kavachos 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/dist/agent/index.d.ts +4 -5
  2. package/dist/agent/index.js +2 -2
  3. package/dist/audit/index.d.ts +3 -4
  4. package/dist/audit/index.js +2 -2
  5. package/dist/auth/index.d.ts +1719 -2
  6. package/dist/auth/index.js +2 -1
  7. package/dist/{chunk-I4J4KKKK.js → chunk-5DT4DN4Y.js} +9 -3
  8. package/dist/chunk-5DT4DN4Y.js.map +1 -0
  9. package/dist/chunk-KL6XW4S4.js +10774 -0
  10. package/dist/chunk-KL6XW4S4.js.map +1 -0
  11. package/dist/{chunk-DEVV32BE.js → chunk-OVGNZ5OX.js} +3 -3
  12. package/dist/{chunk-DEVV32BE.js.map → chunk-OVGNZ5OX.js.map} +1 -1
  13. package/dist/{chunk-N7VZO6SP.js → chunk-SJGSPIAD.js} +3 -3
  14. package/dist/{chunk-N7VZO6SP.js.map → chunk-SJGSPIAD.js.map} +1 -1
  15. package/dist/chunk-V66UUIA7.js +480 -0
  16. package/dist/chunk-V66UUIA7.js.map +1 -0
  17. package/dist/index.d.ts +1125 -14
  18. package/dist/index.js +2986 -111
  19. package/dist/index.js.map +1 -1
  20. package/dist/mcp/index.d.ts +2 -2
  21. package/dist/permission/index.d.ts +4 -5
  22. package/dist/permission/index.js +2 -2
  23. package/dist/types-Xk83hv4O.d.ts +7759 -0
  24. package/dist/{types-B4sQA44H.d.ts → types-mwupB57A.d.ts} +5 -5
  25. package/package.json +1 -1
  26. package/dist/chunk-7RKVTHFC.js +0 -96
  27. package/dist/chunk-7RKVTHFC.js.map +0 -1
  28. package/dist/chunk-I4J4KKKK.js.map +0 -1
  29. package/dist/chunk-UEE7OYLG.js +0 -161
  30. package/dist/chunk-UEE7OYLG.js.map +0 -1
  31. package/dist/types-WP-mKSdQ.d.ts +0 -2349
  32. package/dist/types-_7hIICee.d.ts +0 -52
package/dist/auth/index.js CHANGED
@@ -1,4 +1,5 @@
1
- export { bearerAuth, customAuth, headerAuth } from '../chunk-7RKVTHFC.js';
1
+ export { HibpApiError, HibpBreachedError, OAuthProxyError, OneTapVerifyError, SSO_ERROR, SsoError, additionalFields, admin, anonymousAuth, apiKeys, bearerAuth, createAdditionalFieldsModule, createAdminModule, createAnonymousAuthModule, createApiKeyManagerModule, createCaptchaModule, createCustomSessionModule, createDeviceAuthModule, createEmailOtpModule, createGdprModule, createHibpModule, createJwtSessionModule, createLastLoginModule, createMagicLinkModule, createOAuthProxyModule, createOidcProviderModule, createOneTapModule, createOneTimeTokenModule, createOpenApiModule, createOrgModule, createPasskeyModule, createPhoneAuthModule, createPolarModule, createRateLimiter, createScimModule, createSiweModule, createSsoModule, createStripeModule, createTotpModule, createTrustedDeviceModule, createUsernameAuthModule, createWebhookModule, customAuth, customSession, deviceAuth, deviceLabelFromRequest, emailOtp, gdpr, headerAuth, magicLink, oauthProxy, oneTap, organization, passkey, polar, scim, siwe, stripe, twoFactor, withRateLimit } from '../chunk-KL6XW4S4.js';
2
+ import '../chunk-V66UUIA7.js';
2
3
  import '../chunk-PZ5AY32C.js';
3
4
  //# sourceMappingURL=index.js.map
4
5
  //# sourceMappingURL=index.js.map
package/dist/{chunk-I4J4KKKK.js → chunk-5DT4DN4Y.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { agents, permissions } from './chunk-UEE7OYLG.js';
1
+ import { agents, permissions } from './chunk-V66UUIA7.js';
2
2
  import { randomUUID, createHash, randomBytes } from 'crypto';
3
3
  import { and, eq } from 'drizzle-orm';
4
4
 
@@ -41,6 +41,7 @@ function createAgentModule(config) {
41
41
  await db.insert(agents).values({
42
42
  id,
43
43
  ownerId: input.ownerId,
44
+ tenantId: input.tenantId ?? null,
44
45
  name: input.name,
45
46
  type: input.type,
46
47
  status: "active",
@@ -66,6 +67,7 @@ function createAgentModule(config) {
66
67
  return {
67
68
  id,
68
69
  ownerId: input.ownerId,
70
+ tenantId: input.tenantId,
69
71
  name: input.name,
70
72
  type: input.type,
71
73
  token,
@@ -84,6 +86,7 @@ function createAgentModule(config) {
84
86
  return {
85
87
  id: agent.id,
86
88
  ownerId: agent.ownerId,
89
+ tenantId: agent.tenantId ?? void 0,
87
90
  name: agent.name,
88
91
  type: agent.type,
89
92
  token: "",
@@ -99,6 +102,7 @@ function createAgentModule(config) {
99
102
  let query = db.select().from(agents).$dynamic();
100
103
  const conditions = [];
101
104
  if (filter?.userId) conditions.push(eq(agents.ownerId, filter.userId));
105
+ if (filter?.tenantId) conditions.push(eq(agents.tenantId, filter.tenantId));
102
106
  if (filter?.status) conditions.push(eq(agents.status, filter.status));
103
107
  if (filter?.type) conditions.push(eq(agents.type, filter.type));
104
108
  if (conditions.length > 0) {
@@ -114,6 +118,7 @@ function createAgentModule(config) {
114
118
  return rows.map((agent) => ({
115
119
  id: agent.id,
116
120
  ownerId: agent.ownerId,
121
+ tenantId: agent.tenantId ?? void 0,
117
122
  name: agent.name,
118
123
  type: agent.type,
119
124
  token: "",
@@ -183,6 +188,7 @@ function createAgentModule(config) {
183
188
  return {
184
189
  id: agent.id,
185
190
  ownerId: agent.ownerId,
191
+ tenantId: agent.tenantId ?? void 0,
186
192
  name: agent.name,
187
193
  type: agent.type,
188
194
  token: "",
@@ -204,5 +210,5 @@ function toPermission(row) {
204
210
  }
205
211
 
206
212
  export { createAgentModule };
207
- //# sourceMappingURL=chunk-I4J4KKKK.js.map
208
- //# sourceMappingURL=chunk-I4J4KKKK.js.map
213
+ //# sourceMappingURL=chunk-5DT4DN4Y.js.map
214
+ //# sourceMappingURL=chunk-5DT4DN4Y.js.map
package/dist/chunk-5DT4DN4Y.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/agent/agent.ts"],"names":[],"mappings":";;;;AA0BA,SAAS,kBAAA,GAAsE;AAC9E,EAAA,MAAM,UAAA,GAAa,YAAY,EAAE,CAAA;AACjC,EAAA,MAAM,KAAA,GAAQ,CAAA,GAAA,EAAM,UAAA,CAAW,QAAA,CAAS,WAAW,CAAC,CAAA,CAAA;AACpD,EAAA,MAAM,IAAA,GAAO,WAAW,QAAQ,CAAA,CAAE,OAAO,KAAK,CAAA,CAAE,OAAO,KAAK,CAAA;AAC5D,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA;AAChC,EAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAO;AAC9B;AAEA,SAAS,iBAAiB,MAAA,EAAsB;AAC/C,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,iBAAiB,CAAA;AAC5C,EAAA,IAAI,CAAC,KAAA,EAAO;AACX,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAgC,MAAM,CAAA,qCAAA,CAAuC,CAAA;AAAA,EAC9F;AACA,EAAA,MAAM,QAAQ,MAAA,CAAO,QAAA,CAAS,KAAA,CAAM,CAAC,GAAa,EAAE,CAAA;AACpD,EAAA,MAAM,IAAA,GAAO,MAAM,CAAC,CAAA;AACpB,EAAA,MAAM,WAAA,GAAsC;AAAA,IAC3C,CAAA,EAAG,GAAA;AAAA,IACH,GAAG,EAAA,GAAK,GAAA;AAAA,IACR,CAAA,EAAG,KAAK,EAAA,GAAK,GAAA;AAAA,IACb,CAAA,EAAG,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;AAAA,GACnB;AACA,EAAA,OAAO,IAAI,IAAA,CAAK,GAAA,GAAM,SAAS,WAAA,CAAY,IAAc,KAAK,CAAA,CAAE,CAAA;AACjE;AAMO,SAAS,kBAAkB,MAAA,EAA2B;AAC5D,EAAA,MAAM,EAAE,EAAA,EAAI,UAAA,EAAY,WAAA,EAAY,GAAI,MAAA;AAExC,EAAA,eAAe,OAAO,KAAA,EAAqE;AAE1F,IAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CACrB,MAAA,GACA,IAAA,CAAK,MAAM,EACX,KAAA,CAAM,GAAA,CAAI,GAAG,MAAA,CAAO,OAAA,EAAS,MAAM,OAAO,CAAA,EAAG,GAAG,MAAA,CAAO,MAAA,EAAQ,QAAQ,CAAC,CAAC,CAAA;AAE3E,IAAA,IAAI,QAAA,CAAS,UAAU,UAAA,EAAY;AAClC,MAAA,MAAM,IAAI,KAAA;AAAA,QACT,CAAA,KAAA,EAAQ,KAAA,CAAM,OAAO,CAAA,4BAAA,EAA+B,UAAU,CAAA,eAAA;AAAA,OAC/D;AAAA,IACD;AAEA,IAAA,MAAM,KAAK,UAAA,EAAW;AACtB,IAAA,MAAM,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,KAAW,kBAAA,EAAmB;AACnD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AACrB,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,SAAA,IAAa,gBAAA,CAAiB,WAAW,CAAA;AAG/D,IAAA,MAAM,EAAA,CAAG,MAAA,CAAO,MAAM,CAAA,CAAE,MAAA,CAAO;AAAA,MAC9B,EAAA;AAAA,MACA,SAAS,KAAA,CAAM,OAAA;AAAA,MACf,QAAA,EAAU,MAAM,QAAA,IAAY,IAAA;AAAA,MAC5B,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAA,EAAQ,QAAA;AAAA,MACR,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa,MAAA;AAAA,MACb,SAAA,EAAW,OAAA;AAAA,MACX,QAAA,EAAU,KAAA,CAAM,QAAA,IAAY,EAAC;AAAA,MAC7B,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACX,CAAA;AAGD,IAAA,IAAI,KAAA,CAAM,WAAA,CAAY,MAAA,GAAS,CAAA,EAAG;AACjC,MAAA,MAAM,EAAA,CAAG,MAAA,CAAO,WAAW,CAAA,CAAE,MAAA;AAAA,QAC5B,KAAA,CAAM,WAAA,CAAY,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAC7B,IAAI,UAAA,EAAW;AAAA,UACf,OAAA,EAAS,EAAA;AAAA,UACT,UAAU,CAAA,CAAE,QAAA;AAAA,UACZ,SAAS,CAAA,CAAE,OAAA;AAAA,UACX,WAAA,EAAa,EAAE,WAAA,IAAe,IAAA;AAAA,UAC9B,SAAA,EAAW;AAAA,SACZ,CAAE;AAAA,OACH;AAAA,IACD;AAEA,IAAA,OAAO;AAAA,MACN,EAAA;AAAA,MACA,SAAS,KAAA,CAAM,OAAA;AAAA,MACf,UAAU,KAAA,CAAM,QAAA;AAAA,MAChB,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA;AAAA,MACA,aAAa,KAAA,CAAM,WAAA;AAAA,MACnB,MAAA,EAAQ,QAAA;AAAA,MACR,SAAA,EAAW,OAAA;AAAA,MACX,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA,KACZ;AAAA,EACD;AAEA,EAAA,eAAe,IAAI,OAAA,EAAgD;AAClE,IAAA,MAAM,OAAO,MAAM,EAAA,CAAG,MAAA,EAAO,CAAE,KAAK,MAAM,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,OAAO,EAAA,EAAI,OAAO,CAAC,CAAA,CAAE,MAAM,CAAC,CAAA;AACjF,IAAA,MAAM,KAAA,GAAQ,KAAK,CAAC,CAAA;AACpB,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AAEnB,IAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,MAAA,EAAO,CAAE,IAAA,CAAK,WAAW,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,WAAA,CAAY,OAAA,EAAS,OAAO,CAAC,CAAA;AAExF,IAAA,OAAO;AAAA,MACN,IAAI,KAAA,CAAM,EAAA;AAAA,MACV,SAAS,KAAA,CAAM,OAAA;AAAA,MACf,QAAA,EAAU,MAAM,QAAA,IAAY,MAAA;AAAA,MAC5B,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA,EAAO,EAAA;AAAA;AAAA,MACP,WAAA,EAAa,KAAA,CAAM,GAAA,CAAI,YAAY,CAAA;AAAA,MACnC,QAAQ,KAAA,CAAM,MAAA;AAAA,MACd,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM;AAAA,KAClB;AAAA,EACD;AAEA,EAAA,eAAe,KAAK,MAAA,EAAgD;AACnE,IAAA,IAAI,QAAQ,EAAA,CAAG,MAAA,GAAS,IAAA,CAAK,MAAM,EAAE,QAAA,EAAS;AAE9C,IAAA,MAAM,aAAa,EAAC;AACpB,IAAA,IAAI,MAAA,EAAQ,QAAQ,UAAA,CAAW,IAAA,CAAK,GAAG,MAAA,CAAO,OAAA,EAAS,MAAA,CAAO,MAAM,CAAC,CAAA;AACrE,IAAA,IAAI,MAAA,EAAQ,UAAU,UAAA,CAAW,IAAA,CAAK,GAAG,MAAA,CAAO,QAAA,EAAU,MAAA,CAAO,QAAQ,CAAC,CAAA;AAC1E,IAAA,IAAI,MAAA,EAAQ,QAAQ,UAAA,CAAW,IAAA,CAAK,GAAG,MAAA,CAAO,MAAA,EAAQ,MAAA,CAAO,MAAM,CAAC,CAAA;AACpE,IAAA,IAAI,MAAA,EAAQ,MAAM,UAAA,CAAW,IAAA,CAAK,GAAG,MAAA,CAAO,IAAA,EAAM,MAAA,CAAO,IAAI,CAAC,CAAA;AAE9D,IAAA,IAAI,UAAA,CAAW,SAAS,CAAA,EAAG;AAC1B,MAAA,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,GAAA,CAAI,GAAG,UAAU,CAAC,CAAA;AAAA,IACvC;AAEA,IAAA,MAAM,OAAO,MAAM,KAAA;AAGnB,IAAA,MAAM,WAAW,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,EAAE,CAAA;AACrC,IAAA,MAAM,YAAA,uBAAmB,GAAA,EAA0B;AACnD,IAAA,KAAA,MAAW,MAAM,QAAA,EAAU;AAC1B,MAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,MAAA,EAAO,CAAE,IAAA,CAAK,WAAW,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,WAAA,CAAY,OAAA,EAAS,EAAE,CAAC,CAAA;AACnF,MAAA,YAAA,CAAa,GAAA,CAAI,EAAA,EAAI,KAAA,CAAM,GAAA,CAAI,YAAY,CAAC,CAAA;AAAA,IAC7C;AAEA,IAAA,OAAO,IAAA,CAAK,GAAA,CAAI,CAAC,KAAA,MAAW;AAAA,MAC3B,IAAI,KAAA,CAAM,EAAA;AAAA,MACV,SAAS,KAAA,CAAM,OAAA;AAAA,MACf,QAAA,EAAU,MAAM,QAAA,IAAY,MAAA;AAAA,MAC5B,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA,EAAO,EAAA;AAAA,MACP,aAAa,YAAA,CAAa,GAAA,CAAI,KAAA,CAAM,EAAE,KAAK,EAAC;AAAA,MAC5C,QAAQ,KAAA,CAAM,MAAA;AAAA,MACd,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM;AAAA,KAClB,CAAE,CAAA;AAAA,EACH;AAEA,EAAA,eAAe,MAAA,CAAO,SAAiB,KAAA,EAAiD;AACvF,IAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,OAAO,CAAA;AAClC,IAAA,IAAI,CAAC,QAAA,EAAU,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,WAAA,CAAa,CAAA;AAE5D,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AAErB,IAAA,MAAM,EAAA,CACJ,MAAA,CAAO,MAAM,CAAA,CACb,GAAA,CAAI;AAAA,MACJ,IAAA,EAAM,KAAA,CAAM,IAAA,IAAQ,QAAA,CAAS,IAAA;AAAA,MAC7B,SAAA,EAAW,KAAA,CAAM,SAAA,IAAa,QAAA,CAAS,SAAA;AAAA,MACvC,UAAU,KAAA,CAAM,QAAA;AAAA,MAChB,SAAA,EAAW;AAAA,KACX,CAAA,CACA,KAAA,CAAM,GAAG,MAAA,CAAO,EAAA,EAAI,OAAO,CAAC,CAAA;AAG9B,IAAA,IAAI,MAAM,WAAA,EAAa;AACtB,MAAA,MAAM,EAAA,CAAG,OAAO,WAAW,CAAA,CAAE,MAAM,EAAA,CAAG,WAAA,CAAY,OAAA,EAAS,OAAO,CAAC,CAAA;AACnE,MAAA,IAAI,KAAA,CAAM,WAAA,CAAY,MAAA,GAAS,CAAA,EAAG;AACjC,QAAA,MAAM,EAAA,CAAG,MAAA,CAAO,WAAW,CAAA,CAAE,MAAA;AAAA,UAC5B,KAAA,CAAM,WAAA,CAAY,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YAC7B,IAAI,UAAA,EAAW;AAAA,YACf,OAAA;AAAA,YACA,UAAU,CAAA,CAAE,QAAA;AAAA,YACZ,SAAS,CAAA,CAAE,OAAA;AAAA,YACX,WAAA,EAAa,EAAE,WAAA,IAAe,IAAA;AAAA,YAC9B,SAAA,EAAW;AAAA,WACZ,CAAE;AAAA,SACH;AAAA,MACD;AAAA,IACD;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,GAAA,CAAI,OAAO,CAAA;AACjC,IAAA,IAAI,CAAC,OAAA,EAAS,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,0BAAA,CAA4B,CAAA;AAC1E,IAAA,OAAO,OAAA;AAAA,EACR;AAEA,EAAA,eAAe,OAAO,OAAA,EAAgC;AACrD,IAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,OAAO,CAAA;AAClC,IAAA,IAAI,CAAC,QAAA,EAAU,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,WAAA,CAAa,CAAA;AAE5D,IAAA,MAAM,GACJ,MAAA,CAAO,MAAM,EACb,GAAA,CAAI,EAAE,QAAQ,SAAA,EAAW,SAAA,sBAAe,IAAA,EAAK,EAAG,CAAA,CAChD,KAAA,CAAM,GAAG,MAAA,CAAO,EAAA,EAAI,OAAO,CAAC,CAAA;AAAA,EAC/B;AAEA,EAAA,eAAe,OAAO,OAAA,EAA6D;AAClF,IAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,OAAO,CAAA;AAClC,IAAA,IAAI,CAAC,QAAA,EAAU,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,WAAA,CAAa,CAAA;AAC5D,IAAA,IAAI,SAAS,MAAA,KAAW,QAAA;AACvB,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,wBAAA,EAA2B,QAAA,CAAS,MAAM,CAAA,OAAA,CAAS,CAAA;AAEpE,IAAA,MAAM,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,KAAW,kBAAA,EAAmB;AACnD,IAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AAErB,IAAA,MAAM,GACJ,MAAA,CAAO,MAAM,EACb,GAAA,CAAI,EAAE,WAAW,IAAA,EAAM,WAAA,EAAa,QAAQ,SAAA,EAAW,GAAA,EAAK,CAAA,CAC5D,KAAA,CAAM,GAAG,MAAA,CAAO,EAAA,EAAI,OAAO,CAAC,CAAA;AAE9B,IAAA,OAAO,EAAE,GAAG,QAAA,EAAU,KAAA,EAAO,WAAW,GAAA,EAAI;AAAA,EAC7C;AAMA,EAAA,eAAe,cAAc,KAAA,EAA8C;AAC1E,IAAA,MAAM,IAAA,GAAO,WAAW,QAAQ,CAAA,CAAE,OAAO,KAAK,CAAA,CAAE,OAAO,KAAK,CAAA;AAC5D,IAAA,MAAM,OAAO,MAAM,EAAA,CAAG,MAAA,EAAO,CAAE,KAAK,MAAM,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,OAAO,SAAA,EAAW,IAAI,CAAC,CAAA,CAAE,MAAM,CAAC,CAAA;AACrF,IAAA,MAAM,KAAA,GAAQ,KAAK,CAAC,CAAA;AACpB,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AAGnB,IAAA,IAAI,KAAA,CAAM,MAAA,KAAW,QAAA,EAAU,OAAO,IAAA;AAGtC,IAAA,IAAI,MAAM,SAAA,IAAa,KAAA,CAAM,SAAA,mBAAY,IAAI,MAAK,EAAG;AACpD,MAAA,MAAM,EAAA,CACJ,OAAO,MAAM,CAAA,CACb,IAAI,EAAE,MAAA,EAAQ,WAAW,SAAA,kBAAW,IAAI,MAAK,EAAG,EAChD,KAAA,CAAM,EAAA,CAAG,OAAO,EAAA,EAAI,KAAA,CAAM,EAAE,CAAC,CAAA;AAC/B,MAAA,OAAO,IAAA;AAAA,IACR;AAGA,IAAA,MAAM,GAAG,MAAA,CAAO,MAAM,EAAE,GAAA,CAAI,EAAE,8BAAc,IAAI,IAAA,EAAK,EAAG,EAAE,KAAA,CAAM,EAAA,CAAG,OAAO,EAAA,EAAI,KAAA,CAAM,EAAE,CAAC,CAAA;AAEvF,IAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,MAAA,GAAS,IAAA,CAAK,WAAW,CAAA,CAAE,KAAA,CAAM,EAAA,CAAG,WAAA,CAAY,OAAA,EAAS,KAAA,CAAM,EAAE,CAAC,CAAA;AAEzF,IAAA,OAAO;AAAA,MACN,IAAI,KAAA,CAAM,EAAA;AAAA,MACV,SAAS,KAAA,CAAM,OAAA;AAAA,MACf,QAAA,EAAU,MAAM,QAAA,IAAY,MAAA;AAAA,MAC5B,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,MAAM,KAAA,CAAM,IAAA;AAAA,MACZ,KAAA,EAAO,EAAA;AAAA,MACP,WAAA,EAAa,KAAA,CAAM,GAAA,CAAI,YAAY,CAAA;AAAA,MACnC,MAAA,EAAQ,QAAA;AAAA,MACR,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,WAAW,KAAA,CAAM;AAAA,KAClB;AAAA,EACD;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,GAAA,EAAK,MAAM,MAAA,EAAQ,MAAA,EAAQ,QAAQ,aAAA,EAAc;AACnE;AAEA,SAAS,aAAa,GAAA,EAIP;AACd,EAAA,OAAO;AAAA,IACN,UAAU,GAAA,CAAI,QAAA;AAAA,IACd,SAAS,GAAA,CAAI,OAAA;AAAA,IACb,WAAA,EAAc,IAAI,WAAA,IAA6C;AAAA,GAChE;AACD","file":"chunk-5DT4DN4Y.js","sourcesContent":["import { createHash, randomBytes, randomUUID } from \"node:crypto\";\nimport { and, eq } from \"drizzle-orm\";\nimport type { Database } from \"../db/database.js\";\nimport { agents, permissions } from \"../db/schema.js\";\nimport type {\n\tAgentFilter,\n\tAgentIdentity,\n\tCreateAgentInput,\n\tPermission,\n\tUpdateAgentInput,\n} from \"../types.js\";\n\ninterface AgentModuleConfig {\n\tdb: Database;\n\tmaxPerUser: number;\n\tdefaultPermissions: string[];\n\ttokenExpiry: string;\n}\n\n/**\n * Generate a secure agent token.\n * Returns { token, hash, prefix } where:\n * - token: the full token (given to the agent, never stored)\n * - hash: SHA-256 hash (stored in DB)\n * - prefix: first 8 chars (for identification in logs/UI)\n */\nfunction generateAgentToken(): { token: string; hash: string; prefix: string } {\n\tconst tokenBytes = randomBytes(32);\n\tconst token = `kv_${tokenBytes.toString(\"base64url\")}`;\n\tconst hash = createHash(\"sha256\").update(token).digest(\"hex\");\n\tconst prefix = token.slice(0, 11); // \"kv_\" + 8 chars\n\treturn { token, hash, prefix };\n}\n\nfunction parseTokenExpiry(expiry: string): Date {\n\tconst now = Date.now();\n\tconst match = expiry.match(/^(\\d+)([smhd])$/);\n\tif (!match) {\n\t\tthrow new Error(`Invalid token expiry format: ${expiry}. Use format like \"24h\", \"7d\", \"30m\".`);\n\t}\n\tconst value = Number.parseInt(match[1] as string, 10);\n\tconst unit = match[2];\n\tconst multipliers: Record<string, number> = {\n\t\ts: 1000,\n\t\tm: 60 * 1000,\n\t\th: 60 * 60 * 1000,\n\t\td: 24 * 60 * 60 * 1000,\n\t};\n\treturn new Date(now + value * (multipliers[unit as string] ?? 0));\n}\n\n/**\n * Create the agent identity module.\n * Handles CRUD operations for AI agent identities.\n */\nexport function createAgentModule(config: AgentModuleConfig) {\n\tconst { db, maxPerUser, tokenExpiry } = config;\n\n\tasync function create(input: CreateAgentInput): Promise<AgentIdentity & { token: string }> {\n\t\t// Check max agents per user\n\t\tconst existing = await db\n\t\t\t.select()\n\t\t\t.from(agents)\n\t\t\t.where(and(eq(agents.ownerId, input.ownerId), eq(agents.status, \"active\")));\n\n\t\tif (existing.length >= maxPerUser) {\n\t\t\tthrow new Error(\n\t\t\t\t`User ${input.ownerId} has reached the maximum of ${maxPerUser} active agents.`,\n\t\t\t);\n\t\t}\n\n\t\tconst id = randomUUID();\n\t\tconst { token, hash, prefix } = generateAgentToken();\n\t\tconst now = new Date();\n\t\tconst expires = input.expiresAt ?? parseTokenExpiry(tokenExpiry);\n\n\t\t// Insert agent\n\t\tawait db.insert(agents).values({\n\t\t\tid,\n\t\t\townerId: input.ownerId,\n\t\t\ttenantId: input.tenantId ?? null,\n\t\t\tname: input.name,\n\t\t\ttype: input.type,\n\t\t\tstatus: \"active\",\n\t\t\ttokenHash: hash,\n\t\t\ttokenPrefix: prefix,\n\t\t\texpiresAt: expires,\n\t\t\tmetadata: input.metadata ?? {},\n\t\t\tcreatedAt: now,\n\t\t\tupdatedAt: now,\n\t\t});\n\n\t\t// Insert permissions\n\t\tif (input.permissions.length > 0) {\n\t\t\tawait db.insert(permissions).values(\n\t\t\t\tinput.permissions.map((p) => ({\n\t\t\t\t\tid: randomUUID(),\n\t\t\t\t\tagentId: id,\n\t\t\t\t\tresource: p.resource,\n\t\t\t\t\tactions: p.actions,\n\t\t\t\t\tconstraints: p.constraints ?? null,\n\t\t\t\t\tcreatedAt: now,\n\t\t\t\t})),\n\t\t\t);\n\t\t}\n\n\t\treturn {\n\t\t\tid,\n\t\t\townerId: input.ownerId,\n\t\t\ttenantId: input.tenantId,\n\t\t\tname: input.name,\n\t\t\ttype: input.type,\n\t\t\ttoken,\n\t\t\tpermissions: input.permissions,\n\t\t\tstatus: \"active\",\n\t\t\texpiresAt: expires,\n\t\t\tcreatedAt: now,\n\t\t\tupdatedAt: now,\n\t\t};\n\t}\n\n\tasync function get(agentId: string): Promise<AgentIdentity | null> {\n\t\tconst rows = await db.select().from(agents).where(eq(agents.id, agentId)).limit(1);\n\t\tconst agent = rows[0];\n\t\tif (!agent) return null;\n\n\t\tconst perms = await db.select().from(permissions).where(eq(permissions.agentId, agentId));\n\n\t\treturn {\n\t\t\tid: agent.id,\n\t\t\townerId: agent.ownerId,\n\t\t\ttenantId: agent.tenantId ?? undefined,\n\t\t\tname: agent.name,\n\t\t\ttype: agent.type as AgentIdentity[\"type\"],\n\t\t\ttoken: \"\", // never return token after creation\n\t\t\tpermissions: perms.map(toPermission),\n\t\t\tstatus: agent.status as AgentIdentity[\"status\"],\n\t\t\texpiresAt: agent.expiresAt,\n\t\t\tcreatedAt: agent.createdAt,\n\t\t\tupdatedAt: agent.updatedAt,\n\t\t};\n\t}\n\n\tasync function list(filter?: AgentFilter): Promise<AgentIdentity[]> {\n\t\tlet query = db.select().from(agents).$dynamic();\n\n\t\tconst conditions = [];\n\t\tif (filter?.userId) conditions.push(eq(agents.ownerId, filter.userId));\n\t\tif (filter?.tenantId) conditions.push(eq(agents.tenantId, filter.tenantId));\n\t\tif (filter?.status) conditions.push(eq(agents.status, filter.status));\n\t\tif (filter?.type) conditions.push(eq(agents.type, filter.type));\n\n\t\tif (conditions.length > 0) {\n\t\t\tquery = query.where(and(...conditions));\n\t\t}\n\n\t\tconst rows = await query;\n\n\t\t// Load permissions for all agents\n\t\tconst agentIds = rows.map((r) => r.id);\n\t\tconst permsByAgent = new Map<string, Permission[]>();\n\t\tfor (const id of agentIds) {\n\t\t\tconst perms = await db.select().from(permissions).where(eq(permissions.agentId, id));\n\t\t\tpermsByAgent.set(id, perms.map(toPermission));\n\t\t}\n\n\t\treturn rows.map((agent) => ({\n\t\t\tid: agent.id,\n\t\t\townerId: agent.ownerId,\n\t\t\ttenantId: agent.tenantId ?? undefined,\n\t\t\tname: agent.name,\n\t\t\ttype: agent.type as AgentIdentity[\"type\"],\n\t\t\ttoken: \"\",\n\t\t\tpermissions: permsByAgent.get(agent.id) ?? [],\n\t\t\tstatus: agent.status as AgentIdentity[\"status\"],\n\t\t\texpiresAt: agent.expiresAt,\n\t\t\tcreatedAt: agent.createdAt,\n\t\t\tupdatedAt: agent.updatedAt,\n\t\t}));\n\t}\n\n\tasync function update(agentId: string, input: UpdateAgentInput): Promise<AgentIdentity> {\n\t\tconst existing = await get(agentId);\n\t\tif (!existing) throw new Error(`Agent ${agentId} not found.`);\n\n\t\tconst now = new Date();\n\n\t\tawait db\n\t\t\t.update(agents)\n\t\t\t.set({\n\t\t\t\tname: input.name ?? existing.name,\n\t\t\t\texpiresAt: input.expiresAt ?? existing.expiresAt,\n\t\t\t\tmetadata: input.metadata,\n\t\t\t\tupdatedAt: now,\n\t\t\t})\n\t\t\t.where(eq(agents.id, agentId));\n\n\t\t// Replace permissions if provided\n\t\tif (input.permissions) {\n\t\t\tawait db.delete(permissions).where(eq(permissions.agentId, agentId));\n\t\t\tif (input.permissions.length > 0) {\n\t\t\t\tawait db.insert(permissions).values(\n\t\t\t\t\tinput.permissions.map((p) => ({\n\t\t\t\t\t\tid: randomUUID(),\n\t\t\t\t\t\tagentId,\n\t\t\t\t\t\tresource: p.resource,\n\t\t\t\t\t\tactions: p.actions,\n\t\t\t\t\t\tconstraints: p.constraints ?? null,\n\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t})),\n\t\t\t\t);\n\t\t\t}\n\t\t}\n\n\t\tconst updated = await get(agentId);\n\t\tif (!updated) throw new Error(`Agent ${agentId} disappeared after update.`);\n\t\treturn updated;\n\t}\n\n\tasync function revoke(agentId: string): Promise<void> {\n\t\tconst existing = await get(agentId);\n\t\tif (!existing) throw new Error(`Agent ${agentId} not found.`);\n\n\t\tawait db\n\t\t\t.update(agents)\n\t\t\t.set({ status: \"revoked\", updatedAt: new Date() })\n\t\t\t.where(eq(agents.id, agentId));\n\t}\n\n\tasync function rotate(agentId: string): Promise<AgentIdentity & { token: string }> {\n\t\tconst existing = await get(agentId);\n\t\tif (!existing) throw new Error(`Agent ${agentId} not found.`);\n\t\tif (existing.status !== \"active\")\n\t\t\tthrow new Error(`Cannot rotate token for ${existing.status} agent.`);\n\n\t\tconst { token, hash, prefix } = generateAgentToken();\n\t\tconst now = new Date();\n\n\t\tawait db\n\t\t\t.update(agents)\n\t\t\t.set({ tokenHash: hash, tokenPrefix: prefix, updatedAt: now })\n\t\t\t.where(eq(agents.id, agentId));\n\n\t\treturn { ...existing, token, updatedAt: now };\n\t}\n\n\t/**\n\t * Validate an agent token and return the agent identity.\n\t * Used internally by the authorization engine.\n\t */\n\tasync function validateToken(token: string): Promise<AgentIdentity | null> {\n\t\tconst hash = createHash(\"sha256\").update(token).digest(\"hex\");\n\t\tconst rows = await db.select().from(agents).where(eq(agents.tokenHash, hash)).limit(1);\n\t\tconst agent = rows[0];\n\t\tif (!agent) return null;\n\n\t\t// Check status\n\t\tif (agent.status !== \"active\") return null;\n\n\t\t// Check expiry\n\t\tif (agent.expiresAt && agent.expiresAt < new Date()) {\n\t\t\tawait db\n\t\t\t\t.update(agents)\n\t\t\t\t.set({ status: \"expired\", updatedAt: new Date() })\n\t\t\t\t.where(eq(agents.id, agent.id));\n\t\t\treturn null;\n\t\t}\n\n\t\t// Update last active\n\t\tawait db.update(agents).set({ lastActiveAt: new Date() }).where(eq(agents.id, agent.id));\n\n\t\tconst perms = await db.select().from(permissions).where(eq(permissions.agentId, agent.id));\n\n\t\treturn {\n\t\t\tid: agent.id,\n\t\t\townerId: agent.ownerId,\n\t\t\ttenantId: agent.tenantId ?? undefined,\n\t\t\tname: agent.name,\n\t\t\ttype: agent.type as AgentIdentity[\"type\"],\n\t\t\ttoken: \"\",\n\t\t\tpermissions: perms.map(toPermission),\n\t\t\tstatus: \"active\",\n\t\t\texpiresAt: agent.expiresAt,\n\t\t\tcreatedAt: agent.createdAt,\n\t\t\tupdatedAt: agent.updatedAt,\n\t\t};\n\t}\n\n\treturn { create, get, list, update, revoke, rotate, validateToken };\n}\n\nfunction toPermission(row: {\n\tresource: string;\n\tactions: string[];\n\tconstraints: unknown;\n}): Permission {\n\treturn {\n\t\tresource: row.resource,\n\t\tactions: row.actions,\n\t\tconstraints: (row.constraints as Permission[\"constraints\"]) ?? undefined,\n\t};\n}\n"]}