deepadb 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -2
- package/build/graphql-api.d.ts.map +1 -1
- package/build/graphql-api.js +5 -1
- package/build/graphql-api.js.map +1 -1
- package/build/http-transport.d.ts.map +1 -1
- package/build/http-transport.js +6 -2
- package/build/http-transport.js.map +1 -1
- package/build/index.js +33 -0
- package/build/index.js.map +1 -1
- package/build/middleware/auth.d.ts +43 -0
- package/build/middleware/auth.d.ts.map +1 -0
- package/build/middleware/auth.js +75 -0
- package/build/middleware/auth.js.map +1 -0
- package/build/ws-transport.d.ts.map +1 -1
- package/build/ws-transport.js +17 -1
- package/build/ws-transport.js.map +1 -1
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -520,6 +520,7 @@ All 41 tool modules receive a unified `ToolContext` dependency bundle containing
|
|
|
520
520
|
| `DA_REGISTRY_URL` | GitHub default | URL of the community plugin registry JSON manifest |
|
|
521
521
|
| `DA_HTTP_PORT` | (disabled) | Set to a port number to enable HTTP/SSE transport mode |
|
|
522
522
|
| `DA_HTTP_HOST` | `127.0.0.1` | Bind address for HTTP/SSE, WebSocket, and GraphQL servers |
|
|
523
|
+
| `DA_AUTH_TOKEN` | (none — open) | Bearer token for network transports. When set, all HTTP/SSE/WS/GraphQL requests require `Authorization: Bearer <token>` header. Health endpoints exempt. |
|
|
523
524
|
| `DA_HTTP_CORS_ORIGIN` | (none — deny) | Allowed CORS origin for HTTP/SSE |
|
|
524
525
|
| `DA_WS_PORT` | (disabled) | Set to a port number to enable WebSocket transport mode (requires `npm install ws`) |
|
|
525
526
|
| `DA_WS_CORS_ORIGIN` | (none — deny) | Allowed CORS origin for WebSocket health endpoint |
|
|
@@ -587,6 +588,7 @@ DeepADB/
|
|
|
587
588
|
│ │ ├── resources.ts # MCP Resources — device state surfaces (4 resources)
|
|
588
589
|
│ │ └── prompts.ts # MCP Prompts — workflow templates (4 prompts)
|
|
589
590
|
│ ├── middleware/
|
|
591
|
+
│ │ ├── auth.ts # Bearer token authentication for network transports (DA_AUTH_TOKEN)
|
|
590
592
|
│ │ ├── output-processor.ts # Contextual truncation, structured parsers, settledValue helper
|
|
591
593
|
│ │ ├── security.ts # Command filtering, rate limiting, audit logging with redaction
|
|
592
594
|
│ │ ├── sanitize.ts # Shell injection prevention — validateShellArg/validateShellArgs/shellEscape
|
|
@@ -601,6 +603,9 @@ DeepADB/
|
|
|
601
603
|
├── tsconfig.json
|
|
602
604
|
├── .gitignore
|
|
603
605
|
├── README.md
|
|
606
|
+
├── SECURITY.md # Threat model, security architecture, deployment hardening, vulnerability reporting
|
|
607
|
+
├── CHANGELOG.md # Version history from v0.1.0 to current
|
|
608
|
+
├── LICENSE # MIT license
|
|
604
609
|
├── tests/
|
|
605
610
|
│ ├── run-all.mjs # Run all test suites sequentially with summary (tracks skipped counts)
|
|
606
611
|
│ ├── test-hw.mjs # Hardware core: health, identity, baseband, thermal, profiles (26 tests)
|
|
@@ -622,8 +627,8 @@ DeepADB/
|
|
|
622
627
|
## Tech Stack
|
|
623
628
|
|
|
624
629
|
- **Runtime**: Node.js ≥22 (ES2024, ESM)
|
|
625
|
-
- **Language**: TypeScript
|
|
626
|
-
- **MCP SDK**: `@modelcontextprotocol/sdk` ^1.24.0 (
|
|
630
|
+
- **Language**: TypeScript 6.0 (strict mode, NodeNext module resolution)
|
|
631
|
+
- **MCP SDK**: `@modelcontextprotocol/sdk` ^1.24.0 (currently resolves to 1.29.0)
|
|
627
632
|
- **Validation**: Zod ^3.25.0
|
|
628
633
|
- **Transport**: stdio (JSON-RPC), HTTP/SSE, WebSocket (optional `ws`), GraphQL API (optional `graphql`)
|
|
629
634
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphql-api.d.ts","sourceRoot":"","sources":["../src/graphql-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"graphql-api.d.ts","sourceRoot":"","sources":["../src/graphql-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAGhD,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AA2JD;;;GAGG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,SAAS,EACjB,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,cAAc,EACvB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAwIf"}
|
package/build/graphql-api.js
CHANGED
|
@@ -21,6 +21,7 @@
|
|
|
21
21
|
* { devices { serial model androidVersion battery { level charging } } }
|
|
22
22
|
*/
|
|
23
23
|
import { createServer as createHttpServer } from "http";
|
|
24
|
+
import { checkAuth } from "./middleware/auth.js";
|
|
24
25
|
const SCHEMA_SDL = `
|
|
25
26
|
type Query {
|
|
26
27
|
devices: [Device!]!
|
|
@@ -213,7 +214,7 @@ export async function startGraphQLApi(bridge, deviceManager, options, logger) {
|
|
|
213
214
|
if (allowedOrigin) {
|
|
214
215
|
res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
|
|
215
216
|
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
|
|
216
|
-
res.setHeader("Access-Control-Allow-Headers", "Content-Type");
|
|
217
|
+
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
|
217
218
|
}
|
|
218
219
|
if (req.method === "OPTIONS") {
|
|
219
220
|
res.writeHead(204);
|
|
@@ -225,6 +226,9 @@ export async function startGraphQLApi(bridge, deviceManager, options, logger) {
|
|
|
225
226
|
res.end(JSON.stringify({ status: "ok", transport: "graphql", version: options.version ?? "unknown" }));
|
|
226
227
|
return;
|
|
227
228
|
}
|
|
229
|
+
// Bearer token auth — all endpoints below require valid token when DA_AUTH_TOKEN is set
|
|
230
|
+
if (!checkAuth(req, res))
|
|
231
|
+
return;
|
|
228
232
|
if (req.url?.startsWith("/graphql")) {
|
|
229
233
|
try {
|
|
230
234
|
let query = "";
|
package/build/graphql-api.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphql-api.js","sourceRoot":"","sources":["../src/graphql-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"graphql-api.js","sourceRoot":"","sources":["../src/graphql-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;AAIzF,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAQjD,MAAM,UAAU,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA0ClB,CAAC;AAEF,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;QACtD,IAAI,KAAK;YAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACvD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,cAAc,CAAC,OAAkB,EAAE,aAA4B;IACtE,OAAO;QACL,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,CAAC;YAClD,4EAA4E;YAC5E,MAAM,OAAO,GAAG,EAAE,CAAC;YACnB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,KAAK,GAA2B,EAAE,CAAC;gBACvC,IAAI,CAAC,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzB,IAAI,CAAC;wBAAC,KAAK,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;oBAAC,CAAC;oBAAC,MAAM,CAAC,CAAC,aAAa,CAAC,CAAC;gBACvF,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACvF,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,EAAE,MAAM,EAAuB,EAAE,EAAE;YAChD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClE,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QAC/F,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAiB,EAAE,cAA6B;IAC3E,OAAO;QACL,MAAM,EAAE;YACN,KAAK,EAAE,CAAC,MAA2D,EAAE,EAAE;gBACrE,OAAO,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,SAAS,CAAC;YACxD,CAAC;YACD,YAAY,EAAE,CAAC,MAA2D,EAAE,EAAE;gBAC5E,OAAO,MAAM,CAAC,MAAM,CAAC,yBAAyB,CAAC,IAAI,SAAS,CAAC;YAC/D,CAAC;YACD,cAAc,EAAE,CAAC,MAA2D,EAAE,EAAE;gBAC9E,OAAO,MAAM,CAAC,MAAM,CAAC,0BAA0B,CAAC,IAAI,SAAS,CAAC;YAChE,CAAC;YACD,QAAQ,EAAE,CAAC,MAA2D,EAAE,EAAE;gBACxE,OAAO,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YACzE,CAAC;YACD,aAAa,EAAE,CAAC,MAA2D,EAAE,EAAE;gBAC7E,OAAO,MAAM,CAAC,MAAM,CAAC,iCAAiC,CAAC,IAAI,SAAS,CAAC;YACvE,CAAC;YACD,OAAO,EAAE,CAAC,MAA2D,EAAE,EAAE;gBACvE,OAAO,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,IAAI,SAAS,CAAC;YAC3D,CAAC;YACD,GAAG,EAAE,CAAC,MAA2D,EAAE,EAAE;gBACnE,OAAO,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,SAAS,CAAC;YAC1D,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,MAA2D,EAAE,EAAE;gBAC7E,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;gBACjF,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBAC/C,OAAO;oBACL,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;oBAC3C,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,SAAS;oBACrC,QAAQ,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,KAAK,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC,KAAK,MAAM;oBACvI,WAAW,EAAE,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE;oBAC1D,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,GAAG,IAAI;oBACpD,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,SAAS;oBACrC,UAAU,EAAE,MAAM,CAAC,YAAY,CAAC,IAAI,SAAS;iBAC9C,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,MAA2D,EAAE,EAAE;gBAC7E,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;gBAC5B,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;oBACjF,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI;iBAC7C,CAAC,CAAC;gBACH,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBAC7D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;oBACrE,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI;iBAC7C,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAEpE,OAAO;oBACL,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,cAAc;oBACtD,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;oBACpC,QAAQ,EAAE,KAAK,CAAC,oBAAoB,CAAC,IAAI,SAAS;oBAClD,WAAW,EAAE,KAAK,CAAC,kBAAkB,CAAC,IAAI,SAAS;iBACpD,CAAC;YACJ,CAAC;YACD,UAAU,EAAE,CAAC,MAA2D,EAAE,EAAE,IAAI,EAAuB,EAAE,EAAE;gBACzG,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;gBAC5B,IAAI,IAAI,EAAE,CAAC;oBACT,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;gBAC9D,CAAC;gBACD,0EAA0E;gBAC1E,MAAM,cAAc,GAAG,GAAG,CAAC;gBAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;gBACtC,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;gBACzF,IAAI,OAAO,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;oBACpC,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,MAAM,GAAG,cAAc,uEAAuE,EAAE,CAAC,CAAC;gBACxJ,CAAC;gBACD,OAAO,OAAO,CAAC;YACjB,CAAC;SACF;KACF,CAAC;AACJ,CAAC;AAED,kEAAkE;AAClE,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,CAAC;AAEnC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,MAAiB,EACjB,aAA4B,EAC5B,OAAuB,EACvB,MAAc;IAEd,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IAEzC,kDAAkD;IAClD,IAAI,aAGH,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,SAAS,CAAC;QAC7B,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,UAAU,CAA4B,CAAC;QAC1F,aAAa,GAAG;YACd,WAAW,EAAE,CAAC,GAAG,CAAC,WAAW,IAAK,GAAG,CAAC,OAAmC,EAAE,WAAW,CAAqC;YAC3H,OAAO,EAAE,CAAC,GAAG,CAAC,OAAO,IAAK,GAAG,CAAC,OAAmC,EAAE,OAAO,CAAiC;SAC5G,CAAC;QACF,IAAI,CAAC,aAAa,CAAC,WAAW,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,KAAK,CACV,mDAAmD;YACnD,qCAAqC;YACrC,gDAAgD,CACjD,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;IAC3F,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,cAAc,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IACxD,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAElE,gEAAgE;IAChE,MAAM,aAAa,GAAG,CAAC,MAA+B,EAAE,KAAc,EAAE,QAAiB,EAAE,IAAyD,EAAE,EAAE;QACtJ,MAAM,aAAa,GAAI,cAA0D,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACxG,IAAI,aAAa,IAAI,OAAO,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,UAAU,EAAE,CAAC;YACzE,OAAQ,aAAa,CAAC,IAAI,CAAC,SAAS,CAAiD,CAAC,MAAM,EAAE,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC,CAAC;QAC1I,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,GAAoB,EAAE,GAAmB,EAAE,EAAE;QACtF,OAAO;QACP,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE,CAAC;QAC/D,IAAI,aAAa,EAAE,CAAC;YAClB,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAC;YAC5D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;YACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,6BAA6B,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACV,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAClD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC;YACvG,OAAO;QACT,CAAC;QAED,wFAAwF;QACxF,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;YAAE,OAAO;QAEjC,IAAI,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,IAAI,KAAK,GAAG,EAAE,CAAC;gBACf,IAAI,SAAS,GAA4B,EAAE,CAAC;gBAE5C,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBAC1B,MAAM,IAAI,GAAG,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;wBACzD,IAAI,IAAI,GAAG,EAAE,CAAC;wBACd,IAAI,KAAK,GAAG,CAAC,CAAC;wBACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAsB,EAAE,EAAE;4BACxC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;4BAC7E,IAAI,KAAK,GAAG,cAAc,EAAE,CAAC;gCAC3B,GAAG,CAAC,OAAO,EAAE,CAAC;gCACd,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,cAAc,aAAa,CAAC,CAAC,CAAC;gCACvE,OAAO;4BACT,CAAC;4BACD,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;wBAC3B,CAAC,CAAC,CAAC;wBACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;wBACnC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;oBAC1B,CAAC,CAAC,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAChC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC3B,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC;gBACrC,CAAC;qBAAM,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;oBAChC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC;oBAC/C,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;oBAC5C,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;oBACpD,IAAI,SAAS;wBAAE,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACnD,CAAC;gBAED,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;oBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBAChF,OAAO;gBACT,CAAC;gBAED,8DAA8D;gBAC9D,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC;oBACzC,MAAM;oBACN,MAAM,EAAE,KAAK;oBACb,SAAS;oBACT,cAAc,EAAE,SAAS;oBACzB,aAAa,EAAE,aAAoB;iBAC7B,CAAC,CAAC;gBAEV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAClC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACvG,CAAC;YACD,OAAO;QACT,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,6CAA6C,EAAE,CAAC,CAAC,CAAC;IACpF,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YAC7B,MAAM,CAAC,KAAK,CAAC,gCAAgC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5D,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,IAAI,CAAC,mCAAmC,IAAI,IAAI,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC;YAC/E,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,IAAI,OAAO,CAAC,IAAI,SAAS,CAAC,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http-transport.d.ts","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"http-transport.d.ts","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAGhD,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,oBAAoB,EAC7B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAoGf"}
|
package/build/http-transport.js
CHANGED
|
@@ -13,6 +13,7 @@
|
|
|
13
13
|
*/
|
|
14
14
|
import { createServer as createHttpServer } from "http";
|
|
15
15
|
import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
|
|
16
|
+
import { checkAuth } from "./middleware/auth.js";
|
|
16
17
|
/**
|
|
17
18
|
* Start an HTTP server that provides SSE-based MCP transport.
|
|
18
19
|
* Each SSE connection creates a new transport session.
|
|
@@ -27,7 +28,7 @@ export async function startHttpTransport(server, options, logger) {
|
|
|
27
28
|
if (allowedOrigin) {
|
|
28
29
|
res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
|
|
29
30
|
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
|
|
30
|
-
res.setHeader("Access-Control-Allow-Headers", "Content-Type");
|
|
31
|
+
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
|
31
32
|
}
|
|
32
33
|
if (req.method === "OPTIONS") {
|
|
33
34
|
res.writeHead(204);
|
|
@@ -35,12 +36,15 @@ export async function startHttpTransport(server, options, logger) {
|
|
|
35
36
|
return;
|
|
36
37
|
}
|
|
37
38
|
const url = new URL(req.url ?? "/", `http://${host}:${options.port}`);
|
|
38
|
-
// Health check
|
|
39
|
+
// Health check (unauthenticated — only returns status info)
|
|
39
40
|
if (url.pathname === "/health" && req.method === "GET") {
|
|
40
41
|
res.writeHead(200, { "Content-Type": "application/json" });
|
|
41
42
|
res.end(JSON.stringify({ status: "ok", transport: "sse", version: options.version ?? "unknown" }));
|
|
42
43
|
return;
|
|
43
44
|
}
|
|
45
|
+
// Bearer token auth — all endpoints below require valid token when DA_AUTH_TOKEN is set
|
|
46
|
+
if (!checkAuth(req, res))
|
|
47
|
+
return;
|
|
44
48
|
// SSE endpoint — client subscribes here
|
|
45
49
|
if (url.pathname === "/sse" && req.method === "GET") {
|
|
46
50
|
logger.info(`SSE client connected from ${req.socket.remoteAddress}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http-transport.js","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;AAEzF,OAAO,EAAE,kBAAkB,EAAE,MAAM,yCAAyC,CAAC;
|
|
1
|
+
{"version":3,"file":"http-transport.js","sourceRoot":"","sources":["../src/http-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;AAEzF,OAAO,EAAE,kBAAkB,EAAE,MAAM,yCAAyC,CAAC;AAE7E,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAQjD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAiB,EACjB,OAA6B,EAC7B,MAAc;IAEd,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IACzC,IAAI,eAAe,GAA8B,IAAI,CAAC;IAEtD,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,GAAoB,EAAE,GAAmB,EAAE,EAAE;QACtF,IAAI,CAAC;YACH,4EAA4E;YAC5E,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;YAC5D,IAAI,aAAa,EAAE,CAAC;gBAClB,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAC;gBAC5D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;gBACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,6BAA6B,CAAC,CAAC;YAC/E,CAAC;YAED,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;gBACV,OAAO;YACT,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,UAAU,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAEtE,4DAA4D;YAC5D,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACvD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC;gBACnG,OAAO;YACT,CAAC;YAED,wFAAwF;YACxF,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;gBAAE,OAAO;YAEjC,wCAAwC;YACxC,IAAI,GAAG,CAAC,QAAQ,KAAK,MAAM,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;gBACpD,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;gBAErE,wDAAwD;gBACxD,IAAI,eAAe,EAAE,CAAC;oBACpB,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;gBAC5D,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,kBAAkB,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;gBAC1D,eAAe,GAAG,SAAS,CAAC;gBAE5B,2CAA2C;gBAC3C,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;oBACnB,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;oBACxC,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;wBAClC,eAAe,GAAG,IAAI,CAAC;oBACzB,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,gDAAgD;YAChD,IAAI,GAAG,CAAC,QAAQ,KAAK,UAAU,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACzD,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;oBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,+CAA+C,EAAE,CAAC,CAAC,CAAC;oBACpF,OAAO;gBACT,CAAC;gBAED,MAAM,eAAe,CAAC,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;gBAClD,OAAO;YACT,CAAC;YAED,0BAA0B;YAC1B,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACrB,KAAK,EAAE,WAAW;gBAClB,SAAS,EAAE;oBACT,UAAU,EAAE,2BAA2B;oBACvC,eAAe,EAAE,mBAAmB;oBACpC,aAAa,EAAE,cAAc;iBAC9B;aACF,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,uBAAuB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAChF,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;gBACrB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YAC7B,MAAM,CAAC,KAAK,CAAC,mCAAmC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAC/D,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,IAAI,CAAC,0CAA0C,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,IAAI,OAAO,CAAC,IAAI,MAAM,CAAC,CAAC;YAClE,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,IAAI,OAAO,CAAC,IAAI,UAAU,CAAC,CAAC;YAC1E,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/build/index.js
CHANGED
|
@@ -16,6 +16,7 @@ import { startHttpTransport } from "./http-transport.js";
|
|
|
16
16
|
import { startWsTransport } from "./ws-transport.js";
|
|
17
17
|
import { startGraphQLApi } from "./graphql-api.js";
|
|
18
18
|
import { VERSION } from "./config/config.js";
|
|
19
|
+
import { isAuthEnabled } from "./middleware/auth.js";
|
|
19
20
|
async function main() {
|
|
20
21
|
const { server, logger, bridge, deviceManager } = await createServer();
|
|
21
22
|
/** Parse a port env var safely — returns null if unset, NaN, out of range, or negative. */
|
|
@@ -33,6 +34,38 @@ async function main() {
|
|
|
33
34
|
const httpHost = process.env.DA_HTTP_HOST ?? "127.0.0.1";
|
|
34
35
|
const wsPort = parsePort(process.env.DA_WS_PORT);
|
|
35
36
|
const graphqlPort = parsePort(process.env.DA_GRAPHQL_PORT);
|
|
37
|
+
// Warn when binding network transports to non-loopback addresses.
|
|
38
|
+
// This is the #2 most common MCP security finding (Backslash/AgentSeal research):
|
|
39
|
+
// servers exposed on 0.0.0.0 without authentication allow anyone on the network
|
|
40
|
+
// to execute tools, including shell commands, on the host machine.
|
|
41
|
+
const isLoopback = httpHost === "127.0.0.1" || httpHost === "localhost" || httpHost === "::1";
|
|
42
|
+
if (!isLoopback && (httpPort || wsPort || graphqlPort) && !isAuthEnabled()) {
|
|
43
|
+
console.error("╔══════════════════════════════════════════════════════════════╗");
|
|
44
|
+
console.error("║ ⚠ WARNING: Network-exposed transport without authentication ║");
|
|
45
|
+
console.error("╠══════════════════════════════════════════════════════════════╣");
|
|
46
|
+
console.error(`║ Binding to ${httpHost} — accessible to other machines on the network.`);
|
|
47
|
+
console.error("║ DeepADB provides shell execution, file access, and root commands.");
|
|
48
|
+
console.error("║ Anyone who can reach this port can execute tools without auth.");
|
|
49
|
+
console.error("║ ║");
|
|
50
|
+
console.error("║ Recommendations: ║");
|
|
51
|
+
console.error("║ • Set a bearer token: DA_AUTH_TOKEN=your-secret-token ║");
|
|
52
|
+
console.error("║ • Enable security middleware: DA_SECURITY=true ║");
|
|
53
|
+
console.error("║ • Set an allowlist: DA_ALLOWED_COMMANDS=dumpsys,getprop,... ║");
|
|
54
|
+
console.error("║ • Restrict CORS: DA_HTTP_CORS_ORIGIN=https://your-app.example ║");
|
|
55
|
+
console.error("║ • Use a reverse proxy with HTTPS in front of DeepADB ║");
|
|
56
|
+
console.error("║ ║");
|
|
57
|
+
console.error("║ See SECURITY.md for deployment guidance. ║");
|
|
58
|
+
console.error("╚══════════════════════════════════════════════════════════════╝");
|
|
59
|
+
}
|
|
60
|
+
// Log auth status for network transports
|
|
61
|
+
if (httpPort || wsPort || graphqlPort) {
|
|
62
|
+
if (isAuthEnabled()) {
|
|
63
|
+
console.error("[DeepADB] Bearer token authentication enabled (DA_AUTH_TOKEN set)");
|
|
64
|
+
}
|
|
65
|
+
else if (!isLoopback) {
|
|
66
|
+
console.error("[DeepADB] ⚠ No authentication configured. Set DA_AUTH_TOKEN for bearer token auth.");
|
|
67
|
+
}
|
|
68
|
+
}
|
|
36
69
|
// GraphQL API runs independently alongside any transport mode
|
|
37
70
|
if (graphqlPort) {
|
|
38
71
|
try {
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,KAAK,UAAU,IAAI;IACjB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,YAAY,EAAE,CAAC;IAEvE,2FAA2F;IAC3F,SAAS,SAAS,CAAC,MAA0B;QAC3C,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAClC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;YAC5C,OAAO,CAAC,KAAK,CAAC,2BAA2B,MAAM,gCAAgC,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,WAAW,CAAC;IACzD,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAE3D,kEAAkE;IAClE,kFAAkF;IAClF,gFAAgF;IAChF,mEAAmE;IACnE,MAAM,UAAU,GAAG,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,KAAK,CAAC;IAC9F,IAAI,CAAC,UAAU,IAAI,CAAC,QAAQ,IAAI,MAAM,IAAI,WAAW,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QAC3E,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;QAClF,OAAO,CAAC,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACpF,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;QAClF,OAAO,CAAC,KAAK,CAAC,iBAAiB,QAAQ,iDAAiD,CAAC,CAAC;QAC1F,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACnF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;QACvF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;IACpF,CAAC;IAED,yCAAyC;IACzC,IAAI,QAAQ,IAAI,MAAM,IAAI,WAAW,EAAE,CAAC;QACtC,IAAI,aAAa,EAAE,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACrF,CAAC;aAAM,IAAI,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,CAAC,KAAK,CAAC,oFAAoF,CAAC,CAAC;QACtG,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,IAAI,WAAW,EAAE,CAAC;QAChB,IAAI,CAAC;YACH,MAAM,eAAe,CAAC,MAAM,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;YAC9G,OAAO,CAAC,KAAK,CAAC,2CAA2C,QAAQ,IAAI,WAAW,UAAU,CAAC,CAAC;QAC9F,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACtG,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,oCAAoC;QACpC,MAAM,kBAAkB,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;QAC/F,OAAO,CAAC,KAAK,CAAC,kDAAkD,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC;IAC1F,CAAC;SAAM,IAAI,MAAM,EAAE,CAAC;QAClB,6CAA6C;QAC7C,MAAM,gBAAgB,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;QAC3F,OAAO,CAAC,KAAK,CAAC,iDAAiD,QAAQ,IAAI,MAAM,KAAK,CAAC,CAAC;IAC1F,CAAC;SAAM,CAAC;QACN,sBAAsB;QACtB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;IACvF,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;IAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Bearer Token Authentication — Optional auth layer for network transports.
|
|
3
|
+
*
|
|
4
|
+
* When DA_AUTH_TOKEN is set, all HTTP/SSE/WebSocket/GraphQL requests must
|
|
5
|
+
* include an Authorization header with the matching bearer token.
|
|
6
|
+
* Health check endpoints are exempt (they only return status info).
|
|
7
|
+
*
|
|
8
|
+
* When DA_AUTH_TOKEN is not set, all requests pass through (backwards compatible).
|
|
9
|
+
*
|
|
10
|
+
* Usage:
|
|
11
|
+
* import { checkAuth, isAuthEnabled } from "./middleware/auth.js";
|
|
12
|
+
* import { hasValidToken } from "./middleware/auth.js"; // for WebSocket upgrades
|
|
13
|
+
*
|
|
14
|
+
* // In HTTP request handler:
|
|
15
|
+
* if (!checkAuth(req, res)) return; // Returns false and sends 401 if unauthorized
|
|
16
|
+
*
|
|
17
|
+
* // In WebSocket connection handler:
|
|
18
|
+
* if (!hasValidToken(req)) { ws.close(4401, "Unauthorized"); return; }
|
|
19
|
+
*/
|
|
20
|
+
import { IncomingMessage, ServerResponse } from "http";
|
|
21
|
+
/** Whether token auth is enabled. */
|
|
22
|
+
export declare function isAuthEnabled(): boolean;
|
|
23
|
+
/**
|
|
24
|
+
* Check bearer token authentication on an incoming HTTP request.
|
|
25
|
+
*
|
|
26
|
+
* - If DA_AUTH_TOKEN is not set, always returns true (auth disabled).
|
|
27
|
+
* - If DA_AUTH_TOKEN is set, checks the Authorization header for a matching
|
|
28
|
+
* Bearer token. Returns true if valid, sends 401 and returns false if not.
|
|
29
|
+
*
|
|
30
|
+
* @param req Incoming HTTP request
|
|
31
|
+
* @param res Server response (used to send 401 if unauthorized)
|
|
32
|
+
* @returns true if the request is authorized, false if 401 was sent
|
|
33
|
+
*/
|
|
34
|
+
export declare function checkAuth(req: IncomingMessage, res: ServerResponse): boolean;
|
|
35
|
+
/**
|
|
36
|
+
* Check bearer token from request headers without sending a response.
|
|
37
|
+
* Useful for WebSocket upgrade requests where the HTTP response is unavailable.
|
|
38
|
+
*
|
|
39
|
+
* @param req Incoming HTTP request (or upgrade request)
|
|
40
|
+
* @returns true if auth is disabled or token is valid
|
|
41
|
+
*/
|
|
42
|
+
export declare function hasValidToken(req: IncomingMessage): boolean;
|
|
43
|
+
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AASvD,qCAAqC;AACrC,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAY5E;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,eAAe,GAAG,OAAO,CAc3D"}
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Bearer Token Authentication — Optional auth layer for network transports.
|
|
3
|
+
*
|
|
4
|
+
* When DA_AUTH_TOKEN is set, all HTTP/SSE/WebSocket/GraphQL requests must
|
|
5
|
+
* include an Authorization header with the matching bearer token.
|
|
6
|
+
* Health check endpoints are exempt (they only return status info).
|
|
7
|
+
*
|
|
8
|
+
* When DA_AUTH_TOKEN is not set, all requests pass through (backwards compatible).
|
|
9
|
+
*
|
|
10
|
+
* Usage:
|
|
11
|
+
* import { checkAuth, isAuthEnabled } from "./middleware/auth.js";
|
|
12
|
+
* import { hasValidToken } from "./middleware/auth.js"; // for WebSocket upgrades
|
|
13
|
+
*
|
|
14
|
+
* // In HTTP request handler:
|
|
15
|
+
* if (!checkAuth(req, res)) return; // Returns false and sends 401 if unauthorized
|
|
16
|
+
*
|
|
17
|
+
* // In WebSocket connection handler:
|
|
18
|
+
* if (!hasValidToken(req)) { ws.close(4401, "Unauthorized"); return; }
|
|
19
|
+
*/
|
|
20
|
+
import { timingSafeEqual } from "crypto";
|
|
21
|
+
/** The configured auth token, or empty string if auth is disabled. */
|
|
22
|
+
const AUTH_TOKEN = process.env.DA_AUTH_TOKEN ?? "";
|
|
23
|
+
/** Pre-computed buffer for constant-time comparison (avoids re-allocation per request). */
|
|
24
|
+
const AUTH_TOKEN_BUF = Buffer.from(AUTH_TOKEN);
|
|
25
|
+
/** Whether token auth is enabled. */
|
|
26
|
+
export function isAuthEnabled() {
|
|
27
|
+
return AUTH_TOKEN.length > 0;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Check bearer token authentication on an incoming HTTP request.
|
|
31
|
+
*
|
|
32
|
+
* - If DA_AUTH_TOKEN is not set, always returns true (auth disabled).
|
|
33
|
+
* - If DA_AUTH_TOKEN is set, checks the Authorization header for a matching
|
|
34
|
+
* Bearer token. Returns true if valid, sends 401 and returns false if not.
|
|
35
|
+
*
|
|
36
|
+
* @param req Incoming HTTP request
|
|
37
|
+
* @param res Server response (used to send 401 if unauthorized)
|
|
38
|
+
* @returns true if the request is authorized, false if 401 was sent
|
|
39
|
+
*/
|
|
40
|
+
export function checkAuth(req, res) {
|
|
41
|
+
if (!AUTH_TOKEN)
|
|
42
|
+
return true;
|
|
43
|
+
if (hasValidToken(req))
|
|
44
|
+
return true;
|
|
45
|
+
// Unauthorized — send 401
|
|
46
|
+
res.writeHead(401, {
|
|
47
|
+
"Content-Type": "application/json",
|
|
48
|
+
"WWW-Authenticate": "Bearer",
|
|
49
|
+
});
|
|
50
|
+
res.end(JSON.stringify({ error: "Unauthorized. Set Authorization: Bearer <token> header." }));
|
|
51
|
+
return false;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Check bearer token from request headers without sending a response.
|
|
55
|
+
* Useful for WebSocket upgrade requests where the HTTP response is unavailable.
|
|
56
|
+
*
|
|
57
|
+
* @param req Incoming HTTP request (or upgrade request)
|
|
58
|
+
* @returns true if auth is disabled or token is valid
|
|
59
|
+
*/
|
|
60
|
+
export function hasValidToken(req) {
|
|
61
|
+
if (!AUTH_TOKEN)
|
|
62
|
+
return true;
|
|
63
|
+
const authHeader = req.headers.authorization ?? "";
|
|
64
|
+
const match = authHeader.match(/^Bearer\s+(.+)$/i);
|
|
65
|
+
const token = match?.[1] ?? "";
|
|
66
|
+
// Constant-time comparison to prevent timing-based side-channel attacks.
|
|
67
|
+
// Compare buffer byte lengths (not string char lengths) to handle multi-byte
|
|
68
|
+
// UTF-8 tokens correctly — string length can match while byte lengths differ,
|
|
69
|
+
// which would cause timingSafeEqual to throw.
|
|
70
|
+
const tokenBuf = Buffer.from(token);
|
|
71
|
+
if (tokenBuf.length !== AUTH_TOKEN_BUF.length)
|
|
72
|
+
return false;
|
|
73
|
+
return timingSafeEqual(tokenBuf, AUTH_TOKEN_BUF);
|
|
74
|
+
}
|
|
75
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAC;AAEzC,sEAAsE;AACtE,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC;AAEnD,2FAA2F;AAC3F,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAE/C,qCAAqC;AACrC,MAAM,UAAU,aAAa;IAC3B,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,SAAS,CAAC,GAAoB,EAAE,GAAmB;IACjE,IAAI,CAAC,UAAU;QAAE,OAAO,IAAI,CAAC;IAE7B,IAAI,aAAa,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpC,0BAA0B;IAC1B,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,cAAc,EAAE,kBAAkB;QAClC,kBAAkB,EAAE,QAAQ;KAC7B,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,yDAAyD,EAAE,CAAC,CAAC,CAAC;IAC9F,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAAC,GAAoB;IAChD,IAAI,CAAC,UAAU;QAAE,OAAO,IAAI,CAAC;IAE7B,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC;IACnD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAE/B,yEAAyE;IACzE,6EAA6E;IAC7E,8EAA8E;IAC9E,8CAA8C;IAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,QAAQ,CAAC,MAAM,KAAK,cAAc,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC5D,OAAO,eAAe,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;AACnD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ws-transport.d.ts","sourceRoot":"","sources":["../src/ws-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"ws-transport.d.ts","sourceRoot":"","sources":["../src/ws-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAahD,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAoDD;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,kBAAkB,EAC3B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAkGf"}
|
package/build/ws-transport.js
CHANGED
|
@@ -16,6 +16,7 @@
|
|
|
16
16
|
* GET /health — HTTP health check (always available)
|
|
17
17
|
*/
|
|
18
18
|
import { createServer as createHttpServer } from "http";
|
|
19
|
+
import { hasValidToken } from "./middleware/auth.js";
|
|
19
20
|
/**
|
|
20
21
|
* Minimal WebSocket transport that bridges the `ws` WebSocket library
|
|
21
22
|
* to the MCP SDK's Transport interface.
|
|
@@ -89,6 +90,13 @@ export async function startWsTransport(server, options, logger) {
|
|
|
89
90
|
const allowedOrigin = process.env.DA_WS_CORS_ORIGIN ?? "";
|
|
90
91
|
if (allowedOrigin) {
|
|
91
92
|
res.setHeader("Access-Control-Allow-Origin", allowedOrigin);
|
|
93
|
+
res.setHeader("Access-Control-Allow-Methods", "GET, OPTIONS");
|
|
94
|
+
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
|
95
|
+
}
|
|
96
|
+
if (req.method === "OPTIONS") {
|
|
97
|
+
res.writeHead(204);
|
|
98
|
+
res.end();
|
|
99
|
+
return;
|
|
92
100
|
}
|
|
93
101
|
if (req.url === "/health" && req.method === "GET") {
|
|
94
102
|
res.writeHead(200, { "Content-Type": "application/json" });
|
|
@@ -102,7 +110,15 @@ export async function startWsTransport(server, options, logger) {
|
|
|
102
110
|
const WssConstructor = WebSocketServer;
|
|
103
111
|
const wss = new WssConstructor({ server: httpServer, path: "/ws" });
|
|
104
112
|
wss.on("connection", async (ws, req) => {
|
|
105
|
-
const
|
|
113
|
+
const incomingReq = req;
|
|
114
|
+
const remoteAddr = incomingReq.socket.remoteAddress;
|
|
115
|
+
// Bearer token auth — reject unauthorized WebSocket connections immediately
|
|
116
|
+
if (!hasValidToken(incomingReq)) {
|
|
117
|
+
logger.warn(`WebSocket connection rejected (unauthorized) from ${remoteAddr}`);
|
|
118
|
+
const socket = ws;
|
|
119
|
+
socket.close(4401, "Unauthorized");
|
|
120
|
+
return;
|
|
121
|
+
}
|
|
106
122
|
logger.info(`WebSocket client connected from ${remoteAddr}`);
|
|
107
123
|
const transport = new WebSocketMcpTransport(ws);
|
|
108
124
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ws-transport.js","sourceRoot":"","sources":["../src/ws-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"ws-transport.js","sourceRoot":"","sources":["../src/ws-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAmC,MAAM,MAAM,CAAC;AAGzF,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAkBrD;;;GAGG;AACH,MAAM,qBAAqB;IACjB,EAAE,CAAU,CAAC,uCAAuC;IAC5D,OAAO,CAAc;IACrB,OAAO,CAA0B;IACjC,SAAS,CAA8B;IAEvC,YAAY,EAAW;QACrB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,EAA4E,CAAC;QAE5F,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,IAAa,EAAE,EAAE;YACrC,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAE,IAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAClF,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACjC,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,CAAC,OAAO,EAAE,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACtB,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;QACnB,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAY,EAAE,EAAE;YAClC,IAAI,CAAC,OAAO,EAAE,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK;QACT,kCAAkC;IACpC,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,MAAM,GAAG,IAAI,CAAC,EAA2B,CAAC;QAChD,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAgB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,EAA0D,CAAC;QAC/E,IAAI,MAAM,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO;YACpC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,MAAiB,EACjB,OAA2B,EAC3B,MAAc;IAEd,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IAEzC,8CAA8C;IAC9C,kFAAkF;IAClF,IAAI,eAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,IAAI,CAAC;QAC1B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,YAAY,CAA4B,CAAC;QACjG,eAAe,GAAG,QAAQ,CAAC,eAAe,IAAK,QAAQ,CAAC,OAAmC,EAAE,eAAe,CAAC;QAC7G,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,KAAK,CACV,sDAAsD;YACtD,gCAAgC;YAChC,kDAAkD;YAClD,2CAA2C,CAC5C,CAAC;QACF,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;IACjF,CAAC;IAED,+CAA+C;IAC/C,MAAM,UAAU,GAAG,gBAAgB,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;QAChF,OAAO;QACP,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,EAAE,CAAC;QAC1D,IAAI,aAAa,EAAE,CAAC;YAClB,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAC;YAC5D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,cAAc,CAAC,CAAC;YAC9D,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,6BAA6B,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACV,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAClD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC;YACzG,OAAO;QACT,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,6DAA6D,EAAE,CAAC,CAAC,CAAC;IACpG,CAAC,CAAC,CAAC;IAEH,sDAAsD;IACtD,MAAM,cAAc,GAAG,eAEtB,CAAC;IAEF,MAAM,GAAG,GAAG,IAAI,cAAc,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAEpE,GAAG,CAAC,EAAE,CAAC,YAAY,EAAE,KAAK,EAAE,EAAW,EAAE,GAAY,EAAE,EAAE;QACvD,MAAM,WAAW,GAAG,GAAsB,CAAC;QAC3C,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC;QAEpD,4EAA4E;QAC5E,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,qDAAqD,UAAU,EAAE,CAAC,CAAC;YAC/E,MAAM,MAAM,GAAG,EAAuD,CAAC;YACvE,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;YACnC,OAAO;QACT,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,mCAAmC,UAAU,EAAE,CAAC,CAAC;QAE7D,MAAM,SAAS,GAAG,IAAI,qBAAqB,CAAC,EAAE,CAAC,CAAC;QAEhD,IAAI,CAAC;YACH,wFAAwF;YACxF,8DAA8D;YAC9D,MAAM,MAAM,CAAC,OAAO,CAAC,SAAgB,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,yCAAyC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,MAAM,GAAG,EAA0D,CAAC;QAC1E,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YACtB,MAAM,CAAC,IAAI,CAAC,kCAAkC,UAAU,EAAE,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YAC7B,MAAM,CAAC,KAAK,CAAC,wCAAwC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YACpE,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,IAAI,CAAC,yCAAyC,IAAI,IAAI,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC;YAChF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,IAAI,OAAO,CAAC,IAAI,SAAS,CAAC,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "deepadb",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.5",
|
|
4
4
|
"description": "DeepADB — the deepest Android Debug Bridge MCP server. 147 tools across 41 modules for device inspection from UI to baseband.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -32,7 +32,7 @@
|
|
|
32
32
|
"zod": "^3.25.0"
|
|
33
33
|
},
|
|
34
34
|
"devDependencies": {
|
|
35
|
-
"@types/node": "^
|
|
36
|
-
"typescript": "^
|
|
35
|
+
"@types/node": "^25.5.0",
|
|
36
|
+
"typescript": "^6.0.2"
|
|
37
37
|
}
|
|
38
38
|
}
|