JSON.stringify(this.stats.toolUsage));\r\n }, 60000); // Every minute\r\n }\r\n\r\n async getStats() {\r\n const authStats = await this.auth.getStats();\r\n return {\r\n server: {\r\n name: 'playwright-mcp-server-authenticated',\r\n uptime: process.uptime(),\r\n ...this.stats\r\n },\r\n authentication: authStats\r\n };\r\n }\r\n\r\n async shutdown() {\r\n try {\r\n if (this.browser) await this.browser.close();\r\n if (this.rl) this.rl.close();\r\n if (this.auth) await this.auth.shutdown();\r\n console.error('[MCP-Server] Shutdown complete');\r\n } catch (error) {\r\n console.error('[MCP-Server] Error during shutdown:', error);\r\n }\r\n }\r\n}\r\n\r\n// Start the server\r\nconst server = new AuthenticatedPlaywrightMCPServer({\r\n redisUrl: process.env.MCP_REDIS_URL,\r\n authRequired: process.env.MCP_AUTH_REQUIRED !== 'false',\r\n rateLimitMax: parseInt(process.env.MCP_RATE_LIMIT_MAX) \|\| 60\r\n});\r\n\r\nserver.start().catch(error => {\r\n console.error('[MCP-Server] Failed to start authenticated Playwright MCP Server:', error);\r\n process.exit(1);\r\n});"],"names":["chromium","require","readline","MCPAuthMiddleware","AuthenticatedPlaywrightMCPServer","options","browser","page","rl","createInterface","input","process","stdin","output","stdout","terminal","auth","redisUrl","env","CFN_REDIS_URL","MCP_REDIS_URL","CFN_REDIS_HOST","CFN_REDIS_PORT","authRequired","MCP_AUTH_REQUIRED","agentConfigPath","MCP_AGENT_CONFIG","skillConfigPath","MCP_SKILL_CONFIG","rateLimitMax","parseInt","MCP_RATE_LIMIT_MAX","rateLimitWindow","MCP_RATE_LIMIT_WINDOW","tools","take_screenshot","name","description","inputSchema","type","properties","url","filename","fullPage","default","waitTime","required","skillRequirements","search_google","query","screenshot","resultCount","navigate_and_interact","actions","items","enum","selector","value","key","stats","totalRequests","authorizedRequests","rejectedRequests","toolUsage","lastActivity","initialize","console","error","initBrowser","exit","launch","headless","args","newPage","takeScreenshot","agentContext","agentType","goto","waitUntil","timeout","waitForTimeout","timestamp","Date","toISOString","replace","filepath","path","success","title","size","viewportSize","width","height","capturedBy","searchGoogle","waitForSelector","click","e","searchBox","fill","press","results","$$eval","elements","slice","map","el","textContent","trim","screenshotInfo","toLowerCase","length","searchedBy","navigateAndInteract","action","push","duration","message","interactedBy","handleMessage","now","request","headers","params","context","agentToken","body","response","writeHead","end","data","responseData","JSON","parse","authenticationPassed","authenticateRequest","jsonrpc","id","code","method","result","protocolVersion","capabilities","serverInfo","version","authentication","Object","values","toolName","arguments","authenticated","Error","content","text","stringify","start","on","line","log","shutdown","setInterval","getStats","authStats","server","uptime","close","catch"],"mappings":";AAEA;;;CAGC,GAED,MAAM,EAAEA,QAAQ,EAAE,GAAGC,QAAQ;AAC7B,MAAMC,WAAWD,QAAQ;AACzB,MAAME,oBAAoBF,QAAQ;AAElC,IAAA,AAAMG,mCAAN,MAAMA;IACF,YAAYC,UAAU,CAAC,CAAC,CAAE;QACtB,IAAI,CAACC,OAAO,GAAG;QACf,IAAI,CAACC,IAAI,GAAG;QACZ,IAAI,CAACC,EAAE,GAAGN,SAASO,eAAe,CAAC;YAC/BC,OAAOC,QAAQC,KAAK;YACpBC,QAAQF,QAAQG,MAAM;YACtBC,UAAU;QACd;QAEA,uCAAuC;QACvC,IAAI,CAACC,IAAI,GAAG,IAAIb,kBAAkB;YAC9Bc,UAAUZ,QAAQY,QAAQ,IAAIN,QAAQO,GAAG,CAACC,aAAa,IAAIR,QAAQO,GAAG,CAACE,aAAa,IAAI,CAAC,QAAQ,EAAET,QAAQO,GAAG,CAACG,cAAc,IAAI,YAAY,CAAC,EAAEV,QAAQO,GAAG,CAACI,cAAc,IAAI,MAAM;YACpLC,cAAclB,QAAQkB,YAAY,KAAK,SAASZ,QAAQO,GAAG,CAACM,iBAAiB,KAAK;YAClFC,iBAAiBpB,QAAQoB,eAAe,IAAId,QAAQO,GAAG,CAACQ,gBAAgB,IAAI;YAC5EC,iBAAiBtB,QAAQsB,eAAe,IAAIhB,QAAQO,GAAG,CAACU,gBAAgB,IAAI;YAC5EC,cAAcxB,QAAQwB,YAAY,IAAIC,SAASnB,QAAQO,GAAG,CAACa,kBAAkB,KAAK;YAClFC,iBAAiB3B,QAAQ2B,eAAe,IAAIF,SAASnB,QAAQO,GAAG,CAACe,qBAAqB,KAAK;QAC/F;QAEA,IAAI,CAACC,KAAK,GAAG;YACTC,iBAAiB;gBACbC,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRC,KAAK;4BAAEF,MAAM;4BAAUF,aAAa;wBAAiB;wBACrDK,UAAU;4BAAEH,MAAM;4BAAUF,aAAa;wBAAiC;wBAC1EM,UAAU;4BAAEJ,MAAM;4BAAWK,SAAS;4BAAOP,aAAa;wBAAoB;wBAC9EQ,UAAU;4BAAEN,MAAM;4BAAUK,SAAS;4BAAMP,aAAa;wBAAmC;oBAC/F;oBACAS,UAAU;wBAAC;qBAAM;gBACrB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAqB;YACnE;YACAC,eAAe;gBACXZ,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRS,OAAO;4BAAEV,MAAM;4BAAUF,aAAa;wBAAe;wBACrDa,YAAY;4BAAEX,MAAM;4BAAWK,SAAS;4BAAMP,aAAa;wBAA6B;wBACxFc,aAAa;4BAAEZ,MAAM;4BAAUK,SAAS;4BAAGP,aAAa;wBAA8B;oBAC1F;oBACAS,UAAU;wBAAC;qBAAQ;gBACvB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAa;YAC3D;YACAK,uBAAuB;gBACnBhB,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRC,KAAK;4BAAEF,MAAM;4BAAUF,aAAa;wBAAqB;wBACzDgB,SAAS;4BACLd,MAAM;4BACNF,aAAa;4BACbiB,OAAO;gCACHf,MAAM;gCACNC,YAAY;oCACRD,MAAM;wCAAEA,MAAM;wCAAUgB,MAAM;4CAAC;4CAAS;4CAAQ;4CAAS;yCAAO;oCAAC;oCACjEC,UAAU;wCAAEjB,MAAM;wCAAUF,aAAa;oCAAe;oCACxDoB,OAAO;wCAAElB,MAAM;wCAAUF,aAAa;oCAAyB;oCAC/DqB,KAAK;wCAAEnB,MAAM;wCAAUF,aAAa;oCAAwB;gCAChE;4BACJ;wBACJ;wBACAa,YAAY;4BAAEX,MAAM;4BAAWK,SAAS;wBAAM;oBAClD;oBACAE,UAAU;wBAAC;qBAAM;gBACrB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAkB;YAChE;QACJ;QAEA,IAAI,CAACY,KAAK,GAAG;YACTC,eAAe;YACfC,oBAAoB;YACpBC,kBAAkB;YAClBC,WAAW,CAAC;YACZC,cAAc;QAClB;IACJ;IAEA,MAAMC,aAAa;QACf,IAAI;YACA,4BAA4B;YAC5B,MAAM,IAAI,CAACjD,IAAI,CAACiD,UAAU;YAC1BC,QAAQC,KAAK,CAAC;YAEd,gCAAgC;YAChC,MAAM,IAAI,CAACC,WAAW;YACtBF,QAAQC,KAAK,CAAC;YAEdD,QAAQC,KAAK,CAAC;QAClB,EAAE,OAAOA,OAAO;YACZD,QAAQC,KAAK,CAAC,sCAAsCA;YACpDxD,QAAQ0D,IAAI,CAAC;QACjB;IACJ;IAEA,MAAMD,cAAc;QAChB,IAAI,CAAC,IAAI,CAAC9D,OAAO,EAAE;YACf,IAAI,CAACA,OAAO,GAAG,MAAMN,SAASsE,MAAM,CAAC;gBACjCC,UAAU;gBACVC,MAAM;oBACF;oBACA;oBACA;oBACA;iBACH;YACL;YACA,IAAI,CAACjE,IAAI,GAAG,MAAM,IAAI,CAACD,OAAO,CAACmE,OAAO;QAC1C;IACJ;IAEA,MAAMC,eAAeF,IAAI,EAAEG,YAAY,EAAE;QACrC,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,mCAAmC,EAAEQ,aAAaC,SAAS,EAAE;QAE5E,MAAM,IAAI,CAACrE,IAAI,CAACsE,IAAI,CAACL,KAAK/B,GAAG,EAAE;YAC3BqC,WAAW;YACXC,SAAS;QACb;QAEA,IAAIP,KAAK3B,QAAQ,GAAG,GAAG;YACnB,MAAM,IAAI,CAACtC,IAAI,CAACyE,cAAc,CAACR,KAAK3B,QAAQ;QAChD;QAEA,MAAMoC,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;QAC5D,MAAM1C,WAAW8B,KAAK9B,QAAQ,IAAI,CAAC,WAAW,EAAEiC,aAAaC,SAAS,CAAC,CAAC,EAAEK,UAAU,IAAI,CAAC;QACzF,MAAMI,WAAW,CAAC,iBAAiB,EAAE3C,UAAU;QAE/C,MAAM,IAAI,CAACnC,IAAI,CAAC2C,UAAU,CAAC;YACvBoC,MAAMD;YACN1C,UAAU6B,KAAK7B,QAAQ,IAAI;QAC/B;QAEA,OAAO;YACH4C,SAAS;YACT7C,UAAUA;YACV2C,UAAUA;YACV5C,KAAK+B,KAAK/B,GAAG;YACb+C,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5BC,MAAM,GAAG,IAAI,CAAClF,IAAI,CAACmF,YAAY,IAAIC,SAAS,KAAK,CAAC,EAAE,IAAI,CAACpF,IAAI,CAACmF,YAAY,IAAIE,UAAU,KAAK;YAC7FC,YAAYlB,aAAaC,SAAS;YAClCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAMW,aAAatB,IAAI,EAAEG,YAAY,EAAE;QACnC,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,+BAA+B,EAAEQ,aAAaC,SAAS,CAAC,GAAG,EAAEJ,KAAKvB,KAAK,CAAC,CAAC,CAAC;QAEzF,MAAM,IAAI,CAAC1C,IAAI,CAACsE,IAAI,CAAC,0BAA0B;YAC3CC,WAAW;YACXC,SAAS;QACb;QAEA,kCAAkC;QAClC,IAAI;YACA,MAAM,IAAI,CAACxE,IAAI,CAACwF,eAAe,CAAC,6DAA6D;gBAAEhB,SAAS;YAAK;YAC7G,MAAM,IAAI,CAACxE,IAAI,CAACyF,KAAK,CAAC;YACtB,MAAM,IAAI,CAACzF,IAAI,CAACyE,cAAc,CAAC;QACnC,EAAE,OAAOiB,GAAG;QACR,4BAA4B;QAChC;QAEA,iBAAiB;QACjB,MAAMC,YAAY,MAAM,IAAI,CAAC3F,IAAI,CAACwF,eAAe,CAAC,uCAAuC;YAAEhB,SAAS;QAAM;QAC1G,MAAMmB,UAAUC,IAAI,CAAC3B,KAAKvB,KAAK;QAC/B,MAAMiD,UAAUE,KAAK,CAAC;QAEtB,mBAAmB;QACnB,MAAM,IAAI,CAAC7F,IAAI,CAACwF,eAAe,CAAC,0BAA0B;YAAEhB,SAAS;QAAM;QAE3E,kBAAkB;QAClB,MAAMsB,UAAU,MAAM,IAAI,CAAC9F,IAAI,CAAC+F,MAAM,CAAC,sBAAsBC,CAAAA,WACzDA,SAASC,KAAK,CAAC,GAAGhC,KAAKrB,WAAW,IAAI,GAAGsD,GAAG,CAACC,CAAAA,KAAMA,GAAGC,WAAW,CAACC,IAAI;QAG1E,IAAIC,iBAAiB;QACrB,IAAIrC,KAAKtB,UAAU,EAAE;YACjB,MAAM+B,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;YAC5D,MAAM1C,WAAW,CAAC,cAAc,EAAE8B,KAAKvB,KAAK,CAAC6D,WAAW,GAAG1B,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAEH,UAAU,IAAI,CAAC;YAClG,MAAM,IAAI,CAAC1E,IAAI,CAAC2C,UAAU,CAAC;gBAAEoC,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YAAC;YAClEmE,iBAAiB;gBACbnE;gBACA4C,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;gBACpCD,KAAK,IAAI,CAAClC,IAAI,CAACkC,GAAG;YACtB;QACJ;QAEA,OAAO;YACH8C,SAAS;YACTtC,OAAOuB,KAAKvB,KAAK;YACjBoD,SAASA;YACTlD,aAAakD,QAAQU,MAAM;YAC3B7D,YAAY2D;YACZpE,KAAK,IAAI,CAAClC,IAAI,CAACkC,GAAG;YAClB+C,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5BwB,YAAYrC,aAAaC,SAAS;YAClCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAM8B,oBAAoBzC,IAAI,EAAEG,YAAY,EAAE;QAC1C,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,kCAAkC,EAAEQ,aAAaC,SAAS,CAAC,EAAE,EAAEJ,KAAK/B,GAAG,EAAE;QAExF,MAAM,IAAI,CAAClC,IAAI,CAACsE,IAAI,CAACL,KAAK/B,GAAG,EAAE;YAC3BqC,WAAW;YACXC,SAAS;QACb;QAEA,MAAMsB,UAAU,EAAE;QAElB,KAAK,MAAMa,UAAU1C,KAAKnB,OAAO,IAAI,EAAE,CAAE;YACrC,IAAI;gBACA,OAAQ6D,OAAO3E,IAAI;oBACf,KAAK;wBACD,MAAM,IAAI,CAAChC,IAAI,CAACwF,eAAe,CAACmB,OAAO1D,QAAQ,EAAE;4BAAEuB,SAAS;wBAAK;wBACjE,MAAM,IAAI,CAACxE,IAAI,CAACyF,KAAK,CAACkB,OAAO1D,QAAQ;wBACrC6C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAS1D,UAAU0D,OAAO1D,QAAQ;4BAAE+B,SAAS;wBAAK;wBACzE;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAACwF,eAAe,CAACmB,OAAO1D,QAAQ,EAAE;4BAAEuB,SAAS;wBAAK;wBACjE,MAAM,IAAI,CAACxE,IAAI,CAAC4F,IAAI,CAACe,OAAO1D,QAAQ,EAAE0D,OAAOzD,KAAK;wBAClD4C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAQ1D,UAAU0D,OAAO1D,QAAQ;4BAAEC,OAAOyD,OAAOzD,KAAK;4BAAE8B,SAAS;wBAAK;wBAC7F;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAAC6F,KAAK,CAACc,OAAO1D,QAAQ,IAAI,QAAQ0D,OAAOxD,GAAG;wBAC3D2C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAASxD,KAAKwD,OAAOxD,GAAG;4BAAE6B,SAAS;wBAAK;wBAC/D;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAACyE,cAAc,CAAClD,SAASoF,OAAOzD,KAAK,KAAK;wBACzD4C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAQE,UAAUF,OAAOzD,KAAK;4BAAE8B,SAAS;wBAAK;wBACrE;gBACR;YACJ,EAAE,OAAOpB,OAAO;gBACZkC,QAAQc,IAAI,CAAC;oBACTD,QAAQA,OAAO3E,IAAI;oBACnBiB,UAAU0D,OAAO1D,QAAQ;oBACzB+B,SAAS;oBACTpB,OAAOA,MAAMkD,OAAO;gBACxB;YACJ;QACJ;QAEA,IAAIR,iBAAiB;QACrB,IAAIrC,KAAKtB,UAAU,EAAE;YACjB,MAAM+B,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;YAC5D,MAAM1C,WAAW,CAAC,YAAY,EAAEiC,aAAaC,SAAS,CAAC,CAAC,EAAEK,UAAU,IAAI,CAAC;YACzE,MAAM,IAAI,CAAC1E,IAAI,CAAC2C,UAAU,CAAC;gBAAEoC,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YAAC;YAClEmE,iBAAiB;gBACbnE;gBACA4C,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YACxC;QACJ;QAEA,OAAO;YACH6C,SAAS;YACT9C,KAAK+B,KAAK/B,GAAG;YACbY,SAASgD;YACTnD,YAAY2D;YACZrB,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5B8B,cAAc3C,aAAaC,SAAS;YACpCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAMoC,cAAcF,OAAO,EAAE;QACzB,IAAI;YACA,IAAI,CAAC1D,KAAK,CAACC,aAAa;YACxB,IAAI,CAACD,KAAK,CAACK,YAAY,GAAGkB,KAAKsC,GAAG;YAElC,6BAA6B;YAC7B,MAAMC,UAAU;gBACZC,SAAS;oBACL,iBAAiBL,QAAQM,MAAM,EAAEC,SAASC;oBAC1C,gBAAgBR,QAAQM,MAAM,EAAEC,SAAShD;gBAC7C;gBACAkD,MAAMT;YACV;YAEA,MAAMU,WAAW;gBACbC,WAAW,KAAO;gBAClBC,KAAK,CAACC;oBACF,oDAAoD;oBACpD,IAAI,CAACC,YAAY,GAAGC,KAAKC,KAAK,CAACH;gBACnC;YACJ;YAEA,uBAAuB;YACvB,IAAII,uBAAuB;YAC3B,MAAM,IAAI,CAACtH,IAAI,CAACuH,mBAAmB,CAACd,SAASM,UAAU;gBACnDO,uBAAuB;YAC3B;YAEA,IAAI,CAACA,sBAAsB;gBACvB,IAAI,CAAC3E,KAAK,CAACG,gBAAgB;gBAC3B,OAAO,IAAI,CAACqE,YAAY,IAAI;oBACxBK,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdtE,OAAO;wBACHuE,MAAM,CAAC;wBACPrB,SAAS;oBACb;gBACJ;YACJ;YAEA,IAAI,CAAC1D,KAAK,CAACE,kBAAkB;YAE7B,yCAAyC;YACzC,IAAIwD,QAAQsB,MAAM,KAAK,cAAc;gBACjC,OAAO;oBACHH,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBACJC,iBAAiB;wBACjBC,cAAc;4BACV5G,OAAO,CAAC;wBACZ;wBACA6G,YAAY;4BACR3G,MAAM;4BACN4G,SAAS;4BACTC,gBAAgB;wBACpB;oBACJ;gBACJ;YACJ,OAAO,IAAI5B,QAAQsB,MAAM,KAAK,cAAc;gBACxC,OAAO;oBACHH,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBAAE1G,OAAOgH,OAAOC,MAAM,CAAC,IAAI,CAACjH,KAAK;oBAAE;gBAC/C;YACJ,OAAO,IAAImF,QAAQsB,MAAM,KAAK,cAAc;gBACxC,MAAMS,WAAW/B,QAAQM,MAAM,CAACvF,IAAI;gBACpC,MAAMoC,OAAO6C,QAAQM,MAAM,CAAC0B,SAAS,IAAI,CAAC;gBAC1C,MAAM1E,eAAe8C,QAAQ9C,YAAY,IAAI;oBACzCC,WAAW;oBACX0E,eAAe;gBACnB;gBAEA,0BAA0B;gBAC1B,IAAI,CAAC3F,KAAK,CAACI,SAAS,CAACqF,SAAS,GAAG,AAAC,CAAA,IAAI,CAACzF,KAAK,CAACI,SAAS,CAACqF,SAAS,IAAI,CAAA,IAAK;gBAEzE,IAAIR;gBACJ,IAAIQ,aAAa,mBAAmB;oBAChCR,SAAS,MAAM,IAAI,CAAClE,cAAc,CAACF,MAAMG;gBAC7C,OAAO,IAAIyE,aAAa,iBAAiB;oBACrCR,SAAS,MAAM,IAAI,CAAC9C,YAAY,CAACtB,MAAMG;gBAC3C,OAAO,IAAIyE,aAAa,yBAAyB;oBAC7CR,SAAS,MAAM,IAAI,CAAC3B,mBAAmB,CAACzC,MAAMG;gBAClD,OAAO;oBACH,MAAM,IAAI4E,MAAM,CAAC,cAAc,EAAEH,UAAU;gBAC/C;gBAEAlF,QAAQC,KAAK,CAAC,CAAC,kBAAkB,EAAEiF,SAAS,aAAa,EAAEzE,aAAaC,SAAS,EAAE;gBAEnF,OAAO;oBACH4D,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBACJY,SAAS;4BAAC;gCACNjH,MAAM;gCACNkH,MAAMrB,KAAKsB,SAAS,CAACd,QAAQ,MAAM;4BACvC;yBAAE;oBACN;gBACJ;YACJ;QACJ,EAAE,OAAOzE,OAAO;YACZD,QAAQC,KAAK,CAAC,wCAAwCA;YACtD,OAAO;gBACHqE,SAAS;gBACTC,IAAIpB,QAAQoB,EAAE,IAAI;gBAClBtE,OAAO;oBACHuE,MAAM,CAAC;oBACPrB,SAASlD,MAAMkD,OAAO;gBAC1B;YACJ;QACJ;IACJ;IAEA,MAAMsC,QAAQ;QACV,MAAM,IAAI,CAAC1F,UAAU;QAErB,IAAI,CAACzD,EAAE,CAACoJ,EAAE,CAAC,QAAQ,OAAOC;YACtB,IAAI;gBACA,MAAMxC,UAAUe,KAAKC,KAAK,CAACwB;gBAC3B,MAAM9B,WAAW,MAAM,IAAI,CAACR,aAAa,CAACF;gBAC1CnD,QAAQ4F,GAAG,CAAC1B,KAAKsB,SAAS,CAAC3B;YAC/B,EAAE,OAAO5D,OAAO;gBACZD,QAAQ4F,GAAG,CAAC1B,KAAKsB,SAAS,CAAC;oBACvBlB,SAAS;oBACTC,IAAI;oBACJtE,OAAO;wBACHuE,MAAM,CAAC;wBACPrB,SAAS,CAAC,aAAa,EAAElD,MAAMkD,OAAO,EAAE;oBAC5C;gBACJ;YACJ;QACJ;QAEA,kBAAkB;QAClB1G,QAAQiJ,EAAE,CAAC,UAAU;YACjB1F,QAAQC,KAAK,CAAC;YACd,MAAM,IAAI,CAAC4F,QAAQ;YACnBpJ,QAAQ0D,IAAI,CAAC;QACjB;QAEA,8BAA8B;QAC9B2F,YAAY;YACR9F,QAAQC,KAAK,CAAC,CAAC,oBAAoB,EAAE,IAAI,CAACR,KAAK,CAACC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAACD,KAAK,CAACE,kBAAkB,CAAC,aAAa,EAAE,IAAI,CAACF,KAAK,CAACG,gBAAgB,CAAC,SAAS,CAAC;YAC3JI,QAAQC,KAAK,CAAC,CAAC,wBAAwB,CAAC,EAAEiE,KAAKsB,SAAS,CAAC,IAAI,CAAC/F,KAAK,CAACI,SAAS;QACjF,GAAG,QAAQ,eAAe;IAC9B;IAEA,MAAMkG,WAAW;QACb,MAAMC,YAAY,MAAM,IAAI,CAAClJ,IAAI,CAACiJ,QAAQ;QAC1C,OAAO;YACHE,QAAQ;gBACJ/H,MAAM;gBACNgI,QAAQzJ,QAAQyJ,MAAM;gBACtB,GAAG,IAAI,CAACzG,KAAK;YACjB;YACAsF,gBAAgBiB;QACpB;IACJ;IAEA,MAAMH,WAAW;QACb,IAAI;YACA,IAAI,IAAI,CAACzJ,OAAO,EAAE,MAAM,IAAI,CAACA,OAAO,CAAC+J,KAAK;YAC1C,IAAI,IAAI,CAAC7J,EAAE,EAAE,IAAI,CAACA,EAAE,CAAC6J,KAAK;YAC1B,IAAI,IAAI,CAACrJ,IAAI,EAAE,MAAM,IAAI,CAACA,IAAI,CAAC+I,QAAQ;YACvC7F,QAAQC,KAAK,CAAC;QAClB,EAAE,OAAOA,OAAO;YACZD,QAAQC,KAAK,CAAC,uCAAuCA;QACzD;IACJ;AACJ;AAEA,mBAAmB;AACnB,MAAMgG,SAAS,IAAI/J,iCAAiC;IAChDa,UAAUN,QAAQO,GAAG,CAACE,aAAa;IACnCG,cAAcZ,QAAQO,GAAG,CAACM,iBAAiB,KAAK;IAChDK,cAAcC,SAASnB,QAAQO,GAAG,CAACa,kBAAkB,KAAK;AAC9D;AAEAoI,OAAOR,KAAK,GAAGW,KAAK,CAACnG,CAAAA;IACjBD,QAAQC,KAAK,CAAC,qEAAqEA;IACnFxD,QAAQ0D,IAAI,CAAC;AACjB"}
1	+ {"version":3,"sources":["../../src/mcp/playwright-mcp-server-auth.js"],"sourcesContent":["#!/usr/bin/env node\r\n\r\n/*\r\n Enhanced Playwright MCP Server with Authentication\r\n * Includes token-based authentication and authorization\r\n /\r\n\r\nconst { chromium } = require('playwright');\r\nconst readline = require('readline');\r\nconst MCPAuthMiddleware = require('./auth-middleware.js');\r\n\r\nclass AuthenticatedPlaywrightMCPServer {\r\n constructor(options = {}) {\r\n this.browser = null;\r\n this.page = null;\r\n this.rl = readline.createInterface({\r\n input: process.stdin,\r\n output: process.stdout,\r\n terminal: false\r\n });\r\n\r\n // Initialize authentication middleware\r\n this.auth = new MCPAuthMiddleware({\r\n // FIX: Default to 'localhost' for host execution, Docker deployments should set CFN_REDIS_HOST explicitly\r\n redisUrl: options.redisUrl \|\| process.env.CFN_REDIS_URL \|\| process.env.MCP_REDIS_URL \|\| `redis://${process.env.CFN_REDIS_HOST \|\| 'localhost'}:${process.env.CFN_REDIS_PORT \|\| 6379}`,\r\n authRequired: options.authRequired !== false && process.env.MCP_AUTH_REQUIRED !== 'false',\r\n agentConfigPath: options.agentConfigPath \|\| process.env.MCP_AGENT_CONFIG \|\| './config/agent-whitelist.json',\r\n skillConfigPath: options.skillConfigPath \|\| process.env.MCP_SKILL_CONFIG \|\| './config/skill-requirements.json',\r\n rateLimitMax: options.rateLimitMax \|\| parseInt(process.env.MCP_RATE_LIMIT_MAX) \|\| 60,\r\n rateLimitWindow: options.rateLimitWindow \|\| parseInt(process.env.MCP_RATE_LIMIT_WINDOW) \|\| 60\r\n });\r\n\r\n this.tools = {\r\n take_screenshot: {\r\n name: 'take_screenshot',\r\n description: 'Take a screenshot of a webpage (requires browser-automation, screenshot-capture skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n url: { type: 'string', description: 'URL to capture' },\r\n filename: { type: 'string', description: 'Screenshot filename (optional)' },\r\n fullPage: { type: 'boolean', default: false, description: 'Capture full page' },\r\n waitTime: { type: 'number', default: 3000, description: 'Wait time before screenshot (ms)' }\r\n },\r\n required: ['url']\r\n },\r\n skillRequirements: ['browser-automation', 'screenshot-capture']\r\n },\r\n search_google: {\r\n name: 'search_google',\r\n description: 'Search Google and return results (requires browser-automation, web-search skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n query: { type: 'string', description: 'Search query' },\r\n screenshot: { type: 'boolean', default: true, description: 'Take screenshot of results' },\r\n resultCount: { type: 'number', default: 5, description: 'Number of results to return' }\r\n },\r\n required: ['query']\r\n },\r\n skillRequirements: ['browser-automation', 'web-search']\r\n },\r\n navigate_and_interact: {\r\n name: 'navigate_and_interact',\r\n description: 'Navigate to a webpage and interact with elements (requires browser-automation, web-interaction skills)',\r\n inputSchema: {\r\n type: 'object',\r\n properties: {\r\n url: { type: 'string', description: 'URL to navigate to' },\r\n actions: {\r\n type: 'array',\r\n description: 'Array of actions to perform',\r\n items: {\r\n type: 'object',\r\n properties: {\r\n type: { type: 'string', enum: ['click', 'fill', 'press', 'wait'] },\r\n selector: { type: 'string', description: 'CSS selector' },\r\n value: { type: 'string', description: 'Value for fill actions' },\r\n key: { type: 'string', description: 'Key for press actions' }\r\n }\r\n }\r\n },\r\n screenshot: { type: 'boolean', default: false }\r\n },\r\n required: ['url']\r\n },\r\n skillRequirements: ['browser-automation', 'web-interaction']\r\n }\r\n };\r\n\r\n this.stats = {\r\n totalRequests: 0,\r\n authorizedRequests: 0,\r\n rejectedRequests: 0,\r\n toolUsage: {},\r\n lastActivity: null\r\n };\r\n }\r\n\r\n async initialize() {\r\n try {\r\n // Initialize authentication\r\n await this.auth.initialize();\r\n console.error('[MCP-Server] Authentication middleware initialized');\r\n\r\n // Initialize Playwright browser\r\n await this.initBrowser();\r\n console.error('[MCP-Server] Playwright browser initialized');\r\n\r\n console.error('[MCP-Server] Authenticated Playwright MCP Server ready');\r\n } catch (error) {\r\n console.error('[MCP-Server] Failed to initialize:', error);\r\n process.exit(1);\r\n }\r\n }\r\n\r\n async initBrowser() {\r\n if (!this.browser) {\r\n this.browser = await chromium.launch({\r\n headless: true,\r\n args: [\r\n '--no-sandbox',\r\n '--disable-setuid-sandbox',\r\n '--disable-dev-shm-usage',\r\n '--disable-gpu'\r\n ]\r\n });\r\n this.page = await this.browser.newPage();\r\n }\r\n }\r\n\r\n async takeScreenshot(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Taking screenshot for ${agentContext.agentType}`);\r\n\r\n await this.page.goto(args.url, {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n if (args.waitTime > 0) {\r\n await this.page.waitForTimeout(args.waitTime);\r\n }\r\n\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = args.filename \|\| `screenshot-${agentContext.agentType}-${timestamp}.png`;\r\n const filepath = `/app/screenshots/${filename}`;\r\n\r\n await this.page.screenshot({\r\n path: filepath,\r\n fullPage: args.fullPage \|\| false\r\n });\r\n\r\n return {\r\n success: true,\r\n filename: filename,\r\n filepath: filepath,\r\n url: args.url,\r\n title: await this.page.title(),\r\n size: `${this.page.viewportSize()?.width \|\| 1280}x${this.page.viewportSize()?.height \|\| 720}`,\r\n capturedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async searchGoogle(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Google search for ${agentContext.agentType}: \"${args.query}\"`);\r\n\r\n await this.page.goto('https://www.google.com', {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n // Handle cookies popup if present\r\n try {\r\n await this.page.waitForSelector('button[aria-label=\"Accept\"], button[aria-label=\"agree\"]', { timeout: 3000 });\r\n await this.page.click('button[aria-label=\"Accept\"], button[aria-label*=\"agree\"]');\r\n await this.page.waitForTimeout(1000);\r\n } catch (e) {\r\n // No cookie popup, continue\r\n }\r\n\r\n // Perform search\r\n const searchBox = await this.page.waitForSelector('textarea[name=\"q\"], input[name=\"q\"]', { timeout: 10000 });\r\n await searchBox.fill(args.query);\r\n await searchBox.press('Enter');\r\n\r\n // Wait for results\r\n await this.page.waitForSelector('[role=\"main\"], #search', { timeout: 15000 });\r\n\r\n // Extract results\r\n const results = await this.page.$$eval('div[data-hveid] h3', elements =>\r\n elements.slice(0, args.resultCount \|\| 5).map(el => el.textContent.trim())\r\n );\r\n\r\n let screenshotInfo = null;\r\n if (args.screenshot) {\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = `google-search-${args.query.toLowerCase().replace(/\\s+/g, '-')}-${timestamp}.png`;\r\n await this.page.screenshot({ path: `/app/screenshots/${filename}` });\r\n screenshotInfo = {\r\n filename,\r\n path: `/app/screenshots/${filename}`,\r\n url: this.page.url()\r\n };\r\n }\r\n\r\n return {\r\n success: true,\r\n query: args.query,\r\n results: results,\r\n resultCount: results.length,\r\n screenshot: screenshotInfo,\r\n url: this.page.url(),\r\n title: await this.page.title(),\r\n searchedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async navigateAndInteract(args, agentContext) {\r\n await this.initBrowser();\r\n\r\n console.error(`[MCP-Server] Page interaction for ${agentContext.agentType}: ${args.url}`);\r\n\r\n await this.page.goto(args.url, {\r\n waitUntil: 'networkidle',\r\n timeout: 15000\r\n });\r\n\r\n const results = [];\r\n\r\n for (const action of args.actions \|\| []) {\r\n try {\r\n switch (action.type) {\r\n case 'click':\r\n await this.page.waitForSelector(action.selector, { timeout: 5000 });\r\n await this.page.click(action.selector);\r\n results.push({ action: 'click', selector: action.selector, success: true });\r\n break;\r\n\r\n case 'fill':\r\n await this.page.waitForSelector(action.selector, { timeout: 5000 });\r\n await this.page.fill(action.selector, action.value);\r\n results.push({ action: 'fill', selector: action.selector, value: action.value, success: true });\r\n break;\r\n\r\n case 'press':\r\n await this.page.press(action.selector \|\| 'body', action.key);\r\n results.push({ action: 'press', key: action.key, success: true });\r\n break;\r\n\r\n case 'wait':\r\n await this.page.waitForTimeout(parseInt(action.value) \|\| 1000);\r\n results.push({ action: 'wait', duration: action.value, success: true });\r\n break;\r\n }\r\n } catch (error) {\r\n results.push({\r\n action: action.type,\r\n selector: action.selector,\r\n success: false,\r\n error: error.message\r\n });\r\n }\r\n }\r\n\r\n let screenshotInfo = null;\r\n if (args.screenshot) {\r\n const timestamp = new Date().toISOString().replace(/[:.]/g, '-');\r\n const filename = `interaction-${agentContext.agentType}-${timestamp}.png`;\r\n await this.page.screenshot({ path: `/app/screenshots/${filename}` });\r\n screenshotInfo = {\r\n filename,\r\n path: `/app/screenshots/${filename}`\r\n };\r\n }\r\n\r\n return {\r\n success: true,\r\n url: args.url,\r\n actions: results,\r\n screenshot: screenshotInfo,\r\n title: await this.page.title(),\r\n interactedBy: agentContext.agentType,\r\n timestamp: new Date().toISOString()\r\n };\r\n }\r\n\r\n async handleMessage(message) {\r\n try {\r\n this.stats.totalRequests++;\r\n this.stats.lastActivity = Date.now();\r\n\r\n // Initialize request context\r\n const request = {\r\n headers: {\r\n 'x-agent-token': message.params?.context?.agentToken,\r\n 'x-agent-type': message.params?.context?.agentType\r\n },\r\n body: message\r\n };\r\n\r\n const response = {\r\n writeHead: () => {},\r\n end: (data) => {\r\n // For JSON-RPC, we'll just return the data directly\r\n this.responseData = JSON.parse(data);\r\n }\r\n };\r\n\r\n // Authenticate request\r\n let authenticationPassed = false;\r\n await this.auth.authenticateRequest(request, response, () => {\r\n authenticationPassed = true;\r\n });\r\n\r\n if (!authenticationPassed) {\r\n this.stats.rejectedRequests++;\r\n return this.responseData \|\| {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n error: {\r\n code: -32001,\r\n message: 'Authentication failed'\r\n }\r\n };\r\n }\r\n\r\n this.stats.authorizedRequests++;\r\n\r\n // Authentication passed, process request\r\n if (message.method === 'initialize') {\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: {\r\n protocolVersion: '2024-11-05',\r\n capabilities: {\r\n tools: {}\r\n },\r\n serverInfo: {\r\n name: 'playwright-mcp-server-authenticated',\r\n version: '1.0.0',\r\n authentication: 'enabled'\r\n }\r\n }\r\n };\r\n } else if (message.method === 'tools/list') {\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: { tools: Object.values(this.tools) }\r\n };\r\n } else if (message.method === 'tools/call') {\r\n const toolName = message.params.name;\r\n const args = message.params.arguments \|\| {};\r\n const agentContext = request.agentContext \|\| {\r\n agentType: 'unknown',\r\n authenticated: false\r\n };\r\n\r\n // Update tool usage stats\r\n this.stats.toolUsage[toolName] = (this.stats.toolUsage[toolName] \|\| 0) + 1;\r\n\r\n let result;\r\n if (toolName === 'take_screenshot') {\r\n result = await this.takeScreenshot(args, agentContext);\r\n } else if (toolName === 'search_google') {\r\n result = await this.searchGoogle(args, agentContext);\r\n } else if (toolName === 'navigate_and_interact') {\r\n result = await this.navigateAndInteract(args, agentContext);\r\n } else {\r\n throw new Error(`Unknown tool: ${toolName}`);\r\n }\r\n\r\n console.error(`[MCP-Server] Tool ${toolName} executed by ${agentContext.agentType}`);\r\n\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id,\r\n result: {\r\n content: [{\r\n type: 'text',\r\n text: JSON.stringify(result, null, 2)\r\n }]\r\n }\r\n };\r\n }\r\n } catch (error) {\r\n console.error('[MCP-Server] Error handling message:', error);\r\n return {\r\n jsonrpc: '2.0',\r\n id: message.id \|\| null,\r\n error: {\r\n code: -32000,\r\n message: error.message\r\n }\r\n };\r\n }\r\n }\r\n\r\n async start() {\r\n await this.initialize();\r\n\r\n this.rl.on('line', async (line) => {\r\n try {\r\n const message = JSON.parse(line);\r\n const response = await this.handleMessage(message);\r\n console.log(JSON.stringify(response));\r\n } catch (error) {\r\n console.log(JSON.stringify({\r\n jsonrpc: '2.0',\r\n id: null,\r\n error: {\r\n code: -32700,\r\n message: `Parse error: ${error.message}`\r\n }\r\n }));\r\n }\r\n });\r\n\r\n // Cleanup on exit\r\n process.on('SIGINT', async () => {\r\n console.error('[MCP-Server] Shutting down authenticated Playwright MCP Server...');\r\n await this.shutdown();\r\n process.exit(0);\r\n });\r\n\r\n // Log statistics periodically\r\n setInterval(() => {\r\n console.error(`[MCP-Server] Stats: ${this.stats.totalRequests} total, ${this.stats.authorizedRequests} authorized, ${this.stats.rejectedRequests} rejected`);\r\n console.error(`[MCP-Server] Tool usage:`, JSON.stringify(this.stats.toolUsage));\r\n }, 60000); // Every minute\r\n }\r\n\r\n async getStats() {\r\n const authStats = await this.auth.getStats();\r\n return {\r\n server: {\r\n name: 'playwright-mcp-server-authenticated',\r\n uptime: process.uptime(),\r\n ...this.stats\r\n },\r\n authentication: authStats\r\n };\r\n }\r\n\r\n async shutdown() {\r\n try {\r\n if (this.browser) await this.browser.close();\r\n if (this.rl) this.rl.close();\r\n if (this.auth) await this.auth.shutdown();\r\n console.error('[MCP-Server] Shutdown complete');\r\n } catch (error) {\r\n console.error('[MCP-Server] Error during shutdown:', error);\r\n }\r\n }\r\n}\r\n\r\n// Start the server\r\nconst server = new AuthenticatedPlaywrightMCPServer({\r\n redisUrl: process.env.MCP_REDIS_URL,\r\n authRequired: process.env.MCP_AUTH_REQUIRED !== 'false',\r\n rateLimitMax: parseInt(process.env.MCP_RATE_LIMIT_MAX) \|\| 60\r\n});\r\n\r\nserver.start().catch(error => {\r\n console.error('[MCP-Server] Failed to start authenticated Playwright MCP Server:', error);\r\n process.exit(1);\r\n});"],"names":["chromium","require","readline","MCPAuthMiddleware","AuthenticatedPlaywrightMCPServer","options","browser","page","rl","createInterface","input","process","stdin","output","stdout","terminal","auth","redisUrl","env","CFN_REDIS_URL","MCP_REDIS_URL","CFN_REDIS_HOST","CFN_REDIS_PORT","authRequired","MCP_AUTH_REQUIRED","agentConfigPath","MCP_AGENT_CONFIG","skillConfigPath","MCP_SKILL_CONFIG","rateLimitMax","parseInt","MCP_RATE_LIMIT_MAX","rateLimitWindow","MCP_RATE_LIMIT_WINDOW","tools","take_screenshot","name","description","inputSchema","type","properties","url","filename","fullPage","default","waitTime","required","skillRequirements","search_google","query","screenshot","resultCount","navigate_and_interact","actions","items","enum","selector","value","key","stats","totalRequests","authorizedRequests","rejectedRequests","toolUsage","lastActivity","initialize","console","error","initBrowser","exit","launch","headless","args","newPage","takeScreenshot","agentContext","agentType","goto","waitUntil","timeout","waitForTimeout","timestamp","Date","toISOString","replace","filepath","path","success","title","size","viewportSize","width","height","capturedBy","searchGoogle","waitForSelector","click","e","searchBox","fill","press","results","$$eval","elements","slice","map","el","textContent","trim","screenshotInfo","toLowerCase","length","searchedBy","navigateAndInteract","action","push","duration","message","interactedBy","handleMessage","now","request","headers","params","context","agentToken","body","response","writeHead","end","data","responseData","JSON","parse","authenticationPassed","authenticateRequest","jsonrpc","id","code","method","result","protocolVersion","capabilities","serverInfo","version","authentication","Object","values","toolName","arguments","authenticated","Error","content","text","stringify","start","on","line","log","shutdown","setInterval","getStats","authStats","server","uptime","close","catch"],"mappings":";AAEA;;;CAGC,GAED,MAAM,EAAEA,QAAQ,EAAE,GAAGC,QAAQ;AAC7B,MAAMC,WAAWD,QAAQ;AACzB,MAAME,oBAAoBF,QAAQ;AAElC,IAAA,AAAMG,mCAAN,MAAMA;IACF,YAAYC,UAAU,CAAC,CAAC,CAAE;QACtB,IAAI,CAACC,OAAO,GAAG;QACf,IAAI,CAACC,IAAI,GAAG;QACZ,IAAI,CAACC,EAAE,GAAGN,SAASO,eAAe,CAAC;YAC/BC,OAAOC,QAAQC,KAAK;YACpBC,QAAQF,QAAQG,MAAM;YACtBC,UAAU;QACd;QAEA,uCAAuC;QACvC,IAAI,CAACC,IAAI,GAAG,IAAIb,kBAAkB;YAC9B,0GAA0G;YAC1Gc,UAAUZ,QAAQY,QAAQ,IAAIN,QAAQO,GAAG,CAACC,aAAa,IAAIR,QAAQO,GAAG,CAACE,aAAa,IAAI,CAAC,QAAQ,EAAET,QAAQO,GAAG,CAACG,cAAc,IAAI,YAAY,CAAC,EAAEV,QAAQO,GAAG,CAACI,cAAc,IAAI,MAAM;YACpLC,cAAclB,QAAQkB,YAAY,KAAK,SAASZ,QAAQO,GAAG,CAACM,iBAAiB,KAAK;YAClFC,iBAAiBpB,QAAQoB,eAAe,IAAId,QAAQO,GAAG,CAACQ,gBAAgB,IAAI;YAC5EC,iBAAiBtB,QAAQsB,eAAe,IAAIhB,QAAQO,GAAG,CAACU,gBAAgB,IAAI;YAC5EC,cAAcxB,QAAQwB,YAAY,IAAIC,SAASnB,QAAQO,GAAG,CAACa,kBAAkB,KAAK;YAClFC,iBAAiB3B,QAAQ2B,eAAe,IAAIF,SAASnB,QAAQO,GAAG,CAACe,qBAAqB,KAAK;QAC/F;QAEA,IAAI,CAACC,KAAK,GAAG;YACTC,iBAAiB;gBACbC,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRC,KAAK;4BAAEF,MAAM;4BAAUF,aAAa;wBAAiB;wBACrDK,UAAU;4BAAEH,MAAM;4BAAUF,aAAa;wBAAiC;wBAC1EM,UAAU;4BAAEJ,MAAM;4BAAWK,SAAS;4BAAOP,aAAa;wBAAoB;wBAC9EQ,UAAU;4BAAEN,MAAM;4BAAUK,SAAS;4BAAMP,aAAa;wBAAmC;oBAC/F;oBACAS,UAAU;wBAAC;qBAAM;gBACrB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAqB;YACnE;YACAC,eAAe;gBACXZ,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRS,OAAO;4BAAEV,MAAM;4BAAUF,aAAa;wBAAe;wBACrDa,YAAY;4BAAEX,MAAM;4BAAWK,SAAS;4BAAMP,aAAa;wBAA6B;wBACxFc,aAAa;4BAAEZ,MAAM;4BAAUK,SAAS;4BAAGP,aAAa;wBAA8B;oBAC1F;oBACAS,UAAU;wBAAC;qBAAQ;gBACvB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAa;YAC3D;YACAK,uBAAuB;gBACnBhB,MAAM;gBACNC,aAAa;gBACbC,aAAa;oBACTC,MAAM;oBACNC,YAAY;wBACRC,KAAK;4BAAEF,MAAM;4BAAUF,aAAa;wBAAqB;wBACzDgB,SAAS;4BACLd,MAAM;4BACNF,aAAa;4BACbiB,OAAO;gCACHf,MAAM;gCACNC,YAAY;oCACRD,MAAM;wCAAEA,MAAM;wCAAUgB,MAAM;4CAAC;4CAAS;4CAAQ;4CAAS;yCAAO;oCAAC;oCACjEC,UAAU;wCAAEjB,MAAM;wCAAUF,aAAa;oCAAe;oCACxDoB,OAAO;wCAAElB,MAAM;wCAAUF,aAAa;oCAAyB;oCAC/DqB,KAAK;wCAAEnB,MAAM;wCAAUF,aAAa;oCAAwB;gCAChE;4BACJ;wBACJ;wBACAa,YAAY;4BAAEX,MAAM;4BAAWK,SAAS;wBAAM;oBAClD;oBACAE,UAAU;wBAAC;qBAAM;gBACrB;gBACAC,mBAAmB;oBAAC;oBAAsB;iBAAkB;YAChE;QACJ;QAEA,IAAI,CAACY,KAAK,GAAG;YACTC,eAAe;YACfC,oBAAoB;YACpBC,kBAAkB;YAClBC,WAAW,CAAC;YACZC,cAAc;QAClB;IACJ;IAEA,MAAMC,aAAa;QACf,IAAI;YACA,4BAA4B;YAC5B,MAAM,IAAI,CAACjD,IAAI,CAACiD,UAAU;YAC1BC,QAAQC,KAAK,CAAC;YAEd,gCAAgC;YAChC,MAAM,IAAI,CAACC,WAAW;YACtBF,QAAQC,KAAK,CAAC;YAEdD,QAAQC,KAAK,CAAC;QAClB,EAAE,OAAOA,OAAO;YACZD,QAAQC,KAAK,CAAC,sCAAsCA;YACpDxD,QAAQ0D,IAAI,CAAC;QACjB;IACJ;IAEA,MAAMD,cAAc;QAChB,IAAI,CAAC,IAAI,CAAC9D,OAAO,EAAE;YACf,IAAI,CAACA,OAAO,GAAG,MAAMN,SAASsE,MAAM,CAAC;gBACjCC,UAAU;gBACVC,MAAM;oBACF;oBACA;oBACA;oBACA;iBACH;YACL;YACA,IAAI,CAACjE,IAAI,GAAG,MAAM,IAAI,CAACD,OAAO,CAACmE,OAAO;QAC1C;IACJ;IAEA,MAAMC,eAAeF,IAAI,EAAEG,YAAY,EAAE;QACrC,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,mCAAmC,EAAEQ,aAAaC,SAAS,EAAE;QAE5E,MAAM,IAAI,CAACrE,IAAI,CAACsE,IAAI,CAACL,KAAK/B,GAAG,EAAE;YAC3BqC,WAAW;YACXC,SAAS;QACb;QAEA,IAAIP,KAAK3B,QAAQ,GAAG,GAAG;YACnB,MAAM,IAAI,CAACtC,IAAI,CAACyE,cAAc,CAACR,KAAK3B,QAAQ;QAChD;QAEA,MAAMoC,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;QAC5D,MAAM1C,WAAW8B,KAAK9B,QAAQ,IAAI,CAAC,WAAW,EAAEiC,aAAaC,SAAS,CAAC,CAAC,EAAEK,UAAU,IAAI,CAAC;QACzF,MAAMI,WAAW,CAAC,iBAAiB,EAAE3C,UAAU;QAE/C,MAAM,IAAI,CAACnC,IAAI,CAAC2C,UAAU,CAAC;YACvBoC,MAAMD;YACN1C,UAAU6B,KAAK7B,QAAQ,IAAI;QAC/B;QAEA,OAAO;YACH4C,SAAS;YACT7C,UAAUA;YACV2C,UAAUA;YACV5C,KAAK+B,KAAK/B,GAAG;YACb+C,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5BC,MAAM,GAAG,IAAI,CAAClF,IAAI,CAACmF,YAAY,IAAIC,SAAS,KAAK,CAAC,EAAE,IAAI,CAACpF,IAAI,CAACmF,YAAY,IAAIE,UAAU,KAAK;YAC7FC,YAAYlB,aAAaC,SAAS;YAClCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAMW,aAAatB,IAAI,EAAEG,YAAY,EAAE;QACnC,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,+BAA+B,EAAEQ,aAAaC,SAAS,CAAC,GAAG,EAAEJ,KAAKvB,KAAK,CAAC,CAAC,CAAC;QAEzF,MAAM,IAAI,CAAC1C,IAAI,CAACsE,IAAI,CAAC,0BAA0B;YAC3CC,WAAW;YACXC,SAAS;QACb;QAEA,kCAAkC;QAClC,IAAI;YACA,MAAM,IAAI,CAACxE,IAAI,CAACwF,eAAe,CAAC,6DAA6D;gBAAEhB,SAAS;YAAK;YAC7G,MAAM,IAAI,CAACxE,IAAI,CAACyF,KAAK,CAAC;YACtB,MAAM,IAAI,CAACzF,IAAI,CAACyE,cAAc,CAAC;QACnC,EAAE,OAAOiB,GAAG;QACR,4BAA4B;QAChC;QAEA,iBAAiB;QACjB,MAAMC,YAAY,MAAM,IAAI,CAAC3F,IAAI,CAACwF,eAAe,CAAC,uCAAuC;YAAEhB,SAAS;QAAM;QAC1G,MAAMmB,UAAUC,IAAI,CAAC3B,KAAKvB,KAAK;QAC/B,MAAMiD,UAAUE,KAAK,CAAC;QAEtB,mBAAmB;QACnB,MAAM,IAAI,CAAC7F,IAAI,CAACwF,eAAe,CAAC,0BAA0B;YAAEhB,SAAS;QAAM;QAE3E,kBAAkB;QAClB,MAAMsB,UAAU,MAAM,IAAI,CAAC9F,IAAI,CAAC+F,MAAM,CAAC,sBAAsBC,CAAAA,WACzDA,SAASC,KAAK,CAAC,GAAGhC,KAAKrB,WAAW,IAAI,GAAGsD,GAAG,CAACC,CAAAA,KAAMA,GAAGC,WAAW,CAACC,IAAI;QAG1E,IAAIC,iBAAiB;QACrB,IAAIrC,KAAKtB,UAAU,EAAE;YACjB,MAAM+B,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;YAC5D,MAAM1C,WAAW,CAAC,cAAc,EAAE8B,KAAKvB,KAAK,CAAC6D,WAAW,GAAG1B,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAEH,UAAU,IAAI,CAAC;YAClG,MAAM,IAAI,CAAC1E,IAAI,CAAC2C,UAAU,CAAC;gBAAEoC,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YAAC;YAClEmE,iBAAiB;gBACbnE;gBACA4C,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;gBACpCD,KAAK,IAAI,CAAClC,IAAI,CAACkC,GAAG;YACtB;QACJ;QAEA,OAAO;YACH8C,SAAS;YACTtC,OAAOuB,KAAKvB,KAAK;YACjBoD,SAASA;YACTlD,aAAakD,QAAQU,MAAM;YAC3B7D,YAAY2D;YACZpE,KAAK,IAAI,CAAClC,IAAI,CAACkC,GAAG;YAClB+C,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5BwB,YAAYrC,aAAaC,SAAS;YAClCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAM8B,oBAAoBzC,IAAI,EAAEG,YAAY,EAAE;QAC1C,MAAM,IAAI,CAACP,WAAW;QAEtBF,QAAQC,KAAK,CAAC,CAAC,kCAAkC,EAAEQ,aAAaC,SAAS,CAAC,EAAE,EAAEJ,KAAK/B,GAAG,EAAE;QAExF,MAAM,IAAI,CAAClC,IAAI,CAACsE,IAAI,CAACL,KAAK/B,GAAG,EAAE;YAC3BqC,WAAW;YACXC,SAAS;QACb;QAEA,MAAMsB,UAAU,EAAE;QAElB,KAAK,MAAMa,UAAU1C,KAAKnB,OAAO,IAAI,EAAE,CAAE;YACrC,IAAI;gBACA,OAAQ6D,OAAO3E,IAAI;oBACf,KAAK;wBACD,MAAM,IAAI,CAAChC,IAAI,CAACwF,eAAe,CAACmB,OAAO1D,QAAQ,EAAE;4BAAEuB,SAAS;wBAAK;wBACjE,MAAM,IAAI,CAACxE,IAAI,CAACyF,KAAK,CAACkB,OAAO1D,QAAQ;wBACrC6C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAS1D,UAAU0D,OAAO1D,QAAQ;4BAAE+B,SAAS;wBAAK;wBACzE;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAACwF,eAAe,CAACmB,OAAO1D,QAAQ,EAAE;4BAAEuB,SAAS;wBAAK;wBACjE,MAAM,IAAI,CAACxE,IAAI,CAAC4F,IAAI,CAACe,OAAO1D,QAAQ,EAAE0D,OAAOzD,KAAK;wBAClD4C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAQ1D,UAAU0D,OAAO1D,QAAQ;4BAAEC,OAAOyD,OAAOzD,KAAK;4BAAE8B,SAAS;wBAAK;wBAC7F;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAAC6F,KAAK,CAACc,OAAO1D,QAAQ,IAAI,QAAQ0D,OAAOxD,GAAG;wBAC3D2C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAASxD,KAAKwD,OAAOxD,GAAG;4BAAE6B,SAAS;wBAAK;wBAC/D;oBAEJ,KAAK;wBACD,MAAM,IAAI,CAAChF,IAAI,CAACyE,cAAc,CAAClD,SAASoF,OAAOzD,KAAK,KAAK;wBACzD4C,QAAQc,IAAI,CAAC;4BAAED,QAAQ;4BAAQE,UAAUF,OAAOzD,KAAK;4BAAE8B,SAAS;wBAAK;wBACrE;gBACR;YACJ,EAAE,OAAOpB,OAAO;gBACZkC,QAAQc,IAAI,CAAC;oBACTD,QAAQA,OAAO3E,IAAI;oBACnBiB,UAAU0D,OAAO1D,QAAQ;oBACzB+B,SAAS;oBACTpB,OAAOA,MAAMkD,OAAO;gBACxB;YACJ;QACJ;QAEA,IAAIR,iBAAiB;QACrB,IAAIrC,KAAKtB,UAAU,EAAE;YACjB,MAAM+B,YAAY,IAAIC,OAAOC,WAAW,GAAGC,OAAO,CAAC,SAAS;YAC5D,MAAM1C,WAAW,CAAC,YAAY,EAAEiC,aAAaC,SAAS,CAAC,CAAC,EAAEK,UAAU,IAAI,CAAC;YACzE,MAAM,IAAI,CAAC1E,IAAI,CAAC2C,UAAU,CAAC;gBAAEoC,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YAAC;YAClEmE,iBAAiB;gBACbnE;gBACA4C,MAAM,CAAC,iBAAiB,EAAE5C,UAAU;YACxC;QACJ;QAEA,OAAO;YACH6C,SAAS;YACT9C,KAAK+B,KAAK/B,GAAG;YACbY,SAASgD;YACTnD,YAAY2D;YACZrB,OAAO,MAAM,IAAI,CAACjF,IAAI,CAACiF,KAAK;YAC5B8B,cAAc3C,aAAaC,SAAS;YACpCK,WAAW,IAAIC,OAAOC,WAAW;QACrC;IACJ;IAEA,MAAMoC,cAAcF,OAAO,EAAE;QACzB,IAAI;YACA,IAAI,CAAC1D,KAAK,CAACC,aAAa;YACxB,IAAI,CAACD,KAAK,CAACK,YAAY,GAAGkB,KAAKsC,GAAG;YAElC,6BAA6B;YAC7B,MAAMC,UAAU;gBACZC,SAAS;oBACL,iBAAiBL,QAAQM,MAAM,EAAEC,SAASC;oBAC1C,gBAAgBR,QAAQM,MAAM,EAAEC,SAAShD;gBAC7C;gBACAkD,MAAMT;YACV;YAEA,MAAMU,WAAW;gBACbC,WAAW,KAAO;gBAClBC,KAAK,CAACC;oBACF,oDAAoD;oBACpD,IAAI,CAACC,YAAY,GAAGC,KAAKC,KAAK,CAACH;gBACnC;YACJ;YAEA,uBAAuB;YACvB,IAAII,uBAAuB;YAC3B,MAAM,IAAI,CAACtH,IAAI,CAACuH,mBAAmB,CAACd,SAASM,UAAU;gBACnDO,uBAAuB;YAC3B;YAEA,IAAI,CAACA,sBAAsB;gBACvB,IAAI,CAAC3E,KAAK,CAACG,gBAAgB;gBAC3B,OAAO,IAAI,CAACqE,YAAY,IAAI;oBACxBK,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdtE,OAAO;wBACHuE,MAAM,CAAC;wBACPrB,SAAS;oBACb;gBACJ;YACJ;YAEA,IAAI,CAAC1D,KAAK,CAACE,kBAAkB;YAE7B,yCAAyC;YACzC,IAAIwD,QAAQsB,MAAM,KAAK,cAAc;gBACjC,OAAO;oBACHH,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBACJC,iBAAiB;wBACjBC,cAAc;4BACV5G,OAAO,CAAC;wBACZ;wBACA6G,YAAY;4BACR3G,MAAM;4BACN4G,SAAS;4BACTC,gBAAgB;wBACpB;oBACJ;gBACJ;YACJ,OAAO,IAAI5B,QAAQsB,MAAM,KAAK,cAAc;gBACxC,OAAO;oBACHH,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBAAE1G,OAAOgH,OAAOC,MAAM,CAAC,IAAI,CAACjH,KAAK;oBAAE;gBAC/C;YACJ,OAAO,IAAImF,QAAQsB,MAAM,KAAK,cAAc;gBACxC,MAAMS,WAAW/B,QAAQM,MAAM,CAACvF,IAAI;gBACpC,MAAMoC,OAAO6C,QAAQM,MAAM,CAAC0B,SAAS,IAAI,CAAC;gBAC1C,MAAM1E,eAAe8C,QAAQ9C,YAAY,IAAI;oBACzCC,WAAW;oBACX0E,eAAe;gBACnB;gBAEA,0BAA0B;gBAC1B,IAAI,CAAC3F,KAAK,CAACI,SAAS,CAACqF,SAAS,GAAG,AAAC,CAAA,IAAI,CAACzF,KAAK,CAACI,SAAS,CAACqF,SAAS,IAAI,CAAA,IAAK;gBAEzE,IAAIR;gBACJ,IAAIQ,aAAa,mBAAmB;oBAChCR,SAAS,MAAM,IAAI,CAAClE,cAAc,CAACF,MAAMG;gBAC7C,OAAO,IAAIyE,aAAa,iBAAiB;oBACrCR,SAAS,MAAM,IAAI,CAAC9C,YAAY,CAACtB,MAAMG;gBAC3C,OAAO,IAAIyE,aAAa,yBAAyB;oBAC7CR,SAAS,MAAM,IAAI,CAAC3B,mBAAmB,CAACzC,MAAMG;gBAClD,OAAO;oBACH,MAAM,IAAI4E,MAAM,CAAC,cAAc,EAAEH,UAAU;gBAC/C;gBAEAlF,QAAQC,KAAK,CAAC,CAAC,kBAAkB,EAAEiF,SAAS,aAAa,EAAEzE,aAAaC,SAAS,EAAE;gBAEnF,OAAO;oBACH4D,SAAS;oBACTC,IAAIpB,QAAQoB,EAAE;oBACdG,QAAQ;wBACJY,SAAS;4BAAC;gCACNjH,MAAM;gCACNkH,MAAMrB,KAAKsB,SAAS,CAACd,QAAQ,MAAM;4BACvC;yBAAE;oBACN;gBACJ;YACJ;QACJ,EAAE,OAAOzE,OAAO;YACZD,QAAQC,KAAK,CAAC,wCAAwCA;YACtD,OAAO;gBACHqE,SAAS;gBACTC,IAAIpB,QAAQoB,EAAE,IAAI;gBAClBtE,OAAO;oBACHuE,MAAM,CAAC;oBACPrB,SAASlD,MAAMkD,OAAO;gBAC1B;YACJ;QACJ;IACJ;IAEA,MAAMsC,QAAQ;QACV,MAAM,IAAI,CAAC1F,UAAU;QAErB,IAAI,CAACzD,EAAE,CAACoJ,EAAE,CAAC,QAAQ,OAAOC;YACtB,IAAI;gBACA,MAAMxC,UAAUe,KAAKC,KAAK,CAACwB;gBAC3B,MAAM9B,WAAW,MAAM,IAAI,CAACR,aAAa,CAACF;gBAC1CnD,QAAQ4F,GAAG,CAAC1B,KAAKsB,SAAS,CAAC3B;YAC/B,EAAE,OAAO5D,OAAO;gBACZD,QAAQ4F,GAAG,CAAC1B,KAAKsB,SAAS,CAAC;oBACvBlB,SAAS;oBACTC,IAAI;oBACJtE,OAAO;wBACHuE,MAAM,CAAC;wBACPrB,SAAS,CAAC,aAAa,EAAElD,MAAMkD,OAAO,EAAE;oBAC5C;gBACJ;YACJ;QACJ;QAEA,kBAAkB;QAClB1G,QAAQiJ,EAAE,CAAC,UAAU;YACjB1F,QAAQC,KAAK,CAAC;YACd,MAAM,IAAI,CAAC4F,QAAQ;YACnBpJ,QAAQ0D,IAAI,CAAC;QACjB;QAEA,8BAA8B;QAC9B2F,YAAY;YACR9F,QAAQC,KAAK,CAAC,CAAC,oBAAoB,EAAE,IAAI,CAACR,KAAK,CAACC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAACD,KAAK,CAACE,kBAAkB,CAAC,aAAa,EAAE,IAAI,CAACF,KAAK,CAACG,gBAAgB,CAAC,SAAS,CAAC;YAC3JI,QAAQC,KAAK,CAAC,CAAC,wBAAwB,CAAC,EAAEiE,KAAKsB,SAAS,CAAC,IAAI,CAAC/F,KAAK,CAACI,SAAS;QACjF,GAAG,QAAQ,eAAe;IAC9B;IAEA,MAAMkG,WAAW;QACb,MAAMC,YAAY,MAAM,IAAI,CAAClJ,IAAI,CAACiJ,QAAQ;QAC1C,OAAO;YACHE,QAAQ;gBACJ/H,MAAM;gBACNgI,QAAQzJ,QAAQyJ,MAAM;gBACtB,GAAG,IAAI,CAACzG,KAAK;YACjB;YACAsF,gBAAgBiB;QACpB;IACJ;IAEA,MAAMH,WAAW;QACb,IAAI;YACA,IAAI,IAAI,CAACzJ,OAAO,EAAE,MAAM,IAAI,CAACA,OAAO,CAAC+J,KAAK;YAC1C,IAAI,IAAI,CAAC7J,EAAE,EAAE,IAAI,CAACA,EAAE,CAAC6J,KAAK;YAC1B,IAAI,IAAI,CAACrJ,IAAI,EAAE,MAAM,IAAI,CAACA,IAAI,CAAC+I,QAAQ;YACvC7F,QAAQC,KAAK,CAAC;QAClB,EAAE,OAAOA,OAAO;YACZD,QAAQC,KAAK,CAAC,uCAAuCA;QACzD;IACJ;AACJ;AAEA,mBAAmB;AACnB,MAAMgG,SAAS,IAAI/J,iCAAiC;IAChDa,UAAUN,QAAQO,GAAG,CAACE,aAAa;IACnCG,cAAcZ,QAAQO,GAAG,CAACM,iBAAiB,KAAK;IAChDK,cAAcC,SAASnB,QAAQO,GAAG,CAACa,kBAAkB,KAAK;AAC9D;AAEAoI,OAAOR,KAAK,GAAGW,KAAK,CAACnG,CAAAA;IACjBD,QAAQC,KAAK,CAAC,qEAAqEA;IACnFxD,QAAQ0D,IAAI,CAAC;AACjB"}

package/dist/middleware/authentication.js ADDED Viewed

@@ -0,0 +1,317 @@
+/**
+ * Authentication Middleware
+ *
+ * Comprehensive authentication and authorization middleware for Express.js
+ * with JWT token validation, role-based access control, and security features.
+ */ import jwt from 'jsonwebtoken';
+import bcrypt from 'bcrypt';
+import { logger } from '../utils/logger.js';
+import { StandardError, ErrorCode } from '../../lib/errors.js';
+/**
+ * Authentication middleware that validates JWT tokens
+ *
+ * @param config Authentication configuration
+ * @returns Express middleware function
+ */ export function authenticationMiddleware(config) {
+    return async (req, res, next)=>{
+        try {
+            // Check for authorization header
+            const authHeader = req.headers.authorization;
+            if (!authHeader) {
+                res.status(401).json({
+                    error: 'Unauthorized',
+                    message: 'No authorization header provided',
+                    errorCode: 'AUTH_001'
+                });
+                return;
+            }
+            // Validate authorization header format
+            if (!authHeader.startsWith('Bearer ')) {
+                res.status(401).json({
+                    error: 'Unauthorized',
+                    message: 'Invalid authorization header format',
+                    errorCode: 'AUTH_003'
+                });
+                return;
+            }
+            // Extract and sanitize token
+            const token = authHeader.slice(7).trim();
+            if (!token) {
+                res.status(401).json({
+                    error: 'Unauthorized',
+                    message: 'No token provided',
+                    errorCode: 'AUTH_005'
+                });
+                return;
+            }
+            // Verify JWT token
+            let decoded;
+            try {
+                decoded = jwt.verify(token, config.jwtSecret);
+            } catch (error) {
+                // Handle specific JWT errors
+                if (error instanceof jwt.TokenExpiredError) {
+                    res.status(401).json({
+                        error: 'Unauthorized',
+                        message: 'Token has expired',
+                        errorCode: 'AUTH_004'
+                    });
+                    return;
+                } else if (error instanceof jwt.JsonWebTokenError) {
+                    res.status(401).json({
+                        error: 'Unauthorized',
+                        message: 'Invalid or expired token',
+                        errorCode: 'AUTH_002'
+                    });
+                    return;
+                } else {
+                    logger.error('Unexpected JWT verification error:', error);
+                    res.status(401).json({
+                        error: 'Unauthorized',
+                        message: 'Token verification failed',
+                        errorCode: 'AUTH_006'
+                    });
+                    return;
+                }
+            }
+            // Attach user information to request
+            req.user = {
+                userId: decoded.userId,
+                email: decoded.email,
+                role: decoded.role,
+                iat: decoded.iat,
+                exp: decoded.exp
+            };
+            // Log successful authentication
+            logger.info(`User authenticated: ${decoded.userId} (${decoded.email})`, {
+                userId: decoded.userId,
+                role: decoded.role,
+                ip: req.ip,
+                userAgent: req.headers['user-agent']
+            });
+            next();
+        } catch (error) {
+            logger.error('Authentication middleware error:', error);
+            res.status(500).json({
+                error: 'Internal Server Error',
+                message: 'Authentication service unavailable',
+                errorCode: 'AUTH_500'
+            });
+        }
+    };
+}
+/**
+ * Authorization middleware for role-based access control
+ *
+ * @param requiredRoles Array of roles that are allowed to access the resource
+ * @returns Express middleware function
+ */ export function authorizationMiddleware(requiredRoles) {
+    return (req, res, next)=>{
+        try {
+            // Check if user is authenticated
+            if (!req.user) {
+                res.status(401).json({
+                    error: 'Unauthorized',
+                    message: 'User not authenticated'
+                });
+                return;
+            }
+            // Check if user has required role
+            if (!requiredRoles.includes(req.user.role)) {
+                res.status(403).json({
+                    error: 'Forbidden',
+                    message: 'Insufficient permissions',
+                    requiredRoles,
+                    userRole: req.user.role
+                });
+                return;
+            }
+            // Log successful authorization
+            logger.info(`User authorized: ${req.user.userId} (${req.user.role})`, {
+                userId: req.user.userId,
+                role: req.user.role,
+                requiredRoles
+            });
+            next();
+        } catch (error) {
+            logger.error('Authorization middleware error:', error);
+            res.status(500).json({
+                error: 'Internal Server Error',
+                message: 'Authorization service unavailable'
+            });
+        }
+    };
+}
+/**
+ * Password utilities for secure password handling
+ */ export class PasswordUtils {
+    /**
+   * Hash a password using bcrypt
+   *
+   * @param password Plain text password
+   * @param rounds Number of bcrypt rounds (default 12)
+   * @returns Hashed password
+   */ static async hashPassword(password, rounds = 12) {
+        try {
+            return await bcrypt.hash(password, rounds);
+        } catch (error) {
+            logger.error('Password hashing error:', error);
+            throw new StandardError('Failed to hash password', ErrorCode.INTERNAL_ERROR);
+        }
+    }
+    /**
+   * Generate salt for password hashing
+   *
+   * @param rounds Number of bcrypt rounds (default 12)
+   * @returns Salt string
+   */ static async generateSalt(rounds = 12) {
+        try {
+            return await bcrypt.genSalt(rounds);
+        } catch (error) {
+            logger.error('Salt generation error:', error);
+            throw new StandardError('Failed to generate salt', ErrorCode.INTERNAL_ERROR);
+        }
+    }
+    /**
+   * Compare a plain text password with a hash
+   *
+   * @param password Plain text password
+   * @param hash Hashed password
+   * @returns True if passwords match
+   */ static async comparePassword(password, hash) {
+        try {
+            return await bcrypt.compare(password, hash);
+        } catch (error) {
+            logger.error('Password comparison error:', error);
+            throw new StandardError('Failed to compare passwords', ErrorCode.INTERNAL_ERROR);
+        }
+    }
+    /**
+   * Validate password strength
+   *
+   * @param password Password to validate
+   * @returns True if password meets strength requirements
+   */ static validatePasswordStrength(password) {
+        // Minimum 8 characters, at least one uppercase, one lowercase, one number, and one special character
+        const minLength = 8;
+        const hasUpperCase = /[A-Z]/.test(password);
+        const hasLowerCase = /[a-z]/.test(password);
+        const hasNumbers = /\d/.test(password);
+        const hasSpecialChar = /[!@#$%^&*(),.?":{}|<>]/.test(password);
+        return password.length >= minLength && hasUpperCase && hasLowerCase && hasNumbers && hasSpecialChar;
+    }
+}
+/**
+ * JWT utilities for token management
+ */ export class JWTUtils {
+    /**
+   * Generate a JWT token
+   *
+   * @param payload Token payload
+   * @param secret JWT secret
+   * @param expiresIn Token expiration time
+   * @returns JWT token
+   */ static generateToken(payload, secret, expiresIn = '24h') {
+        try {
+            return jwt.sign(payload, secret, {
+                expiresIn
+            });
+        } catch (error) {
+            logger.error('Token generation error:', error);
+            throw new StandardError('Failed to generate token', ErrorCode.INTERNAL_ERROR);
+        }
+    }
+    /**
+   * Verify a JWT token
+   *
+   * @param token JWT token
+   * @param secret JWT secret
+   * @returns Decoded payload
+   */ static verifyToken(token, secret) {
+        try {
+            return jwt.verify(token, secret);
+        } catch (error) {
+            if (error instanceof jwt.TokenExpiredError) {
+                throw new StandardError('Token has expired', ErrorCode.TOKEN_EXPIRED);
+            } else if (error instanceof jwt.JsonWebTokenError) {
+                throw new StandardError('Invalid token', ErrorCode.INVALID_TOKEN);
+            } else {
+                throw new StandardError('Token verification failed', ErrorCode.INTERNAL_ERROR);
+            }
+        }
+    }
+    /**
+   * Decode a JWT token without verification (for debugging)
+   *
+   * @param token JWT token
+   * @returns Decoded payload
+   */ static decodeToken(token) {
+        try {
+            return jwt.decode(token);
+        } catch (error) {
+            logger.error('Token decoding error:', error);
+            return null;
+        }
+    }
+}
+/**
+ * Rate limiting utilities for authentication endpoints
+ */ export class AuthRateLimit {
+    static attempts = new Map();
+    /**
+   * Check if user has exceeded login attempts
+   *
+   * @param identifier User identifier (email, IP, etc.)
+   * @param maxAttempts Maximum allowed attempts
+   * @param windowMs Time window in milliseconds
+   * @returns True if attempts exceeded
+   */ static hasExceededAttempts(identifier, maxAttempts = 5, windowMs = 15 * 60 * 1000 // 15 minutes
+    ) {
+        const now = Date.now();
+        const attempts = this.attempts.get(identifier);
+        if (!attempts) {
+            this.attempts.set(identifier, {
+                count: 1,
+                lastAttempt: now
+            });
+            return false;
+        }
+        // Reset if window has expired
+        if (now - attempts.lastAttempt > windowMs) {
+            this.attempts.set(identifier, {
+                count: 1,
+                lastAttempt: now
+            });
+            return false;
+        }
+        // Increment attempts
+        attempts.count++;
+        attempts.lastAttempt = now;
+        // Check if exceeded
+        if (attempts.count > maxAttempts) {
+            logger.warn(`Login attempts exceeded for ${identifier}`, {
+                identifier,
+                attempts: attempts.count,
+                windowMs
+            });
+            return true;
+        }
+        return false;
+    }
+    /**
+   * Clear failed attempts for a user
+   *
+   * @param identifier User identifier
+   */ static clearAttempts(identifier) {
+        this.attempts.delete(identifier);
+    }
+}
+export default {
+    authenticationMiddleware,
+    authorizationMiddleware,
+    PasswordUtils,
+    JWTUtils,
+    AuthRateLimit
+};
+//# sourceMappingURL=authentication.js.map

package/dist/middleware/authentication.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/middleware/authentication.ts"],"sourcesContent":["/**\r\n * Authentication Middleware\r\n * \r\n * Comprehensive authentication and authorization middleware for Express.js\r\n * with JWT token validation, role-based access control, and security features.\r\n */\r\n\r\nimport { Request, Response, NextFunction } from 'express';\r\nimport jwt from 'jsonwebtoken';\r\nimport bcrypt from 'bcrypt';\r\nimport { logger } from '../utils/logger.js';\r\nimport { StandardError, ErrorCode } from '../../lib/errors.js';\r\n\r\n// Extend Express Request type to include user\r\ndeclare global {\r\n namespace Express {\r\n interface Request {\r\n user?: {\r\n userId: string;\r\n email: string;\r\n role: string;\r\n iat?: number;\r\n exp?: number;\r\n };\r\n }\r\n }\r\n}\r\n\r\nexport interface AuthConfig {\r\n jwtSecret: string;\r\n jwtExpiration: string;\r\n bcryptRounds: number;\r\n}\r\n\r\nexport interface JWTPayload {\r\n userId: string;\r\n email: string;\r\n role: string;\r\n iat?: number;\r\n exp?: number;\r\n}\r\n\r\n/**\r\n * Authentication middleware that validates JWT tokens\r\n * \r\n * @param config Authentication configuration\r\n * @returns Express middleware function\r\n */\r\nexport function authenticationMiddleware(config: AuthConfig) {\r\n return async (req: Request, res: Response, next: NextFunction): Promise<void> => {\r\n try {\r\n // Check for authorization header\r\n const authHeader = req.headers.authorization;\r\n if (!authHeader) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'No authorization header provided',\r\n errorCode: 'AUTH_001',\r\n });\r\n return;\r\n }\r\n\r\n // Validate authorization header format\r\n if (!authHeader.startsWith('Bearer ')) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'Invalid authorization header format',\r\n errorCode: 'AUTH_003',\r\n });\r\n return;\r\n }\r\n\r\n // Extract and sanitize token\r\n const token = authHeader.slice(7).trim();\r\n if (!token) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'No token provided',\r\n errorCode: 'AUTH_005',\r\n });\r\n return;\r\n }\r\n\r\n // Verify JWT token\r\n let decoded: JWTPayload;\r\n try {\r\n decoded = jwt.verify(token, config.jwtSecret) as JWTPayload;\r\n } catch (error) {\r\n // Handle specific JWT errors\r\n if (error instanceof jwt.TokenExpiredError) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'Token has expired',\r\n errorCode: 'AUTH_004',\r\n });\r\n return;\r\n } else if (error instanceof jwt.JsonWebTokenError) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'Invalid or expired token',\r\n errorCode: 'AUTH_002',\r\n });\r\n return;\r\n } else {\r\n logger.error('Unexpected JWT verification error:', error);\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'Token verification failed',\r\n errorCode: 'AUTH_006',\r\n });\r\n return;\r\n }\r\n }\r\n\r\n // Attach user information to request\r\n req.user = {\r\n userId: decoded.userId,\r\n email: decoded.email,\r\n role: decoded.role,\r\n iat: decoded.iat,\r\n exp: decoded.exp,\r\n };\r\n\r\n // Log successful authentication\r\n logger.info(`User authenticated: ${decoded.userId} (${decoded.email})`, {\r\n userId: decoded.userId,\r\n role: decoded.role,\r\n ip: req.ip,\r\n userAgent: req.headers['user-agent'],\r\n });\r\n\r\n next();\r\n } catch (error) {\r\n logger.error('Authentication middleware error:', error);\r\n res.status(500).json({\r\n error: 'Internal Server Error',\r\n message: 'Authentication service unavailable',\r\n errorCode: 'AUTH_500',\r\n });\r\n }\r\n };\r\n}\r\n\r\n/**\r\n * Authorization middleware for role-based access control\r\n * \r\n * @param requiredRoles Array of roles that are allowed to access the resource\r\n * @returns Express middleware function\r\n */\r\nexport function authorizationMiddleware(requiredRoles: string[]) {\r\n return (req: Request, res: Response, next: NextFunction): void => {\r\n try {\r\n // Check if user is authenticated\r\n if (!req.user) {\r\n res.status(401).json({\r\n error: 'Unauthorized',\r\n message: 'User not authenticated',\r\n });\r\n return;\r\n }\r\n\r\n // Check if user has required role\r\n if (!requiredRoles.includes(req.user.role)) {\r\n res.status(403).json({\r\n error: 'Forbidden',\r\n message: 'Insufficient permissions',\r\n requiredRoles,\r\n userRole: req.user.role,\r\n });\r\n return;\r\n }\r\n\r\n // Log successful authorization\r\n logger.info(`User authorized: ${req.user.userId} (${req.user.role})`, {\r\n userId: req.user.userId,\r\n role: req.user.role,\r\n requiredRoles,\r\n });\r\n\r\n next();\r\n } catch (error) {\r\n logger.error('Authorization middleware error:', error);\r\n res.status(500).json({\r\n error: 'Internal Server Error',\r\n message: 'Authorization service unavailable',\r\n });\r\n }\r\n };\r\n}\r\n\r\n/**\r\n * Password utilities for secure password handling\r\n */\r\nexport class PasswordUtils {\r\n /**\r\n * Hash a password using bcrypt\r\n * \r\n * @param password Plain text password\r\n * @param rounds Number of bcrypt rounds (default 12)\r\n * @returns Hashed password\r\n */\r\n static async hashPassword(password: string, rounds: number = 12): Promise<string> {\r\n try {\r\n return await bcrypt.hash(password, rounds);\r\n } catch (error) {\r\n logger.error('Password hashing error:', error);\r\n throw new StandardError('Failed to hash password', ErrorCode.INTERNAL_ERROR);\r\n }\r\n }\r\n\r\n /**\r\n * Generate salt for password hashing\r\n * \r\n * @param rounds Number of bcrypt rounds (default 12)\r\n * @returns Salt string\r\n */\r\n static async generateSalt(rounds: number = 12): Promise<string> {\r\n try {\r\n return await bcrypt.genSalt(rounds);\r\n } catch (error) {\r\n logger.error('Salt generation error:', error);\r\n throw new StandardError('Failed to generate salt', ErrorCode.INTERNAL_ERROR);\r\n }\r\n }\r\n\r\n /**\r\n * Compare a plain text password with a hash\r\n * \r\n * @param password Plain text password\r\n * @param hash Hashed password\r\n * @returns True if passwords match\r\n */\r\n static async comparePassword(password: string, hash: string): Promise<boolean> {\r\n try {\r\n return await bcrypt.compare(password, hash);\r\n } catch (error) {\r\n logger.error('Password comparison error:', error);\r\n throw new StandardError('Failed to compare passwords', ErrorCode.INTERNAL_ERROR);\r\n }\r\n }\r\n\r\n /**\r\n * Validate password strength\r\n * \r\n * @param password Password to validate\r\n * @returns True if password meets strength requirements\r\n */\r\n static validatePasswordStrength(password: string): boolean {\r\n // Minimum 8 characters, at least one uppercase, one lowercase, one number, and one special character\r\n const minLength = 8;\r\n const hasUpperCase = /[A-Z]/.test(password);\r\n const hasLowerCase = /[a-z]/.test(password);\r\n const hasNumbers = /\\d/.test(password);\r\n const hasSpecialChar = /[!@#$%^&*(),.?\":{}|<>]/.test(password);\r\n\r\n return (\r\n password.length >= minLength &&\r\n hasUpperCase &&\r\n hasLowerCase &&\r\n hasNumbers &&\r\n hasSpecialChar\r\n );\r\n }\r\n}\r\n\r\n/**\r\n * JWT utilities for token management\r\n */\r\nexport class JWTUtils {\r\n /**\r\n * Generate a JWT token\r\n * \r\n * @param payload Token payload\r\n * @param secret JWT secret\r\n * @param expiresIn Token expiration time\r\n * @returns JWT token\r\n */\r\n static generateToken(\r\n payload: Omit<JWTPayload, 'iat' | 'exp'>,\r\n secret: string,\r\n expiresIn: string = '24h'\r\n ): string {\r\n try {\r\n return jwt.sign(payload, secret, { expiresIn });\r\n } catch (error) {\r\n logger.error('Token generation error:', error);\r\n throw new StandardError('Failed to generate token', ErrorCode.INTERNAL_ERROR);\r\n }\r\n }\r\n\r\n /**\r\n * Verify a JWT token\r\n * \r\n * @param token JWT token\r\n * @param secret JWT secret\r\n * @returns Decoded payload\r\n */\r\n static verifyToken(token: string, secret: string): JWTPayload {\r\n try {\r\n return jwt.verify(token, secret) as JWTPayload;\r\n } catch (error) {\r\n if (error instanceof jwt.TokenExpiredError) {\r\n throw new StandardError('Token has expired', ErrorCode.TOKEN_EXPIRED);\r\n } else if (error instanceof jwt.JsonWebTokenError) {\r\n throw new StandardError('Invalid token', ErrorCode.INVALID_TOKEN);\r\n } else {\r\n throw new StandardError('Token verification failed', ErrorCode.INTERNAL_ERROR);\r\n }\r\n }\r\n }\r\n\r\n /**\r\n * Decode a JWT token without verification (for debugging)\r\n * \r\n * @param token JWT token\r\n * @returns Decoded payload\r\n */\r\n static decodeToken(token: string): JWTPayload | null {\r\n try {\r\n return jwt.decode(token) as JWTPayload;\r\n } catch (error) {\r\n logger.error('Token decoding error:', error);\r\n return null;\r\n }\r\n }\r\n}\r\n\r\n/**\r\n * Rate limiting utilities for authentication endpoints\r\n */\r\nexport class AuthRateLimit {\r\n private static attempts = new Map<string, { count: number; lastAttempt: number }>();\r\n\r\n /**\r\n * Check if user has exceeded login attempts\r\n * \r\n * @param identifier User identifier (email, IP, etc.)\r\n * @param maxAttempts Maximum allowed attempts\r\n * @param windowMs Time window in milliseconds\r\n * @returns True if attempts exceeded\r\n */\r\n static hasExceededAttempts(\r\n identifier: string,\r\n maxAttempts: number = 5,\r\n windowMs: number = 15 * 60 * 1000 // 15 minutes\r\n ): boolean {\r\n const now = Date.now();\r\n const attempts = this.attempts.get(identifier);\r\n\r\n if (!attempts) {\r\n this.attempts.set(identifier, { count: 1, lastAttempt: now });\r\n return false;\r\n }\r\n\r\n // Reset if window has expired\r\n if (now - attempts.lastAttempt > windowMs) {\r\n this.attempts.set(identifier, { count: 1, lastAttempt: now });\r\n return false;\r\n }\r\n\r\n // Increment attempts\r\n attempts.count++;\r\n attempts.lastAttempt = now;\r\n\r\n // Check if exceeded\r\n if (attempts.count > maxAttempts) {\r\n logger.warn(`Login attempts exceeded for ${identifier}`, {\r\n identifier,\r\n attempts: attempts.count,\r\n windowMs,\r\n });\r\n return true;\r\n }\r\n\r\n return false;\r\n }\r\n\r\n /**\r\n * Clear failed attempts for a user\r\n * \r\n * @param identifier User identifier\r\n */\r\n static clearAttempts(identifier: string): void {\r\n this.attempts.delete(identifier);\r\n }\r\n}\r\n\r\nexport default {\r\n authenticationMiddleware,\r\n authorizationMiddleware,\r\n PasswordUtils,\r\n JWTUtils,\r\n AuthRateLimit,\r\n};"],"names":["jwt","bcrypt","logger","StandardError","ErrorCode","authenticationMiddleware","config","req","res","next","authHeader","headers","authorization","status","json","error","message","errorCode","startsWith","token","slice","trim","decoded","verify","jwtSecret","TokenExpiredError","JsonWebTokenError","user","userId","email","role","iat","exp","info","ip","userAgent","authorizationMiddleware","requiredRoles","includes","userRole","PasswordUtils","hashPassword","password","rounds","hash","INTERNAL_ERROR","generateSalt","genSalt","comparePassword","compare","validatePasswordStrength","minLength","hasUpperCase","test","hasLowerCase","hasNumbers","hasSpecialChar","length","JWTUtils","generateToken","payload","secret","expiresIn","sign","verifyToken","TOKEN_EXPIRED","INVALID_TOKEN","decodeToken","decode","AuthRateLimit","attempts","Map","hasExceededAttempts","identifier","maxAttempts","windowMs","now","Date","get","set","count","lastAttempt","warn","clearAttempts","delete"],"mappings":"AAAA;;;;;CAKC,GAGD,OAAOA,SAAS,eAAe;AAC/B,OAAOC,YAAY,SAAS;AAC5B,SAASC,MAAM,QAAQ,qBAAqB;AAC5C,SAASC,aAAa,EAAEC,SAAS,QAAQ,sBAAsB;AA+B/D;;;;;CAKC,GACD,OAAO,SAASC,yBAAyBC,MAAkB;IACzD,OAAO,OAAOC,KAAcC,KAAeC;QACzC,IAAI;YACF,iCAAiC;YACjC,MAAMC,aAAaH,IAAII,OAAO,CAACC,aAAa;YAC5C,IAAI,CAACF,YAAY;gBACfF,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;oBACnBC,OAAO;oBACPC,SAAS;oBACTC,WAAW;gBACb;gBACA;YACF;YAEA,uCAAuC;YACvC,IAAI,CAACP,WAAWQ,UAAU,CAAC,YAAY;gBACrCV,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;oBACnBC,OAAO;oBACPC,SAAS;oBACTC,WAAW;gBACb;gBACA;YACF;YAEA,6BAA6B;YAC7B,MAAME,QAAQT,WAAWU,KAAK,CAAC,GAAGC,IAAI;YACtC,IAAI,CAACF,OAAO;gBACVX,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;oBACnBC,OAAO;oBACPC,SAAS;oBACTC,WAAW;gBACb;gBACA;YACF;YAEA,mBAAmB;YACnB,IAAIK;YACJ,IAAI;gBACFA,UAAUtB,IAAIuB,MAAM,CAACJ,OAAOb,OAAOkB,SAAS;YAC9C,EAAE,OAAOT,OAAO;gBACd,6BAA6B;gBAC7B,IAAIA,iBAAiBf,IAAIyB,iBAAiB,EAAE;oBAC1CjB,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;wBACnBC,OAAO;wBACPC,SAAS;wBACTC,WAAW;oBACb;oBACA;gBACF,OAAO,IAAIF,iBAAiBf,IAAI0B,iBAAiB,EAAE;oBACjDlB,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;wBACnBC,OAAO;wBACPC,SAAS;wBACTC,WAAW;oBACb;oBACA;gBACF,OAAO;oBACLf,OAAOa,KAAK,CAAC,sCAAsCA;oBACnDP,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;wBACnBC,OAAO;wBACPC,SAAS;wBACTC,WAAW;oBACb;oBACA;gBACF;YACF;YAEA,qCAAqC;YACrCV,IAAIoB,IAAI,GAAG;gBACTC,QAAQN,QAAQM,MAAM;gBACtBC,OAAOP,QAAQO,KAAK;gBACpBC,MAAMR,QAAQQ,IAAI;gBAClBC,KAAKT,QAAQS,GAAG;gBAChBC,KAAKV,QAAQU,GAAG;YAClB;YAEA,gCAAgC;YAChC9B,OAAO+B,IAAI,CAAC,CAAC,oBAAoB,EAAEX,QAAQM,MAAM,CAAC,EAAE,EAAEN,QAAQO,KAAK,CAAC,CAAC,CAAC,EAAE;gBACtED,QAAQN,QAAQM,MAAM;gBACtBE,MAAMR,QAAQQ,IAAI;gBAClBI,IAAI3B,IAAI2B,EAAE;gBACVC,WAAW5B,IAAII,OAAO,CAAC,aAAa;YACtC;YAEAF;QACF,EAAE,OAAOM,OAAO;YACdb,OAAOa,KAAK,CAAC,oCAAoCA;YACjDP,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;gBACnBC,OAAO;gBACPC,SAAS;gBACTC,WAAW;YACb;QACF;IACF;AACF;AAEA;;;;;CAKC,GACD,OAAO,SAASmB,wBAAwBC,aAAuB;IAC7D,OAAO,CAAC9B,KAAcC,KAAeC;QACnC,IAAI;YACF,iCAAiC;YACjC,IAAI,CAACF,IAAIoB,IAAI,EAAE;gBACbnB,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;oBACnBC,OAAO;oBACPC,SAAS;gBACX;gBACA;YACF;YAEA,kCAAkC;YAClC,IAAI,CAACqB,cAAcC,QAAQ,CAAC/B,IAAIoB,IAAI,CAACG,IAAI,GAAG;gBAC1CtB,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;oBACnBC,OAAO;oBACPC,SAAS;oBACTqB;oBACAE,UAAUhC,IAAIoB,IAAI,CAACG,IAAI;gBACzB;gBACA;YACF;YAEA,+BAA+B;YAC/B5B,OAAO+B,IAAI,CAAC,CAAC,iBAAiB,EAAE1B,IAAIoB,IAAI,CAACC,MAAM,CAAC,EAAE,EAAErB,IAAIoB,IAAI,CAACG,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpEF,QAAQrB,IAAIoB,IAAI,CAACC,MAAM;gBACvBE,MAAMvB,IAAIoB,IAAI,CAACG,IAAI;gBACnBO;YACF;YAEA5B;QACF,EAAE,OAAOM,OAAO;YACdb,OAAOa,KAAK,CAAC,mCAAmCA;YAChDP,IAAIK,MAAM,CAAC,KAAKC,IAAI,CAAC;gBACnBC,OAAO;gBACPC,SAAS;YACX;QACF;IACF;AACF;AAEA;;CAEC,GACD,OAAO,MAAMwB;IACX;;;;;;GAMC,GACD,aAAaC,aAAaC,QAAgB,EAAEC,SAAiB,EAAE,EAAmB;QAChF,IAAI;YACF,OAAO,MAAM1C,OAAO2C,IAAI,CAACF,UAAUC;QACrC,EAAE,OAAO5B,OAAO;YACdb,OAAOa,KAAK,CAAC,2BAA2BA;YACxC,MAAM,IAAIZ,cAAc,2BAA2BC,UAAUyC,cAAc;QAC7E;IACF;IAEA;;;;;GAKC,GACD,aAAaC,aAAaH,SAAiB,EAAE,EAAmB;QAC9D,IAAI;YACF,OAAO,MAAM1C,OAAO8C,OAAO,CAACJ;QAC9B,EAAE,OAAO5B,OAAO;YACdb,OAAOa,KAAK,CAAC,0BAA0BA;YACvC,MAAM,IAAIZ,cAAc,2BAA2BC,UAAUyC,cAAc;QAC7E;IACF;IAEA;;;;;;GAMC,GACD,aAAaG,gBAAgBN,QAAgB,EAAEE,IAAY,EAAoB;QAC7E,IAAI;YACF,OAAO,MAAM3C,OAAOgD,OAAO,CAACP,UAAUE;QACxC,EAAE,OAAO7B,OAAO;YACdb,OAAOa,KAAK,CAAC,8BAA8BA;YAC3C,MAAM,IAAIZ,cAAc,+BAA+BC,UAAUyC,cAAc;QACjF;IACF;IAEA;;;;;GAKC,GACD,OAAOK,yBAAyBR,QAAgB,EAAW;QACzD,qGAAqG;QACrG,MAAMS,YAAY;QAClB,MAAMC,eAAe,QAAQC,IAAI,CAACX;QAClC,MAAMY,eAAe,QAAQD,IAAI,CAACX;QAClC,MAAMa,aAAa,KAAKF,IAAI,CAACX;QAC7B,MAAMc,iBAAiB,yBAAyBH,IAAI,CAACX;QAErD,OACEA,SAASe,MAAM,IAAIN,aACnBC,gBACAE,gBACAC,cACAC;IAEJ;AACF;AAEA;;CAEC,GACD,OAAO,MAAME;IACX;;;;;;;GAOC,GACD,OAAOC,cACLC,OAAwC,EACxCC,MAAc,EACdC,YAAoB,KAAK,EACjB;QACR,IAAI;YACF,OAAO9D,IAAI+D,IAAI,CAACH,SAASC,QAAQ;gBAAEC;YAAU;QAC/C,EAAE,OAAO/C,OAAO;YACdb,OAAOa,KAAK,CAAC,2BAA2BA;YACxC,MAAM,IAAIZ,cAAc,4BAA4BC,UAAUyC,cAAc;QAC9E;IACF;IAEA;;;;;;GAMC,GACD,OAAOmB,YAAY7C,KAAa,EAAE0C,MAAc,EAAc;QAC5D,IAAI;YACF,OAAO7D,IAAIuB,MAAM,CAACJ,OAAO0C;QAC3B,EAAE,OAAO9C,OAAO;YACd,IAAIA,iBAAiBf,IAAIyB,iBAAiB,EAAE;gBAC1C,MAAM,IAAItB,cAAc,qBAAqBC,UAAU6D,aAAa;YACtE,OAAO,IAAIlD,iBAAiBf,IAAI0B,iBAAiB,EAAE;gBACjD,MAAM,IAAIvB,cAAc,iBAAiBC,UAAU8D,aAAa;YAClE,OAAO;gBACL,MAAM,IAAI/D,cAAc,6BAA6BC,UAAUyC,cAAc;YAC/E;QACF;IACF;IAEA;;;;;GAKC,GACD,OAAOsB,YAAYhD,KAAa,EAAqB;QACnD,IAAI;YACF,OAAOnB,IAAIoE,MAAM,CAACjD;QACpB,EAAE,OAAOJ,OAAO;YACdb,OAAOa,KAAK,CAAC,yBAAyBA;YACtC,OAAO;QACT;IACF;AACF;AAEA;;CAEC,GACD,OAAO,MAAMsD;IACX,OAAeC,WAAW,IAAIC,MAAsD;IAEpF;;;;;;;GAOC,GACD,OAAOC,oBACLC,UAAkB,EAClBC,cAAsB,CAAC,EACvBC,WAAmB,KAAK,KAAK,KAAK,aAAa;IAAd,EACxB;QACT,MAAMC,MAAMC,KAAKD,GAAG;QACpB,MAAMN,WAAW,IAAI,CAACA,QAAQ,CAACQ,GAAG,CAACL;QAEnC,IAAI,CAACH,UAAU;YACb,IAAI,CAACA,QAAQ,CAACS,GAAG,CAACN,YAAY;gBAAEO,OAAO;gBAAGC,aAAaL;YAAI;YAC3D,OAAO;QACT;QAEA,8BAA8B;QAC9B,IAAIA,MAAMN,SAASW,WAAW,GAAGN,UAAU;YACzC,IAAI,CAACL,QAAQ,CAACS,GAAG,CAACN,YAAY;gBAAEO,OAAO;gBAAGC,aAAaL;YAAI;YAC3D,OAAO;QACT;QAEA,qBAAqB;QACrBN,SAASU,KAAK;QACdV,SAASW,WAAW,GAAGL;QAEvB,oBAAoB;QACpB,IAAIN,SAASU,KAAK,GAAGN,aAAa;YAChCxE,OAAOgF,IAAI,CAAC,CAAC,4BAA4B,EAAET,YAAY,EAAE;gBACvDA;gBACAH,UAAUA,SAASU,KAAK;gBACxBL;YACF;YACA,OAAO;QACT;QAEA,OAAO;IACT;IAEA;;;;GAIC,GACD,OAAOQ,cAAcV,UAAkB,EAAQ;QAC7C,IAAI,CAACH,QAAQ,CAACc,MAAM,CAACX;IACvB;AACF;AAEA,eAAe;IACbpE;IACA+B;IACAI;IACAkB;IACAW;AACF,EAAE"}