fa-mcp-sdk 0.4.17 → 0.4.19

package/config/default.yaml

@@ -1,212 +1,312 @@
----
-
-#accessPoints:
-#  myService:
-#    title: 'My remote service'
-#    host: <host>
-#    port: 9999
-#    token: '***'
-#    noConsul: true # Use if the service developers do not provide registration in consul
-#    consulServiceName: <consulServiceName>
-
-ad:
-  # Active Directory / LDAP settings.
-  # Used for authentication/authorization (e.g., NTLM in admin panel) and checking user membership in AD groups.
-  domains:
-    # Map of domains. Key is a domain name
-    MYDOMAIN:
-      # Marks this domain as default one
-      default: true
-      # List of LDAP controllers (can be multiple for failover).
-      # Use ldap:// for plain LDAP or ldaps:// for LDAP over TLS.
-      controllers:
-        - 'ldap://c1.corp.com'
-        - 'ldap://c2.corp.com'
-      # Service account (bind DN or username) used to connect to LDAP.
-      username: '***'
-      # Service account password.
-      password: '***'
-      # Base DN for LDAP searches. Auto-derived from controller URL if not set.
-      # baseDn: 'DC=corp,DC=com'
-  # Cache TTL for group membership checks (default: 600000 = 10 min)
-  # groupCacheTtlMs: 600000
-  # Cache TTL for user/group DN lookups (default: 86400000 = 24 hours)
-  # dnCacheTtlMs: 86400000
-
-agentTester:
-  enabled: true
-  showFooterLink: true  # true (default) — show Agent Tester link in home page footer; false — hide link without disabling tester
-  useAuth: false  # true — protect Agent Tester with full multi-auth (permanentTokens/basic/JWT/custom); browser users see a login dialog, headless clients pass Authorization header
-  sessionTtlMs: 28800000  # Browser login session lifetime in milliseconds. Default: 28800000 (8 hours). Applies only when useAuth is true. Sessions are in-memory on the server — lost on restart.
-  logJson: false  # true — emit structured JSON events (tool_call, tool_result, llm_response, response) to stdout during agent execution
-  openAi:
-    apiKey: ''
-    # baseURL: ''
-  httpHeaders:
-    # Key-value pairs for HTTP requests that should be auto-populated in agentTester
-    # Example: X-User-Id: 12345
-
-# --------------------------------------------------
-# CACHING Reduces API calls by caching responses
-# --------------------------------------------------
-cache:
-  # time in seconds to check all data and delete expired keys
-  checkPeriod: 1200
-  # Default maximum number of cached items
-  maxItems: 1000
-  # Default Cache TTL in seconds
-  ttlSeconds: 300
-
-
-consul:
-  check:
-    interval: '10s'
-    timeout: '5s'
-    deregistercriticalserviceafter: '3m'
-  agent:
-    # Credentials for getting information about services in the DEV DC
-    dev:
-      dc: '{{consul.agent.dev.dc}}'
-      host: '{{consul.agent.dev.host}}'
-      port: 443
-      secure: true
-      # Token for getting information about DEV services
-      token: '***'
-    # Credentials for getting information about services in the PROD DC
-    prd:
-      dc: '{{consul.agent.prd.dc}}'
-      host: '{{consul.agent.prd.host}}'
-      port: 443
-      secure: true
-      # Token for obtaining information about PROD services
-      token: '***'
-    # Credentials for registering the service with Consul
-    reg:
-      # The host of the consul agent where the service will be registered. If not specified, the server on which the service is running is used
-      host: null
-      port: 8500
-      secure: false
-      # Token for registering the service in the consul agent
-      token: '***'
-  service:
-    enable: {{consul.service.enable}} # true - Allows registration of the service with the consul
-    name: <name> # Here you can specify an alternative name for the service. String "<name>" will be replaced by env SERVICE_NAME | <package.json>.name at initialization
-    instance: '{{SERVICE_INSTANCE}}' # This value will be specified as a suffix in the id of the service
-    version: <version> # String "<version>" will be replaced by <package.json>.version at initialization
-    description: <description> # Here you can specify an alternative name description. String "<description>" will be replaced by <package.json>.description at initialization
-    tags: [ ] # If null or empty array - Will be pulled up from package.keywords at initialization
-    meta:
-      # "Home" page link template
-      who: 'http://{address}:{port}/'
-  envCode: # Used to generate the service ID
-    prod: '{{consul.envCode.prod}}' # Production environment code
-    dev: '{{consul.envCode.dev}}' # Development environment code
-
-db:
-  postgres:
-    dbs:
-      main:
-        label: 'My Database'
-        host: ''  # To exclude the use of the database, you need to set host = ''
-        port: 5432
-        database: <database>
-        user: <user>
-        password: <password>
-        usedExtensions: [ ]
-
-logger:
-  level: info
-  useFileLogger: {{logger.useFileLogger}} # To use or not to use logging to a file
-  # Absolute path to the folder where logs will be written. Default <proj_root>/../logs
-  dir: '{{logger.dir}}'
-
-mcp:
-  transportType: http # stdio | http
-  # Response format configuration.
-  # - structuredContent - default - the response in result.structuredContent returns JSON
-  # - text - in the response, serialized JSON is returned in result.content[0].text
-  toolAnswerAs: text # text | structuredContent
-  rateLimit:
-    maxRequests: 100
-    windowMs: 60000  # 1 minute
-
-swagger:
-  servers: # An array of servers that will be added to swagger docs
-    # - url: http://localhost:{{port}}
-    #   description: "Development server (localhost)"
-    # - url: http://0.0.0.0:{{port}}
-    #   description: "Development server (all interfaces)"
-    # - url: http://<prod_server_host_or_ip>:{{port}}
-    #   description: "PROD server"
-    - url: https://{{mcp.domain}}
-      description: "PROD server"
-
-homePage:
-  helpLink:
-    url: ''     # If empty — help link is not shown in footer
-    label: 'Help'  # Link text (default: "Help")
-
-uiColor:
-  # Font color of the header and a number of interface elements on the HOME page
-  primary: '#0f65dc'
-
-webServer:
-  host: '0.0.0.0'
-  port: {{port}}
-  # array of hosts that CORS skips
-  originHosts: [ 'localhost', '0.0.0.0' ]
-  # Authentication is configured here only when accessing the MCP server
-  # Authentication in services that enable tools, resources, and prompts
-  # is implemented more deeply. To do this, you need to use the information passed in HTTP headers
-  # You can also use a custom authorization function
-  auth:
-    enabled: false # Enables/disables authorization
-    # ========================================================================
-    # PERMANENT SERVER TOKENS
-    # Static tokens for server-to-server communication
-    # CPU cost: O(1) - fastest authentication method
-    #
-    # To enable this authentication, you need to set auth.enabled = true
-    # and set one token of at least 20 characters in length
-    # ========================================================================
-    permanentServerTokens: [ ] # Add your server tokens here: ['token1', 'token2']
-
-    # ========================================================================
-    # JWT TOKEN WITH SYMMETRIC ENCRYPTION
-    # Custom JWT tokens with AES-256 encryption
-    # CPU cost: Medium - decryption + JSON parsing
-    #
-    # To enable this authentication, you need to set auth.enabled = true and set
-    # encryptKey to at least 20 characters
-    # ========================================================================
-    jwtToken:
-      # Symmetric encryption key to generate a token for this MCP (minimum 8 chars)
-      encryptKey: '***'
-      # If webServer.auth.enabled and the parameter true, the service name and the service specified in the token will be checked
-      checkMCPName: true
-      # If true and JWT token contains non-empty 'ip' field,
-      # the client IP will be checked against the allowed list in the token
-      isCheckIP: false
-
-    # ========================================================================
-    # Basic Authentication - Base64 encoded username:password
-    # CPU cost: Medium - Base64 decoding + string comparison
-    # To enable this authentication, you need to set auth.enabled = true
-    # and set username and password to valid values
-    # ========================================================================
-    basic:
-      username: ''
-      password: '***'
-
-  # ========================================================================
-  # ADMIN PANEL AUTHENTICATION
-  # Token generation page available at /admin endpoint
-  # Supports 4 authentication methods: permanentServerTokens, basic, jwtToken, ntlm
-  # ========================================================================
-  adminAuth:
-    enabled: true  # Enable/disable admin panel
-    # Authentication type for admin panel: 'permanentServerTokens' | 'basic' | 'jwtToken' | 'ntlm'
-    # For permanentServerTokens, basic, jwtToken - uses credentials from webServer.auth section
-    # For ntlm - uses AD configuration from ad.domains section (no additional credentials needed)
-    type: 'basic'
-
+---
+
+#> ========================================================================
+#> Outbound access points — connection settings for remote services this MCP talks to.
+#> Each entry under accessPoints is keyed by a logical alias used in code to look up host/port/token.
+#> By default, hosts/ports are resolved via Consul; the fields below let you override that or
+#> describe a service that is not registered in Consul at all.
+#> ========================================================================
+# accessPoints:
+#   myService:
+#     #> Human-readable title shown in diagnostics and admin pages
+#     title: 'My remote service'
+#     #> Remote service host (used when noConsul=true or as a fallback)
+#     host: <host>
+#     #> Remote service TCP port
+#     port: 9999
+#     #> Auth token sent to the remote service
+#     token: '***'
+#     #> Use if the service developers do not provide registration in consul —
+#     #> disables Consul lookup and forces use of the host/port above
+#     noConsul: true
+#     #> Override the Consul service name to look up (defaults to the alias key)
+#     consulServiceName: <consulServiceName>
+
+#> Active Directory / LDAP settings.
+#> Used for authentication/authorization (e.g., NTLM in admin panel) and checking user membership in AD groups.
+ad:
+  #> Map of domains. Key is a domain name
+  domains:
+    MYDOMAIN:
+      #> Marks this domain as default one
+      default: true
+      #> List of LDAP controllers (can be multiple for failover).
+      #> Use ldap:// for plain LDAP or ldaps:// for LDAP over TLS.
+      controllers:
+        - 'ldap://c1.corp.com'
+        - 'ldap://c2.corp.com'
+      #> Service account (bind DN or username) used to connect to LDAP.
+      username: '***'
+      #> Service account password.
+      password: '***'
+      #> Base DN for LDAP searches. Auto-derived from controller URL if not set.
+      # baseDn: 'DC=corp,DC=com'
+  #> Cache TTL for group membership checks (default: 600000 = 10 min)
+  # groupCacheTtlMs: 600000
+  #> Cache TTL for user/group DN lookups (default: 86400000 = 24 hours)
+  # dnCacheTtlMs: 86400000
+
+#> Built-in chat UI for testing MCP tools with an LLM.
+agentTester:
+  #> Enables the Agent Tester UI at /agent-tester
+  enabled: true
+  #> true (default) — show Agent Tester link in home page footer; false — hide link without disabling tester
+  showFooterLink: true
+  #> true — protect Agent Tester with full multi-auth (permanentTokens/basic/JWT/custom);
+  #> browser users see a login dialog, headless clients pass Authorization header
+  useAuth: false
+  #> Browser login session lifetime in milliseconds. Default: 28800000 (8 hours).
+  #> Applies only when useAuth is true. Sessions are in-memory on the server — lost on restart.
+  sessionTtlMs: 28800000
+  #> true — emit structured JSON events (tool_call, tool_result, llm_response, response) to stdout during agent execution
+  logJson: false
+  #> OpenAI-compatible LLM credentials used by Agent Tester to drive tool calls
+  openAi:
+    #> API key for LLM provider (OpenAI and compatible)
+    apiKey: '***'
+    #> Key name (for logging and debugging)
+    apiKeyName: '***'
+    #> Override base URL for OpenAI-compatible providers (Azure, local LLMs, proxies)
+    baseURL: ''
+    #> -------------------------------------------------------------------------
+    #> When true, baseURL and apiKey are sent to the Agent Tester UI as defaults
+    #> and auto-saved into the browser's localStorage on first open. The UI shows
+    #> them in the LLM Settings dialog. Enable only if the tester is protected by
+    #> useAuth=true OR deployed in a trusted network — otherwise anyone who opens
+    #> /agent-tester can read the key. Default: false (safe).
+    #> -------------------------------------------------------------------------
+    exposeToClient: false
+
+
+  #> Key-value pairs for HTTP requests that should be auto-populated in agentTester
+  #> Example: X-User-Id: 12345
+  httpHeaders:
+
+#> --------------------------------------------------
+#> CACHING Reduces API calls by caching responses
+#> --------------------------------------------------
+cache:
+  #> Time in seconds to check all data and delete expired keys
+  checkPeriod: 1200
+  #> Default maximum number of cached items
+  maxItems: 1000
+  #> Default Cache TTL in seconds
+  ttlSeconds: 300
+
+
+#> Consul service discovery and registration settings
+consul:
+  #> Health check parameters reported to Consul for this service
+  check:
+    #> How often Consul invokes the health check
+    interval: '10s'
+    #> Per-attempt timeout for the health check
+    timeout: '5s'
+    #> Auto-deregister the service after it has been critical for this duration
+    deregistercriticalserviceafter: '3m'
+  agent:
+    #> Credentials for getting information about services in the DEV DC
+    dev:
+      #> DEV datacenter name
+      dc: '{{consul.agent.dev.dc}}'
+      #> DEV consul agent host
+      host: '{{consul.agent.dev.host}}'
+      #> DEV consul agent port
+      port: 443
+      #> Use HTTPS for the DEV consul agent
+      secure: true
+      #> Token for getting information about DEV services
+      token: '***'
+    #> Credentials for getting information about services in the PROD DC
+    prd:
+      #> PROD datacenter name
+      dc: '{{consul.agent.prd.dc}}'
+      #> PROD consul agent host
+      host: '{{consul.agent.prd.host}}'
+      #> PROD consul agent port
+      port: 443
+      #> Use HTTPS for the PROD consul agent
+      secure: true
+      #> Token for obtaining information about PROD services
+      token: '***'
+    #> Credentials for registering the service with Consul
+    reg:
+      #> The host of the consul agent where the service will be registered.
+      #> If not specified, the server on which the service is running is used
+      host: null
+      #> Consul agent port for registration
+      port: 8500
+      #> Use HTTPS when calling the registration agent
+      secure: false
+      #> Token for registering the service in the consul agent
+      token: '***'
+  service:
+    #> true — Allows registration of the service with the consul
+    enable: {{consul.service.enable}}
+    #> Here you can specify an alternative name for the service.
+    #> String "<name>" will be replaced by env SERVICE_NAME | <package.json>.name at initialization
+    name: <name>
+    #> This value will be specified as a suffix in the id of the service
+    instance: '{{SERVICE_INSTANCE}}'
+    #> String "<version>" will be replaced by <package.json>.version at initialization
+    version: <version>
+    #> Here you can specify an alternative name description.
+    #> String "<description>" will be replaced by <package.json>.description at initialization
+    description: <description>
+    #> If null or empty array — Will be pulled up from package.keywords at initialization
+    tags: [ ]
+    #> Arbitrary metadata published with the service registration
+    meta:
+      #> "Home" page link template
+      who: 'http://{address}:{port}/'
+  #> Used to generate the service ID
+  envCode:
+    #> Production environment code
+    prod: '{{consul.envCode.prod}}'
+    #> Development environment code
+    dev: '{{consul.envCode.dev}}'
+
+#> Database connections used by the service
+db:
+  #> PostgreSQL connection pool definitions
+  postgres:
+    #> Map of named PostgreSQL databases (key is a logical alias used in code)
+    dbs:
+      main:
+        #> Human-readable label shown in diagnostics and admin pages
+        label: 'My Database'
+        #> To exclude the use of the database, you need to set host = ''
+        host: ''
+        #> PostgreSQL server port
+        port: 5432
+        #> Database name
+        database: <database>
+        #> Database user
+        user: <user>
+        #> Database password
+        password: <password>
+        #> List of PostgreSQL extensions required by the service (e.g., 'pgvector', 'uuid-ossp')
+        usedExtensions: []
+        #  - pgvector
+
+
+#> Logging configuration (tslog-based)
+logger:
+  #> Minimum log level: silly | trace | debug | info | warn | error | fatal
+  level: info
+  #> To use or not to use logging to a file
+  useFileLogger: {{logger.useFileLogger}}
+  #> Absolute path to the folder where logs will be written. Default <proj_root>/../logs
+  dir: '{{logger.dir}}'
+
+#> MCP (Model Context Protocol) server settings
+mcp:
+  #> Transport for the MCP server: stdio | http
+  transportType: http
+  #> Response format configuration.
+  #> - structuredContent — default — the response in result.structuredContent returns JSON
+  #> - text — in the response, serialized JSON is returned in result.content[0].text
+  toolAnswerAs: text
+  #> Per-client request rate limiting for the MCP endpoint
+  rateLimit:
+    #> Maximum number of requests allowed within windowMs
+    maxRequests: 100
+    #> Rate limit window length in milliseconds (1 minute)
+    windowMs: 60000
+
+#> Swagger / OpenAPI documentation settings
+swagger:
+  #> An array of servers that will be added to swagger docs
+  servers:
+    # - url: http://localhost:{{port}}
+    #   description: "Development server (localhost)"
+    # - url: http://0.0.0.0:{{port}}
+    #   description: "Development server (all interfaces)"
+    # - url: http://<prod_server_host_or_ip>:{{port}}
+    #   description: "PROD server"
+    - url: https://{{mcp.domain}}
+      description: "PROD server"
+
+#> Service home page (`/`) customization
+homePage:
+  #> Optional help link rendered in the home page footer
+  helpLink:
+    #> If empty — help link is not shown in footer
+    url: ''
+    #> Link text (default: "Help")
+    label: 'Help'
+
+#> UI theme overrides for built-in pages (home, admin, agent-tester)
+uiColor:
+  #> Font color of the header and a number of interface elements on the HOME page
+  primary: '#0f65dc'
+
+#> HTTP server hosting MCP, admin panel, agent tester, swagger and health endpoints
+webServer:
+  #> Bind address for the HTTP server
+  host: '0.0.0.0'
+  #> TCP port for the HTTP server
+  port: {{port}}
+  #> Array of hosts that CORS skips
+  originHosts: [ 'localhost', '0.0.0.0' ]
+  #> ========================================================================
+  #> Authentication is configured here only when accessing the MCP server.
+  #> Authentication in services that enable tools, resources, and prompts
+  #> is implemented more deeply. To do this, you need to use the information passed in HTTP headers.
+  #> You can also use a custom authorization function.
+  #> ========================================================================
+  auth:
+    #> Enables/disables authorization
+    enabled: false
+    #> ========================================================================
+    #> PERMANENT SERVER TOKENS
+    #> Static tokens for server-to-server communication
+    #> CPU cost: O(1) — fastest authentication method
+    #>
+    #> To enable this authentication, you need to set auth.enabled = true
+    #> and set one token of at least 20 characters in length
+    #> ========================================================================
+    #> Add your server tokens here: ['token1', 'token2']
+    permanentServerTokens: [ ]
+
+    #> ========================================================================
+    #> JWT TOKEN WITH SYMMETRIC ENCRYPTION
+    #> Custom JWT tokens with AES-256 encryption
+    #> CPU cost: Medium — decryption + JSON parsing
+    #>
+    #> To enable this authentication, you need to set auth.enabled = true and set
+    #> encryptKey to at least 20 characters
+    #> ========================================================================
+    jwtToken:
+      #> Symmetric encryption key to generate a token for this MCP (minimum 8 chars)
+      encryptKey: '***'
+      #> If webServer.auth.enabled and the parameter true, the service name and the service specified in the token will be checked
+      checkMCPName: true
+      #> If true and JWT token contains non-empty 'ip' field,
+      #> the client IP will be checked against the allowed list in the token
+      isCheckIP: false
+
+    #> ========================================================================
+    #> Basic Authentication — Base64 encoded username:password
+    #> CPU cost: Medium — Base64 decoding + string comparison
+    #> To enable this authentication, you need to set auth.enabled = true
+    #> and set username and password to valid values
+    #> ========================================================================
+    basic:
+      #> Username for HTTP Basic auth
+      username: ''
+      #> Password for HTTP Basic auth
+      password: '***'
+
+  #> ========================================================================
+  #> ADMIN PANEL AUTHENTICATION
+  #> Token generation page available at /admin endpoint
+  #> Supports 4 authentication methods: permanentServerTokens, basic, jwtToken, ntlm
+  #> ========================================================================
+  adminAuth:
+    #> Enable/disable admin panel
+    enabled: true
+    #> Authentication type for admin panel: 'permanentServerTokens' | 'basic' | 'jwtToken' | 'ntlm'
+    #> For permanentServerTokens, basic, jwtToken — uses credentials from webServer.auth section
+    #> For ntlm — uses AD configuration from ad.domains section (no additional credentials needed)
+    type: 'basic'

package/config/local.yaml

@@ -4,9 +4,10 @@ agentTester:
   showFooterLink: true  # true (default) — show Agent Tester link in home page footer; false — hide link without disabling tester
   useAuth: true
   openAi:
-    apiKey: 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
+    apiKey: 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
     apiKeyName: oai-aite-vvmakarov
     baseURL: ''
+    exposeToClient: false
 
 ad:
   domains:
@@ -95,6 +96,9 @@ webServer:
       encryptKey: '66666666-7777-8888-9999-000000000000'
       # If webServer.auth.enabled and the parameter true, the service name and the service specified in the token will be checked
       checkMCPName: true
+      # If true and JWT token contains non-empty 'ip' field,
+      # the client IP will be checked against the allowed list in the token
+      isCheckIP: false
     basic:
       username: vpupkin
       password: '1'

package/dist/core/_types_/config.d.ts

@@ -61,6 +61,7 @@ interface IAgentTesterConfig {
         openAi?: {
             apiKey: string;
             baseURL?: string;
+            exposeToClient?: boolean;
         };
         httpHeaders?: Record<string, string>;
     };

package/dist/core/_types_/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/core/_types_/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE3D,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AAGzD,UAAU,gBAAgB;IACxB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,IAAI,EAAE;YACJ,OAAO,EAAE,OAAO,CAAC;YACjB,KAAK,CAAC,EAAE;gBACN,QAAQ,EAAE,MAAM,CAAC;gBACjB,QAAQ,EAAE,MAAM,CAAC;aAClB,CAAC;YACF,QAAQ,EAAE;gBACR,UAAU,EAAE,MAAM,CAAC;gBACnB,YAAY,EAAE,OAAO,CAAC;gBACtB,SAAS,EAAE,OAAO,CAAC;aACpB,CAAA;YACD,qBAAqB,EAAE,MAAM,EAAE,CAAC;SACjC,CAAC;QACF,SAAS,EAAE;YACT,OAAO,EAAE,OAAO,CAAC;YACjB,IAAI,EAAE,uBAAuB,GAAG,OAAO,GAAG,UAAU,GAAG,MAAM,CAAC;SAC/D,CAAC;KACH,CAAA;CACF;AAGD,UAAU,aAAa;IACrB,MAAM,EAAE;QACN,KAAK,EAAE,aAAa,CAAC;QACrB,aAAa,EAAE,OAAO,CAAC;QACvB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAA;CACF;AAED,UAAU,UAAU;IAClB,GAAG,EAAE;QACH,SAAS,EAAE;YACT,WAAW,EAAE,MAAM,CAAC;YACpB,QAAQ,EAAE,MAAM,CAAC;SAClB,CAAC;QACF,YAAY,EAAE,MAAM,GAAG,mBAAmB,CAAA;QAC1C,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;KACjC,CAAA;CACF;AAED,UAAU,cAAc;IACtB,OAAO,EAAE;QACP,OAAO,CAAC,EAAE;YACR,GAAG,EAAE,MAAM,CAAC;YACZ,WAAW,EAAE,MAAM,CAAC;SACrB,EAAE,CAAC;KACL,CAAA;CACF;AAED,UAAU,kBAAkB;IAC1B,WAAW,CAAC,EAAE;QACZ,OAAO,EAAE,OAAO,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,OAAO,EAAE,OAAO,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,MAAM,CAAC,EAAE;YACP,MAAM,EAAE,MAAM,CAAC;YACf,OAAO,CAAC,EAAE,MAAM,CAAC;SAClB,CAAC;QACF,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACtC,CAAA;CACF;AAED,UAAU,eAAe;IACvB,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE;YACT,GAAG,EAAE,MAAM,CAAC;YACZ,KAAK,CAAC,EAAE,MAAM,CAAC;SAChB,CAAC;KACH,CAAC;CACH;AAED,UAAU,YAAY;IACpB,KAAK,EAAE;QACL,UAAU,EAAE,GAAG,CAAC;QAChB,QAAQ,EAAE,IAAI,CAAC;KAChB,CAAA;CACF;AAED,MAAM,WAAW,SAAU,SAAQ,SAAS,EAC1C,YAAY,EACZ,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,kBAAkB,EAClB,eAAe;IAEf,YAAY,EAAE,OAAO,CAAC;IAEtB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IAEpB,YAAY,EAAE,aAAa,CAAC;IAC5B,MAAM,EAAE,eAAe,GAAG;QACxB,OAAO,EAAE;YACP,IAAI,EAAE,MAAM,CAAC;YACb,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,OAAO,EAAE,MAAM,CAAC;KACjB,CAAA;CACF"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/core/_types_/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE3D,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AAGzD,UAAU,gBAAgB;IACxB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,IAAI,EAAE;YACJ,OAAO,EAAE,OAAO,CAAC;YACjB,KAAK,CAAC,EAAE;gBACN,QAAQ,EAAE,MAAM,CAAC;gBACjB,QAAQ,EAAE,MAAM,CAAC;aAClB,CAAC;YACF,QAAQ,EAAE;gBACR,UAAU,EAAE,MAAM,CAAC;gBACnB,YAAY,EAAE,OAAO,CAAC;gBACtB,SAAS,EAAE,OAAO,CAAC;aACpB,CAAA;YACD,qBAAqB,EAAE,MAAM,EAAE,CAAC;SACjC,CAAC;QACF,SAAS,EAAE;YACT,OAAO,EAAE,OAAO,CAAC;YACjB,IAAI,EAAE,uBAAuB,GAAG,OAAO,GAAG,UAAU,GAAG,MAAM,CAAC;SAC/D,CAAC;KACH,CAAA;CACF;AAGD,UAAU,aAAa;IACrB,MAAM,EAAE;QACN,KAAK,EAAE,aAAa,CAAC;QACrB,aAAa,EAAE,OAAO,CAAC;QACvB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAA;CACF;AAED,UAAU,UAAU;IAClB,GAAG,EAAE;QACH,SAAS,EAAE;YACT,WAAW,EAAE,MAAM,CAAC;YACpB,QAAQ,EAAE,MAAM,CAAC;SAClB,CAAC;QACF,YAAY,EAAE,MAAM,GAAG,mBAAmB,CAAA;QAC1C,aAAa,EAAE,OAAO,GAAG,MAAM,CAAC;KACjC,CAAA;CACF;AAED,UAAU,cAAc;IACtB,OAAO,EAAE;QACP,OAAO,CAAC,EAAE;YACR,GAAG,EAAE,MAAM,CAAC;YACZ,WAAW,EAAE,MAAM,CAAC;SACrB,EAAE,CAAC;KACL,CAAA;CACF;AAED,UAAU,kBAAkB;IAC1B,WAAW,CAAC,EAAE;QACZ,OAAO,EAAE,OAAO,CAAC;QACjB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,OAAO,EAAE,OAAO,CAAC;QACjB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,MAAM,CAAC,EAAE;YACP,MAAM,EAAE,MAAM,CAAC;YACf,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACtC,CAAA;CACF;AAED,UAAU,eAAe;IACvB,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE;YACT,GAAG,EAAE,MAAM,CAAC;YACZ,KAAK,CAAC,EAAE,MAAM,CAAC;SAChB,CAAC;KACH,CAAC;CACH;AAED,UAAU,YAAY;IACpB,KAAK,EAAE;QACL,UAAU,EAAE,GAAG,CAAC;QAChB,QAAQ,EAAE,IAAI,CAAC;KAChB,CAAA;CACF;AAED,MAAM,WAAW,SAAU,SAAQ,SAAS,EAC1C,YAAY,EACZ,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,kBAAkB,EAClB,eAAe;IAEf,YAAY,EAAE,OAAO,CAAC;IAEtB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IAEpB,YAAY,EAAE,aAAa,CAAC;IAC5B,MAAM,EAAE,eAAe,GAAG;QACxB,OAAO,EAAE;YACP,IAAI,EAAE,MAAM,CAAC;YACb,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;IACF,OAAO,EAAE;QACP,OAAO,EAAE,MAAM,CAAC;KACjB,CAAA;CACF"}

package/dist/core/agent-tester/agent-tester-router.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"agent-tester-router.d.ts","sourceRoot":"","sources":["../../../src/core/agent-tester/agent-tester-router.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AA4BjC,wBAAgB,uBAAuB,CAAE,OAAO,GAAE;IAChD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAC3C,GAAG,MAAM,CAkQd"}
+{"version":3,"file":"agent-tester-router.d.ts","sourceRoot":"","sources":["../../../src/core/agent-tester/agent-tester-router.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AA4BjC,wBAAgB,uBAAuB,CAAE,OAAO,GAAE;IAChD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAC3C,GAAG,MAAM,CAwQd"}

package/dist/core/agent-tester/agent-tester-router.js

@@ -62,10 +62,16 @@ export function createAgentTesterRouter(options = {}) {
     // ===== Config API =====
     // API: Get default config (port, MCP URL)
     router.get('/api/config', (req, res) => {
+        const openAi = appConfig.agentTester?.openAi;
+        const expose = !!openAi?.exposeToClient;
         res.json({
             defaultMcpUrl: options.defaultMcpUrl || null,
             authEnabled: !!appConfig.webServer?.auth?.enabled,
             httpHeaders: appConfig.agentTester?.httpHeaders || {},
+            llmDefaults: {
+                baseURL: expose ? (openAi?.baseURL || '') : '',
+                apiKey: expose ? (openAi?.apiKey || '') : '',
+            },
         });
     });
     // API: Get auth token for auto-fill (MCP server Authorization header)