fa-mcp-sdk 0.2.146 → 0.2.182

package/dist/core/ad/group-checker.js

@@ -0,0 +1,86 @@
+import { GroupChecker } from 'af-ad-ts';
+import { appConfig } from '../bootstrap/init-config.js';
+import { logger } from '../logger.js';
+/**
+ * Derives baseDn from LDAP controller URL.
+ * Example: 'ldap://dc1.corp.company.com' -> 'DC=corp,DC=company,DC=com'
+ */
+function deriveBaseDnFromController(controllerUrl) {
+    const url = controllerUrl.replace(/^ldaps?:\/\//, '');
+    const parts = url.split('.').reverse().slice(0, 3).reverse();
+    return parts.map((v) => `DC=${v}`).join(',');
+}
+function getDefaultDomain() {
+    const domains = appConfig.ad?.domains;
+    if (!domains) {
+        return undefined;
+    }
+    for (const [name, config] of Object.entries(domains)) {
+        if (config.default) {
+            return { name, config };
+        }
+    }
+    const names = Object.keys(domains);
+    return names.length > 0 ? { name: names[0], config: domains[names[0]] } : undefined;
+}
+function validateConfig(config, domain) {
+    const missing = [];
+    if (!config.controllers?.length) {
+        missing.push(`ad.domains.${domain}.controllers`);
+    }
+    if (!config.username) {
+        missing.push(`ad.domains.${domain}.username`);
+    }
+    if (!config.password) {
+        missing.push(`ad.domains.${domain}.password`);
+    }
+    return missing;
+}
+let cachedDefaultDomain;
+/**
+ * Initializes AD Group Checker for checking user membership in AD groups.
+ * @param domainName - Optional domain name. Uses default domain if not specified.
+ * @throws Error if AD configuration is missing or incomplete
+ */
+export function initADGroupChecker(domainName) {
+    let domainConfig;
+    let resolvedDomainName;
+    if (domainName) {
+        domainConfig = appConfig.ad?.domains?.[domainName];
+        resolvedDomainName = domainName;
+        if (!domainConfig) {
+            const available = Object.keys(appConfig.ad?.domains || {}).join(', ') || 'none';
+            throw new Error(`AD domain "${domainName}" not found. Available: ${available}`);
+        }
+    }
+    else {
+        cachedDefaultDomain = cachedDefaultDomain || getDefaultDomain();
+        if (!cachedDefaultDomain) {
+            throw new Error('No AD domains configured in ad.domains');
+        }
+        domainConfig = cachedDefaultDomain.config;
+        resolvedDomainName = cachedDefaultDomain.name;
+    }
+    const missing = validateConfig(domainConfig, resolvedDomainName);
+    if (missing.length > 0) {
+        throw new Error(`Incomplete AD config for "${resolvedDomainName}". Missing: ${missing.join(', ')}`);
+    }
+    const controllerUrl = domainConfig.controllers[0];
+    const baseDn = domainConfig.baseDn || deriveBaseDnFromController(controllerUrl);
+    const groupCheckerConfig = {
+        url: controllerUrl,
+        bindDN: domainConfig.username,
+        bindPassword: domainConfig.password,
+        baseDn,
+        ...(appConfig.ad.groupCacheTtlMs !== undefined && { cacheTtlMs: appConfig.ad.groupCacheTtlMs }),
+        ...(appConfig.ad.dnCacheTtlMs !== undefined && { dnCacheTtlMs: appConfig.ad.dnCacheTtlMs }),
+    };
+    const groupChecker = new GroupChecker(groupCheckerConfig);
+    logger.info(`AD Group Checker initialized for "${resolvedDomainName}" (${controllerUrl}, baseDn: ${baseDn})`);
+    return {
+        isUserInGroup: (userSam, groupSam) => groupChecker.isUserInGroup(userSam, groupSam),
+        groupChecker,
+        domainName: resolvedDomainName,
+    };
+}
+//# sourceMappingURL=group-checker.js.map

package/dist/core/ad/group-checker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"group-checker.js","sourceRoot":"","sources":["../../../src/core/ad/group-checker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAuB,MAAM,UAAU,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAExD,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAQtC;;;GAGG;AACH,SAAS,0BAA0B,CAAE,aAAqB;IACxD,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC7D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,gBAAgB;IACvB,MAAM,OAAO,GAAG,SAAS,CAAC,EAAE,EAAE,OAAO,CAAC;IACtC,IAAI,CAAC,OAAO,EAAE,CAAC;QAAA,OAAO,SAAS,CAAC;IAAA,CAAC;IAEjC,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QAAA,CAAC;IAChD,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAE,EAAE,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAE,CAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACzF,CAAC;AAED,SAAS,cAAc,CAAE,MAAiB,EAAE,MAAc;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;QAAA,OAAO,CAAC,IAAI,CAAC,cAAc,MAAM,cAAc,CAAC,CAAC;IAAA,CAAC;IACpF,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAAA,OAAO,CAAC,IAAI,CAAC,cAAc,MAAM,WAAW,CAAC,CAAC;IAAA,CAAC;IACtE,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QAAA,OAAO,CAAC,IAAI,CAAC,cAAc,MAAM,WAAW,CAAC,CAAC;IAAA,CAAC;IACtE,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,IAAI,mBAAoE,CAAC;AAEzE;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAE,UAAmB;IACrD,IAAI,YAAmC,CAAC;IACxC,IAAI,kBAA0B,CAAC;IAE/B,IAAI,UAAU,EAAE,CAAC;QACf,YAAY,GAAG,SAAS,CAAC,EAAE,EAAE,OAAO,EAAE,CAAC,UAAU,CAAC,CAAC;QACnD,kBAAkB,GAAG,UAAU,CAAC;QAChC,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC;YAChF,MAAM,IAAI,KAAK,CAAC,cAAc,UAAU,2BAA2B,SAAS,EAAE,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;SAAM,CAAC;QACN,mBAAmB,GAAG,mBAAmB,IAAI,gBAAgB,EAAE,CAAC;QAChE,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,YAAY,GAAG,mBAAmB,CAAC,MAAM,CAAC;QAC1C,kBAAkB,GAAG,mBAAmB,CAAC,IAAI,CAAC;IAChD,CAAC;IAED,MAAM,OAAO,GAAG,cAAc,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC;IACjE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,6BAA6B,kBAAkB,eAAe,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtG,CAAC;IAED,MAAM,aAAa,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC,CAAE,CAAC;IACnD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,IAAI,0BAA0B,CAAC,aAAa,CAAC,CAAC;IAEhF,MAAM,kBAAkB,GAAwB;QAC9C,GAAG,EAAE,aAAa;QAClB,MAAM,EAAE,YAAY,CAAC,QAAQ;QAC7B,YAAY,EAAE,YAAY,CAAC,QAAQ;QACnC,MAAM;QACN,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,eAAe,KAAK,SAAS,IAAI,EAAE,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC;QAC/F,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,SAAS,CAAC,EAAE,CAAC,YAAY,EAAE,CAAC;KAC5F,CAAC;IAEF,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,kBAAkB,CAAC,CAAC;IAC1D,MAAM,CAAC,IAAI,CAAC,qCAAqC,kBAAkB,MAAM,aAAa,aAAa,MAAM,GAAG,CAAC,CAAC;IAE9G,OAAO;QACL,aAAa,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC;QACnF,YAAY;QACZ,UAAU,EAAE,kBAAkB;KAC/B,CAAC;AACJ,CAAC"}

package/dist/core/auth/admin-auth.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Admin panel authentication middleware
+ * Supports 4 authentication types: permanentServerTokens, basic, jwtToken, ntlm
+ */
+import { RequestHandler } from 'express';
+export type AdminAuthType = 'permanentServerTokens' | 'basic' | 'jwtToken' | 'ntlm';
+/**
+ * Validates admin auth configuration
+ * Returns error message if configuration is invalid, null if valid
+ */
+export declare function validateAdminAuthConfig(): string | null;
+/**
+ * Creates admin authentication middleware based on adminAuth.type config
+ */
+export declare function createAdminAuthMW(): RequestHandler[];
+//# sourceMappingURL=admin-auth.d.ts.map

package/dist/core/auth/admin-auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-auth.d.ts","sourceRoot":"","sources":["../../../src/core/auth/admin-auth.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAmC,cAAc,EAAE,MAAM,SAAS,CAAC;AAa1E,MAAM,MAAM,aAAa,GAAG,uBAAuB,GAAG,OAAO,GAAG,UAAU,GAAG,MAAM,CAAC;AAGpF;;;GAGG;AACH,wBAAgB,uBAAuB,IAAK,MAAM,GAAG,IAAI,CA8CxD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAK,cAAc,EAAE,CA0FrD"}

package/dist/core/auth/admin-auth.js

@@ -0,0 +1,159 @@
+/**
+ * Admin panel authentication middleware
+ * Supports 4 authentication types: permanentServerTokens, basic, jwtToken, ntlm
+ */
+import chalk from 'chalk';
+import { appConfig } from '../bootstrap/init-config.js';
+import { logger as lgr } from '../logger.js';
+import { checkPermanentToken } from './permanent.js';
+import { checkJwtToken } from './jwt.js';
+import { getTokenFromHttpHeader } from './multi-auth.js';
+import { setupNTLMAuthentication } from './token-generator/ntlm/ntlm-integration.js';
+import { isNTLMEnabled } from './token-generator/ntlm/ntlm-domain-config.js';
+import { checkBasicAuth } from './basic.js';
+const logger = lgr.getSubLogger({ name: chalk.yellow('admin-auth') });
+const { adminAuth, auth } = appConfig.webServer || {};
+/**
+ * Validates admin auth configuration
+ * Returns error message if configuration is invalid, null if valid
+ */
+export function validateAdminAuthConfig() {
+    if (!adminAuth?.enabled) {
+        return null; // Disabled, no validation needed
+    }
+    const authType = adminAuth.type;
+    switch (authType) {
+        case 'permanentServerTokens': {
+            const tokens = auth?.permanentServerTokens;
+            if (!Array.isArray(tokens) || !tokens.filter(Boolean).length) {
+                return 'adminAuth type is "permanentServerTokens" but no tokens are configured in webServer.auth.permanentServerTokens';
+            }
+            break;
+        }
+        case 'basic': {
+            const basic = auth?.basic;
+            if (!basic?.username || !basic?.password) {
+                return 'adminAuth type is "basic" but username or password is missing in webServer.auth.basic';
+            }
+            break;
+        }
+        case 'jwtToken': {
+            const jwt = auth?.jwtToken;
+            if (!jwt?.encryptKey || jwt.encryptKey.length < 8) {
+                return 'adminAuth type is "jwtToken" but encryptKey is missing or too short in webServer.auth.jwtToken';
+            }
+            break;
+        }
+        case 'ntlm': {
+            // NTLM doesn't require credentials in webServer.auth, just AD config
+            // The isNTLMEnabled function checks for AD configuration
+            if (!isNTLMEnabled) {
+                return 'adminAuth type is "ntlm" but no AD configuration found (ad.domains is empty or missing)';
+            }
+            break;
+        }
+        default:
+            return `Unknown adminAuth type: ${authType}. Valid types: permanentServerTokens, basic, jwtToken, ntlm`;
+    }
+    return null;
+}
+/**
+ * Creates admin authentication middleware based on adminAuth.type config
+ */
+export function createAdminAuthMW() {
+    // If admin auth is disabled, return pass-through middleware
+    if (!adminAuth?.enabled) {
+        logger.info('Admin authentication is DISABLED');
+        return [(req, res, next) => {
+                // Set anonymous user info for compatibility
+                req.ntlm = {
+                    isAuthenticated: false,
+                    username: 'Anonymous',
+                    domain: 'NoAuth',
+                };
+                next();
+            }];
+    }
+    const authType = adminAuth.type;
+    logger.info(`Admin authentication enabled with type: ${authType}`);
+    // For NTLM, use existing NTLM middleware
+    if (authType === 'ntlm') {
+        return setupNTLMAuthentication();
+    }
+    // For other auth types, create standard middleware
+    return [
+        (req, res, next) => {
+            // Set default NTLM info for compatibility with token-generator templates
+            req.ntlm = {
+                isAuthenticated: false,
+                username: 'Unknown',
+                domain: 'Unknown',
+            };
+            const { scheme, credentials } = getTokenFromHttpHeader(req);
+            // If no credentials provided, request authentication
+            if (!credentials) {
+                return sendAuthRequired(res, authType);
+            }
+            let authResult;
+            switch (authType) {
+                case 'permanentServerTokens': {
+                    const result = checkPermanentToken(credentials);
+                    authResult = result.errorReason
+                        ? { success: false, error: result.errorReason }
+                        : { success: true, username: 'ServerToken' };
+                    break;
+                }
+                case 'basic': {
+                    if (scheme !== 'basic') {
+                        return sendAuthRequired(res, authType, 'Basic authentication required');
+                    }
+                    authResult = checkBasicAuth(credentials);
+                    break;
+                }
+                case 'jwtToken': {
+                    const result = checkJwtToken({ token: credentials });
+                    authResult = result.errorReason
+                        ? { success: false, error: result.errorReason }
+                        : { success: true, username: result.payload?.user || 'JWT User', payload: result.payload };
+                    break;
+                }
+                default:
+                    authResult = { success: false, error: `Unknown auth type: ${authType}` };
+            }
+            if (!authResult.success) {
+                logger.debug(`Admin auth failed: ${authResult.error}`);
+                return sendAuthRequired(res, authType, authResult.error);
+            }
+            // Set authenticated user info
+            req.ntlm = {
+                isAuthenticated: true,
+                username: authResult.username || 'Authenticated',
+                domain: authType,
+            };
+            if (authResult.payload) {
+                req.authPayload = authResult.payload;
+            }
+            next();
+        },
+    ];
+}
+/**
+ * Send authentication required response
+ */
+function sendAuthRequired(res, authType, message) {
+    const errorMessage = message || 'Authentication required';
+    switch (authType) {
+        case 'basic':
+            res.setHeader('WWW-Authenticate', 'Basic realm="Admin Panel"');
+            break;
+        case 'permanentServerTokens':
+        case 'jwtToken':
+            res.setHeader('WWW-Authenticate', 'Bearer realm="Admin Panel"');
+            break;
+    }
+    res.status(401).json({
+        success: false,
+        error: errorMessage,
+    });
+}
+//# sourceMappingURL=admin-auth.js.map

package/dist/core/auth/admin-auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"admin-auth.js","sourceRoot":"","sources":["../../../src/core/auth/admin-auth.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,MAAM,IAAI,GAAG,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,uBAAuB,EAAE,MAAM,4CAA4C,CAAC;AACrF,OAAO,EAAE,aAAa,EAAE,MAAM,8CAA8C,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE5C,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;AAGtE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,SAAS,IAAI,EAAE,CAAC;AAEtD;;;GAGG;AACH,MAAM,UAAU,uBAAuB;IACrC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC,CAAC,iCAAiC;IAChD,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC;IAEhC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,uBAAuB,CAAC,CAAC,CAAC;YAC7B,MAAM,MAAM,GAAG,IAAI,EAAE,qBAAqB,CAAC;YAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC7D,OAAO,gHAAgH,CAAC;YAC1H,CAAC;YACD,MAAM;QACR,CAAC;QAED,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,CAAC;YAC1B,IAAI,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,CAAC;gBACzC,OAAO,uFAAuF,CAAC;YACjG,CAAC;YACD,MAAM;QACR,CAAC;QAED,KAAK,UAAU,CAAC,CAAC,CAAC;YAChB,MAAM,GAAG,GAAG,IAAI,EAAE,QAAQ,CAAC;YAC3B,IAAI,CAAC,GAAG,EAAE,UAAU,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClD,OAAO,gGAAgG,CAAC;YAC1G,CAAC;YACD,MAAM;QACR,CAAC;QAED,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,qEAAqE;YACrE,yDAAyD;YACzD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,yFAAyF,CAAC;YACnG,CAAC;YACD,MAAM;QACR,CAAC;QAED;YACE,OAAO,2BAA2B,QAAQ,6DAA6D,CAAC;IAC5G,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,4DAA4D;IAC5D,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;gBAC1D,4CAA4C;gBAC5C,GAAG,CAAC,IAAI,GAAG;oBACT,eAAe,EAAE,KAAK;oBACtB,QAAQ,EAAE,WAAW;oBACrB,MAAM,EAAE,QAAQ;iBACjB,CAAC;gBACF,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC;IAChC,MAAM,CAAC,IAAI,CAAC,2CAA2C,QAAQ,EAAE,CAAC,CAAC;IAEnE,yCAAyC;IACzC,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,OAAO,uBAAuB,EAAE,CAAC;IACnC,CAAC;IAED,mDAAmD;IACnD,OAAO;QACL,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAClD,yEAAyE;YACzE,GAAG,CAAC,IAAI,GAAG;gBACT,eAAe,EAAE,KAAK;gBACtB,QAAQ,EAAE,SAAS;gBACnB,MAAM,EAAE,SAAS;aAClB,CAAC;YAEF,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC;YAE5D,qDAAqD;YACrD,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,gBAAgB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,UAAkF,CAAC;YAEvF,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,uBAAuB,CAAC,CAAC,CAAC;oBAC7B,MAAM,MAAM,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;oBAChD,UAAU,GAAG,MAAM,CAAC,WAAW;wBAC7B,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,WAAW,EAAE;wBAC/C,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC;oBAC/C,MAAM;gBACR,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;wBACvB,OAAO,gBAAgB,CAAC,GAAG,EAAE,QAAQ,EAAE,+BAA+B,CAAC,CAAC;oBAC1E,CAAC;oBACD,UAAU,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;oBACzC,MAAM;gBACR,CAAC;gBAED,KAAK,UAAU,CAAC,CAAC,CAAC;oBAChB,MAAM,MAAM,GAAG,aAAa,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;oBACrD,UAAU,GAAG,MAAM,CAAC,WAAW;wBAC7B,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,WAAW,EAAE;wBAC/C,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC7F,MAAM;gBACR,CAAC;gBAED;oBACE,UAAU,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,QAAQ,EAAE,EAAE,CAAC;YAC7E,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;gBACxB,MAAM,CAAC,KAAK,CAAC,sBAAsB,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;gBACvD,OAAO,gBAAgB,CAAC,GAAG,EAAE,QAAQ,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;YAC3D,CAAC;YAED,8BAA8B;YAC9B,GAAG,CAAC,IAAI,GAAG;gBACT,eAAe,EAAE,IAAI;gBACrB,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,eAAe;gBAChD,MAAM,EAAE,QAAQ;aACjB,CAAC;YAEF,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;gBACtB,GAAW,CAAC,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC;YAChD,CAAC;YAED,IAAI,EAAE,CAAC;QACT,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAE,GAAa,EAAE,QAAuB,EAAE,OAAgB;IACjF,MAAM,YAAY,GAAG,OAAO,IAAI,yBAAyB,CAAC;IAE1D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,2BAA2B,CAAC,CAAC;YAC/D,MAAM;QACR,KAAK,uBAAuB,CAAC;QAC7B,KAAK,UAAU;YACb,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,4BAA4B,CAAC,CAAC;YAChE,MAAM;IACV,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;QACnB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,YAAY;KACpB,CAAC,CAAC;AACL,CAAC"}

package/dist/core/auth/basic.d.ts

@@ -0,0 +1,6 @@
+import { AuthResult } from './types.js';
+/**
+ * Basic Authentication validation
+ */
+export declare function checkBasicAuth(credentials: string): AuthResult;
+//# sourceMappingURL=basic.d.ts.map

package/dist/core/auth/basic.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic.d.ts","sourceRoot":"","sources":["../../../src/core/auth/basic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAGxC;;GAEG;AACH,wBAAgB,cAAc,CAAE,WAAW,EAAE,MAAM,GAAG,UAAU,CAqB/D"}

package/dist/core/auth/basic.js

@@ -0,0 +1,26 @@
+import { appConfig } from '../bootstrap/init-config.js';
+/**
+ * Basic Authentication validation
+ */
+export function checkBasicAuth(credentials) {
+    const basic = appConfig.webServer?.auth?.basic;
+    if (!basic?.username || !basic?.password) {
+        return { success: false, error: 'Basic auth not configured' };
+    }
+    try {
+        // Expecting base64 encoded "username:password"
+        const decoded = Buffer.from(credentials, 'base64').toString('utf8');
+        const [username, password] = decoded.split(':');
+        if (!username || !password) {
+            return { success: false, error: 'Invalid basic auth format - missing username or password' };
+        }
+        if (username === basic.username && password === basic.password) {
+            return { success: true, username };
+        }
+        return { success: false, error: 'Invalid credentials' };
+    }
+    catch {
+        return { success: false, error: 'Invalid basic auth format - not valid base64' };
+    }
+}
+//# sourceMappingURL=basic.js.map

package/dist/core/auth/basic.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic.js","sourceRoot":"","sources":["../../../src/core/auth/basic.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAExD;;GAEG;AACH,MAAM,UAAU,cAAc,CAAE,WAAmB;IACjD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,KAAK,CAAC;IAC/C,IAAI,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,CAAC;QACzC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,EAAE,CAAC;IAChE,CAAC;IACD,IAAI,CAAC;QACH,+CAA+C;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACpE,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAEhD,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0DAA0D,EAAE,CAAC;QAC/F,CAAC;QAED,IAAI,QAAQ,KAAK,KAAK,CAAC,QAAQ,IAAI,QAAQ,KAAK,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC/D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QACrC,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,8CAA8C,EAAE,CAAC;IACnF,CAAC;AACH,CAAC"}

package/dist/core/auth/{jwt-validation.d.ts → jwt.d.ts}

@@ -1,5 +1,6 @@
 import { ICheckTokenResult } from './types.js';
-export declare const tokenRE: RegExp;
+export declare const MIN_ENCRYPT_KEY_LENGTH = 8;
+export declare const jwtTokenRE: RegExp;
 /**
  * Encrypts the transmitted text with a symmetric key taken from the config
  */
@@ -20,9 +21,9 @@ export declare const generateToken: (user: string, liveTimeSec: number, payload?
  * - the obsolescence time must not be expired
  * - If a user is transferred, it must match
  */
-export declare const checkToken: (arg: {
+export declare const checkJwtToken: (arg: {
     token: string;
     expectedUser?: string;
     expectedService?: string;
 }) => ICheckTokenResult;
-//# sourceMappingURL=jwt-validation.d.ts.map
+//# sourceMappingURL=jwt.d.ts.map

package/dist/core/auth/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/core/auth/jwt.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,iBAAiB,EAAiB,MAAM,YAAY,CAAC;AAU9D,eAAO,MAAM,sBAAsB,IAAI,CAAC;AASxC,eAAO,MAAM,UAAU,QAAmC,CAAC;AAE3D;;GAEG;AACH,eAAO,MAAM,OAAO,GAAI,MAAM,MAAM,KAAG,MAStC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,OAAO,GAAI,cAAc,MAAM,WAW3C,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,aAAa,GAAI,MAAM,MAAM,EAAE,aAAa,MAAM,EAAE,UAAU,GAAG,KAAG,MAYhF,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,aAAa,GAAI,KAAK;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B,KAAG,iBAgEH,CAAC"}

package/dist/core/auth/{jwt-validation.js → jwt.js}

@@ -5,16 +5,16 @@ import { logger as lgr } from '../logger.js';
 import { isObject, trim } from '../utils/utils.js';
 import chalk from 'chalk';
 const logger = lgr.getSubLogger({ name: chalk.cyan('token-auth') });
-const { jwtToken, permanentServerTokens: pt = [] } = appConfig.webServer?.auth || {};
+const { jwtToken } = appConfig.webServer?.auth || {};
 const checkMCPName = jwtToken?.checkMCPName || false;
-const permanentServerTokensSet = new Set(Array.isArray(pt) ? pt : [pt]);
+export const MIN_ENCRYPT_KEY_LENGTH = 8;
 const ALGORITHM = 'aes-256-ctr';
 const KEY = crypto
     .createHash('sha256')
-    .update(String(jwtToken?.encryptKey || 'secret'))
+    .update(String(jwtToken?.encryptKey || '11111111-7777-8888-9999-000000000000'))
     .digest('base64')
     .substring(0, 32);
-export const tokenRE = /^(\d{13,})\.([\da-fA-F]{32,})$/;
+export const jwtTokenRE = /^(\d{13,})\.([\da-fA-F]{32,})$/;
 /**
  * Encrypts the transmitted text with a symmetric key taken from the config
  */
@@ -67,7 +67,7 @@ export const generateToken = (user, liveTimeSec, payload) => {
  * - the obsolescence time must not be expired
  * - If a user is transferred, it must match
  */
-export const checkToken = (arg) => {
+export const checkJwtToken = (arg) => {
     let { token, expectedUser, expectedService = appConfig.name } = arg;
     token = (token || '').trim();
     if (!token) {
@@ -75,16 +75,10 @@ export const checkToken = (arg) => {
             errorReason: 'Token not passed',
         };
     }
-    if (permanentServerTokensSet.has(token)) {
-        return {
-            inTokenType: 'permanent',
-        };
-    }
-    const [, expirePartStr, encryptedPayload] = tokenRE.exec(token) || [];
+    const [, expirePartStr, encryptedPayload] = jwtTokenRE.exec(token) || [];
     if (!expirePartStr || !encryptedPayload) {
         return {
-            inTokenType: 'permanent',
-            errorReason: 'The token is not a JWT and is not on the list of registered server tokens',
+            errorReason: 'The token is not a JWT',
         };
     }
     let payloadStr = '';
@@ -104,7 +98,6 @@ export const checkToken = (arg) => {
     catch (err) {
         logger.error(err);
         return {
-            inTokenType: 'JWT',
             errorReason: `Error deserializing payload of JWT token :: ${err.message}`,
         };
     }
@@ -112,7 +105,6 @@ export const checkToken = (arg) => {
     if (expectedUser && payload.user !== expectedUser) {
         return {
             isTokenDecrypted: true,
-            inTokenType: 'JWT',
             errorReason: `JWT Token: user not match :: Expected  '${expectedUser}' / obtained from the token: '${payload.user}'`,
         };
     }
@@ -120,7 +112,6 @@ export const checkToken = (arg) => {
         if (expectedService && payload.service !== expectedService) {
             return {
                 isTokenDecrypted: true,
-                inTokenType: 'JWT',
                 errorReason: `JWT Token: service not match :: Expected  '${expectedService}' / obtained from the token: '${payload.service}'`,
             };
         }
@@ -131,11 +122,10 @@ export const checkToken = (arg) => {
         // Token deprecated
         return {
             isTokenDecrypted: true,
-            inTokenType: 'JWT',
             errorReason: `JWT Token expired :: on ${expiredOn} mc`,
         };
     }
     // OK!
-    return { inTokenType: 'JWT', payload };
+    return { payload };
 };
-//# sourceMappingURL=jwt-validation.js.map
+//# sourceMappingURL=jwt.js.map

package/dist/core/auth/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../src/core/auth/jwt.ts"],"names":[],"mappings":"AAAA,0CAA0C;AAC1C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAExD,OAAO,EAAE,MAAM,IAAI,GAAG,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;AAEpE,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC;AACrD,MAAM,YAAY,GAAG,QAAQ,EAAE,YAAY,IAAI,KAAK,CAAC;AAErD,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC;AAExC,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,GAAG,GAAG,MAAM;KACf,UAAU,CAAC,QAAQ,CAAC;KACpB,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,UAAU,IAAI,sCAAsC,CAAC,CAAC;KAC9E,MAAM,CAAC,QAAQ,CAAC;KAChB,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAEpB,MAAM,CAAC,MAAM,UAAU,GAAG,gCAAgC,CAAC;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,IAAY,EAAU,EAAE;IAC9C,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,kCAAkC;IAClC,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IAClC,uDAAuD;IACvD,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACzD,oCAAoC;IACpC,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAChF,OAAO,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACtC,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,YAAoB,EAAE,EAAE;IAC9C,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IACtD,iCAAiC;IACjC,MAAM,GAAG,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzC,eAAe;IACf,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC9D,sBAAsB;IACtB,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACjF,OAAO,YAAY,CAAC,QAAQ,EAAE,CAAC;AACjC,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,IAAY,EAAE,WAAmB,EAAE,OAAa,EAAU,EAAE;IACxF,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAChC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1C,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;IACxB,OAAO,CAAC,GAAG,GAAG,QAAQ,CAAC;IACvB,OAAO,GAAG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;AACzD,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,GAI7B,EAAqB,EAAE;IACtB,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,eAAe,GAAG,SAAS,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC;IACpE,KAAK,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;YACL,WAAW,EAAE,kBAAkB;SAChC,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,EAAE,aAAa,EAAE,gBAAgB,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAEzE,IAAI,CAAC,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACxC,OAAO;YACL,WAAW,EAAE,wBAAwB;SACtC,CAAC;IACJ,CAAC;IAED,IAAI,UAAU,GAAW,EAAE,CAAC;IAC5B,IAAI,CAAC;QACH,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAgB,EAAE,CAAC;QAC1B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO;YACL,WAAW,EAAE,iCAAiC,GAAG,CAAC,OAAO,EAAE;SAC5D,CAAC;IACJ,CAAC;IACD,IAAI,OAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,GAAgB,EAAE,CAAC;QAC1B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClB,OAAO;YACL,WAAW,EAAE,+CAA+C,GAAG,CAAC,OAAO,EAAE;SAC1E,CAAC;IACJ,CAAC;IAED,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC;IAChD,IAAI,YAAY,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAClD,OAAO;YACL,gBAAgB,EAAE,IAAI;YACtB,WAAW,EAAE,2CAA2C,YAAY,iCAAiC,OAAO,CAAC,IAAI,GAAG;SACrH,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,eAAe,IAAI,OAAO,CAAC,OAAO,KAAK,eAAe,EAAE,CAAC;YAC3D,OAAO;gBACL,gBAAgB,EAAE,IAAI;gBACtB,WAAW,EAAE,8CAA8C,eAAe,iCAAiC,OAAO,CAAC,OAAO,GAAG;aAC9H,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAExC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;IACtC,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,mBAAmB;QACnB,OAAO;YACL,gBAAgB,EAAE,IAAI;YACtB,WAAW,EAAE,2BAA2B,SAAS,KAAK;SACvD,CAAC;IACJ,CAAC;IACD,MAAM;IACN,OAAO,EAAE,OAAO,EAAE,CAAC;AACrB,CAAC,CAAC"}

package/dist/core/auth/middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../../src/core/auth/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAqG1D;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAAU,KAAK,OAAO,KAAG,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAc3G,CAAC;AAMF,UAAU,qBAAqB;IAC7B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAE,OAAO,GAAE,qBAA0B,IAMjD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDAkC9D"}
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../../src/core/auth/middleware.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAkG1D;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAAU,KAAK,OAAO,KAAG,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAc3G,CAAC;AAMF,UAAU,qBAAqB;IAC7B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAE,OAAO,GAAE,qBAA0B,IAMjD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDAkC9D"}

package/dist/core/auth/middleware.js

@@ -3,7 +3,7 @@ import { debugTokenAuth } from '../debug.js';
 import { appConfig } from '../bootstrap/init-config.js';
 import { getResourcesList } from '../mcp/resources.js';
 import { getPromptsList } from '../mcp/prompts.js';
-import { checkCombinedAuth, logAuthConfiguration, } from './multi-auth.js';
+import { checkMultiAuth, logAuthConfiguration } from './multi-auth.js';
 const { enabled: authEnabled } = appConfig.webServer.auth;
 const SHOW_HEADERS_SET = new Set(['user', 'authorization', 'x-real-ip', 'x-mode', 'host']);
 const debugAuth = (req, code, message) => {
@@ -82,7 +82,7 @@ export const getMultiAuthError = async (req) => {
     if (!authEnabled) {
         return undefined;
     }
-    const authResult = await checkCombinedAuth(req);
+    const authResult = await checkMultiAuth(req);
     if (!authResult.success) {
         return debugAuth(req, 401, authResult.error || 'Authentication failed');
     }
@@ -112,7 +112,7 @@ export function createAuthMW(options = {}) {
         }
         try {
             // Use enhanced combined authentication (standard + custom validator)
-            const authResult = await checkCombinedAuth(req);
+            const authResult = await checkMultiAuth(req);
             if (!authResult.success) {
                 const errorDetails = debugAuth(req, 401, authResult.error || 'Authentication failed');
                 return res.status(errorDetails.code).send(errorDetails.message);

package/dist/core/auth/middleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../../src/core/auth/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EACL,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,iBAAiB,CAAC;AAIzB,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC;AAE1D,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,eAAe,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;AAE3F,MAAM,SAAS,GAAG,CAAC,GAAY,EAAE,IAAY,EAAE,OAAe,EAAqC,EAAE;IACnG,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;QAC3B,IAAI,UAAU,GAAW,EAAE,CAAC;QAC5B,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAChB,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtD,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;oBAC1C,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,OAAO,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC;gBACvD,CAAC;gBACD,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,cAAc,CAAC,GAAG,GAAG,gBAAgB,KAAK,GAAG,IAAI,GAAG,GAAG,IAAI,OAAO,GAAG,KAAK,aAAa,UAAU,IAAI,GAAG,EAAE,CAAC,CAAC;IAC9G,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC3B,CAAC,CAAC;AAGF,wDAAwD;AAExD;;GAEG;AACH,MAAM,gBAAgB,GAAG,CAAC,GAAW,EAAW,EAAE;IAChD,kDAAkD;IAClD,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC,SAAS,CAAC;IAClD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAEvD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,KAAK,CAAC,CAAC,4CAA4C;IAC5D,CAAC;IAED,qGAAqG;IACrG,OAAO,QAAQ,CAAC,WAAW,KAAK,KAAK,CAAC;AACxC,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAG,CAAC,IAAY,EAAW,EAAE;IAC/C,gDAAgD;IAChD,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC,OAAO,CAAC;IAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAErD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC,CAAC,0CAA0C;IAC1D,CAAC;IAED,iGAAiG;IACjG,OAAQ,MAAc,CAAC,WAAW,KAAK,KAAK,CAAC;AAC/C,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG,CAAC,GAAY,EAAW,EAAE;IACnD,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IAElC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,gBAAgB;YACnB,kCAAkC;YAClC,OAAO,IAAI,CAAC;QAEd,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC;YAClC,OAAO,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QAED,KAAK,cAAc;YACjB,gCAAgC;YAChC,OAAO,IAAI,CAAC;QAEd,KAAK,aAAa,CAAC,CAAC,CAAC;YACnB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC;YACpC,OAAO,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QAED;YACE,2CAA2C;YAC3C,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC,CAAC;AAEF,mEAAmE;AAEnE;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EAAE,GAAY,EAA0D,EAAE;IAC9G,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAChD,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;IAC1E,CAAC;IAED,mEAAmE;IAClE,GAAW,CAAC,QAAQ,GAAG,EAAE,GAAG,UAAU,EAAE,CAAC;IAE1C,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAWF;;GAEG;AACH,MAAM,UAAU,YAAY,CAAE,UAAiC,EAAE;IAC/D,MAAM,EACJ,QAAQ,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC,EACxC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,MAAM,GACnD,GAAG,OAAO,CAAC;IAEZ,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,qCAAqC;QACrC,IAAI,SAAS,IAAI,CAAE,YAAoB,CAAC,OAAO,EAAE,CAAC;YAChD,oBAAoB,EAAE,CAAC;YACtB,YAAoB,CAAC,OAAO,GAAG,IAAI,CAAC;QACvC,CAAC;QAED,uEAAuE;QACvE,MAAM,YAAY,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,YAAY,IAAI,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,qEAAqE;YACrE,MAAM,UAAU,GAAe,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC5D,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;gBACxB,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;gBACtF,OAAO,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAClE,CAAC;YAED,mEAAmE;YAClE,GAAW,CAAC,QAAQ,GAAG,UAAU,CAAC;YACnC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YAC7C,OAAO;QACT,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED,uCAAuC;AACtC,YAAoB,CAAC,OAAO,GAAG,KAAK,CAAC"}
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../../src/core/auth/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAIvE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC;AAE1D,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,eAAe,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;AAE3F,MAAM,SAAS,GAAG,CAAC,GAAY,EAAE,IAAY,EAAE,OAAe,EAAqC,EAAE;IACnG,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;QAC3B,IAAI,UAAU,GAAW,EAAE,CAAC;QAC5B,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAChB,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE;gBACtD,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;oBAC1C,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,OAAO,GAAG,CAAC,GAAG,KAAK,EAAE,CAAC;gBACvD,CAAC;gBACD,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,cAAc,CAAC,GAAG,GAAG,gBAAgB,KAAK,GAAG,IAAI,GAAG,GAAG,IAAI,OAAO,GAAG,KAAK,aAAa,UAAU,IAAI,GAAG,EAAE,CAAC,CAAC;IAC9G,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC3B,CAAC,CAAC;AAGF,wDAAwD;AAExD;;GAEG;AACH,MAAM,gBAAgB,GAAG,CAAC,GAAW,EAAW,EAAE;IAChD,kDAAkD;IAClD,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC,SAAS,CAAC;IAClD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAEvD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,KAAK,CAAC,CAAC,4CAA4C;IAC5D,CAAC;IAED,qGAAqG;IACrG,OAAO,QAAQ,CAAC,WAAW,KAAK,KAAK,CAAC;AACxC,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAG,CAAC,IAAY,EAAW,EAAE;IAC/C,gDAAgD;IAChD,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC,OAAO,CAAC;IAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAErD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC,CAAC,0CAA0C;IAC1D,CAAC;IAED,iGAAiG;IACjG,OAAQ,MAAc,CAAC,WAAW,KAAK,KAAK,CAAC;AAC/C,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG,CAAC,GAAY,EAAW,EAAE;IACnD,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IAElC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,gBAAgB;YACnB,kCAAkC;YAClC,OAAO,IAAI,CAAC;QAEd,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC;YAClC,OAAO,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QAED,KAAK,cAAc;YACjB,gCAAgC;YAChC,OAAO,IAAI,CAAC;QAEd,KAAK,aAAa,CAAC,CAAC,CAAC;YACnB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC;YACpC,OAAO,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QAED;YACE,2CAA2C;YAC3C,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC,CAAC;AAEF,mEAAmE;AAEnE;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EAAE,GAAY,EAA0D,EAAE;IAC9G,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;IAC1E,CAAC;IAED,mEAAmE;IAClE,GAAW,CAAC,QAAQ,GAAG,EAAE,GAAG,UAAU,EAAE,CAAC;IAE1C,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAWF;;GAEG;AACH,MAAM,UAAU,YAAY,CAAE,UAAiC,EAAE;IAC/D,MAAM,EACJ,QAAQ,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC,EACxC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,MAAM,GACnD,GAAG,OAAO,CAAC;IAEZ,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,qCAAqC;QACrC,IAAI,SAAS,IAAI,CAAE,YAAoB,CAAC,OAAO,EAAE,CAAC;YAChD,oBAAoB,EAAE,CAAC;YACtB,YAAoB,CAAC,OAAO,GAAG,IAAI,CAAC;QACvC,CAAC;QAED,uEAAuE;QACvE,MAAM,YAAY,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,YAAY,IAAI,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,qEAAqE;YACrE,MAAM,UAAU,GAAe,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;YACzD,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;gBACxB,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;gBACtF,OAAO,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAClE,CAAC;YAED,mEAAmE;YAClE,GAAW,CAAC,QAAQ,GAAG,UAAU,CAAC;YACnC,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YAC7C,OAAO;QACT,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED,uCAAuC;AACtC,YAAoB,CAAC,OAAO,GAAG,KAAK,CAAC"}

package/dist/core/auth/multi-auth.d.ts

@@ -2,8 +2,11 @@
  * Multi-authentication system core
  */
 import { Request } from 'express';
-import { AuthDetectionResult, AuthResult } from './types.js';
-export declare const getTokenFromHttpHeader: (req: Request) => string;
+import { AuthDetectionResult, AuthResult, AuthType } from './types.js';
+export declare const getTokenFromHttpHeader: (req: Request) => {
+    scheme?: AuthType;
+    credentials?: string;
+};
 /**
  * Detects configured authentication types in priority order (ascending CPU load)
  */
@@ -12,12 +15,17 @@ export declare function detectAuthConfiguration(): AuthDetectionResult;
  * Checks auth using all configured authentication methods in ascending CPU load order
  */
 export declare function checkMultiAuth(req: Request): Promise<AuthResult>;
-/**
- * Enhanced authentication check that combines configured auth methods with custom validator
- */
-export declare function checkCombinedAuth(req: Request): Promise<AuthResult>;
 /**
  * Logs authentication configuration (for debugging)
  */
 export declare function logAuthConfiguration(): void;
+/**
+ * Determines authentication headers based on appConfig.webServer.auth configuration.
+ * Priority order:
+ * 1. permanentServerTokens - if at least one token is defined
+ * 2. basic auth - if username AND password are both set
+ * 3. JWT token - if jwtToken.encryptKey is set, generate token on the fly
+ * @returns {Object} Headers object with Authorization header if auth is enabled
+ */
+export declare function getAuthHeadersForTests(): object;
 //# sourceMappingURL=multi-auth.d.ts.map

package/dist/core/auth/multi-auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"multi-auth.d.ts","sourceRoot":"","sources":["../../../src/core/auth/multi-auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAY,MAAM,YAAY,CAAC;AAwBvE,eAAO,MAAM,sBAAsB,GAAI,KAAK,OAAO,KAAG,MAErD,CAAC;AAWF;;GAEG;AACH,wBAAgB,uBAAuB,IAAK,mBAAmB,CAqC9D;AAmCD;;GAEG;AACH,wBAAsB,cAAc,CAAE,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CA6CvE;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CAAE,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAwD1E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAK,IAAI,CAa5C"}
+{"version":3,"file":"multi-auth.d.ts","sourceRoot":"","sources":["../../../src/core/auth/multi-auth.ts"],"names":[],"mappings":"AAEA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AA4BvE,eAAO,MAAM,sBAAsB,GAAI,KAAK,OAAO,KAAG;IAAE,MAAM,CAAC,EAAE,QAAQ,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAiB9F,CAAC;AAcF;;GAEG;AACH,wBAAgB,uBAAuB,IAAK,mBAAmB,CA8C9D;AAID;;GAEG;AACH,wBAAsB,cAAc,CAAE,GAAG,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAsEvE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAK,IAAI,CAa5C;AAED;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,IAAK,MAAM,CAuChD"}