npm - llng-mcp - Versions diffs - 0.1.0 - Mend

llng-mcp 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (114) hide show

package/.github/workflows/ci.yml +77 -0
package/.prettierrc +7 -0
package/LICENSE +661 -0
package/README.md +502 -0
package/dist/__tests__/api-transport.test.d.ts +1 -0
package/dist/__tests__/api-transport.test.js +577 -0
package/dist/__tests__/api-transport.test.js.map +1 -0
package/dist/__tests__/config.test.d.ts +1 -0
package/dist/__tests__/config.test.js +472 -0
package/dist/__tests__/config.test.js.map +1 -0
package/dist/__tests__/integration/api-mode.test.d.ts +1 -0
package/dist/__tests__/integration/api-mode.test.js +199 -0
package/dist/__tests__/integration/api-mode.test.js.map +1 -0
package/dist/__tests__/integration/oidc-rp.test.d.ts +1 -0
package/dist/__tests__/integration/oidc-rp.test.js +120 -0
package/dist/__tests__/integration/oidc-rp.test.js.map +1 -0
package/dist/__tests__/integration/ssh-mode.test.d.ts +1 -0
package/dist/__tests__/integration/ssh-mode.test.js +101 -0
package/dist/__tests__/integration/ssh-mode.test.js.map +1 -0
package/dist/__tests__/k8s-transport.test.d.ts +1 -0
package/dist/__tests__/k8s-transport.test.js +254 -0
package/dist/__tests__/k8s-transport.test.js.map +1 -0
package/dist/__tests__/oidc-tools.test.d.ts +1 -0
package/dist/__tests__/oidc-tools.test.js +457 -0
package/dist/__tests__/oidc-tools.test.js.map +1 -0
package/dist/__tests__/registry.test.d.ts +1 -0
package/dist/__tests__/registry.test.js +96 -0
package/dist/__tests__/registry.test.js.map +1 -0
package/dist/__tests__/ssh-transport.test.d.ts +1 -0
package/dist/__tests__/ssh-transport.test.js +618 -0
package/dist/__tests__/ssh-transport.test.js.map +1 -0
package/dist/__tests__/tools.test.d.ts +1 -0
package/dist/__tests__/tools.test.js +525 -0
package/dist/__tests__/tools.test.js.map +1 -0
package/dist/config.d.ts +65 -0
package/dist/config.js +506 -0
package/dist/config.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.js +42 -0
package/dist/index.js.map +1 -0
package/dist/resources/documentation.d.ts +5 -0
package/dist/resources/documentation.js +56 -0
package/dist/resources/documentation.js.map +1 -0
package/dist/tools/cli-utilities.d.ts +3 -0
package/dist/tools/cli-utilities.js +187 -0
package/dist/tools/cli-utilities.js.map +1 -0
package/dist/tools/config.d.ts +6 -0
package/dist/tools/config.js +326 -0
package/dist/tools/config.js.map +1 -0
package/dist/tools/consents.d.ts +3 -0
package/dist/tools/consents.js +39 -0
package/dist/tools/consents.js.map +1 -0
package/dist/tools/instances.d.ts +3 -0
package/dist/tools/instances.js +14 -0
package/dist/tools/instances.js.map +1 -0
package/dist/tools/oidc-rp.d.ts +6 -0
package/dist/tools/oidc-rp.js +246 -0
package/dist/tools/oidc-rp.js.map +1 -0
package/dist/tools/oidc.d.ts +3 -0
package/dist/tools/oidc.js +343 -0
package/dist/tools/oidc.js.map +1 -0
package/dist/tools/secondfactors.d.ts +3 -0
package/dist/tools/secondfactors.js +62 -0
package/dist/tools/secondfactors.js.map +1 -0
package/dist/tools/sessions.d.ts +6 -0
package/dist/tools/sessions.js +300 -0
package/dist/tools/sessions.js.map +1 -0
package/dist/transport/api.d.ts +35 -0
package/dist/transport/api.js +327 -0
package/dist/transport/api.js.map +1 -0
package/dist/transport/interface.d.ts +50 -0
package/dist/transport/interface.js +2 -0
package/dist/transport/interface.js.map +1 -0
package/dist/transport/k8s.d.ts +41 -0
package/dist/transport/k8s.js +303 -0
package/dist/transport/k8s.js.map +1 -0
package/dist/transport/registry.d.ts +20 -0
package/dist/transport/registry.js +91 -0
package/dist/transport/registry.js.map +1 -0
package/dist/transport/ssh.d.ts +37 -0
package/dist/transport/ssh.js +353 -0
package/dist/transport/ssh.js.map +1 -0
package/docker-compose.test.yml +16 -0
package/eslint.config.js +21 -0
package/package.json +38 -0
package/src/__tests__/api-transport.test.ts +746 -0
package/src/__tests__/config.test.ts +587 -0
package/src/__tests__/integration/api-mode.test.ts +229 -0
package/src/__tests__/integration/oidc-rp.test.ts +138 -0
package/src/__tests__/integration/ssh-mode.test.ts +113 -0
package/src/__tests__/k8s-transport.test.ts +342 -0
package/src/__tests__/oidc-tools.test.ts +554 -0
package/src/__tests__/registry.test.ts +110 -0
package/src/__tests__/ssh-transport.test.ts +805 -0
package/src/__tests__/tools.test.ts +735 -0
package/src/config.ts +605 -0
package/src/index.ts +48 -0
package/src/resources/documentation.ts +65 -0
package/src/tools/cli-utilities.ts +207 -0
package/src/tools/config.ts +382 -0
package/src/tools/consents.ts +50 -0
package/src/tools/instances.ts +21 -0
package/src/tools/oidc-rp.ts +299 -0
package/src/tools/oidc.ts +434 -0
package/src/tools/secondfactors.ts +78 -0
package/src/tools/sessions.ts +342 -0
package/src/transport/api.ts +429 -0
package/src/transport/interface.ts +58 -0
package/src/transport/k8s.ts +367 -0
package/src/transport/registry.ts +105 -0
package/src/transport/ssh.ts +430 -0
package/tsconfig.json +16 -0
package/vitest.config.ts +8 -0
package/vitest.integration.config.ts +9 -0

package/src/tools/instances.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { TransportRegistry } from "../transport/registry.js";
+export function registerInstanceTools(server: McpServer, registry: TransportRegistry): void {
+  server.tool(
+    "llng_instances",
+    "List available LLNG instances and their transport mode",
+    {},
+    async () => {
+      const instances = registry.listInstances();
+      return {
+        content: [
+          {
+            type: "text",
+            text: JSON.stringify(instances, null, 2),
+          },
+        ],
+      };
+    },
+  );
+}

package/src/tools/oidc-rp.ts ADDED Viewed

@@ -0,0 +1,299 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { z } from "zod";
+import { TransportRegistry } from "../transport/registry.js";
+const RP_CONFIG_KEYS = [
+  "oidcRPMetaDataOptions",
+  "oidcRPMetaDataExportedVars",
+  "oidcRPMetaDataMacros",
+  "oidcRPMetaDataScopeRules",
+  "oidcRPMetaDataOptionsExtraClaims",
+] as const;
+/**
+ * Register OIDC Relying Party management tools
+ */
+export function registerOidcRpTools(server: McpServer, registry: TransportRegistry): void {
+  // 0. llng_oidc_issuer_enable - Enable OIDC issuer
+  server.tool(
+    "llng_oidc_issuer_enable",
+    "Enable OIDC issuer on the LLNG instance (activates issuerDBOpenIDConnectActivation and generates signing keys)",
+    {
+      force: z.boolean().optional().describe("Force re-enable even if already activated"),
+      instance: z.string().optional().describe("LLNG instance name (uses default if omitted)"),
+    },
+    async (args) => {
+      try {
+        const transport = registry.getTransport(args.instance, "manager");
+        const config = await transport.configGet([
+          "issuerDBOpenIDConnectActivation",
+          "oidcServicePrivateKeySig",
+        ]);
+        const isActivated =
+          config["issuerDBOpenIDConnectActivation"] === 1 ||
+          config["issuerDBOpenIDConnectActivation"] === "1";
+        const hasKey =
+          typeof config["oidcServicePrivateKeySig"] === "string" &&
+          config["oidcServicePrivateKeySig"].length > 0;
+        if (isActivated && hasKey && !args.force) {
+          return {
+            content: [{ type: "text", text: "OIDC issuer is already enabled." }],
+          };
+        }
+        await transport.configSet({ issuerDBOpenIDConnectActivation: 1 });
+        await transport.execScript("rotateOidcKeys", []);
+        return {
+          content: [
+            {
+              type: "text",
+              text: "OIDC issuer enabled successfully. Signing keys have been generated.",
+            },
+          ],
+        };
+      } catch (error) {
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Error: ${error instanceof Error ? error.message : String(error)}`,
+            },
+          ],
+          isError: true,
+        };
+      }
+    },
+  );
+  // 1. llng_oidc_rp_list - List OIDC Relying Parties
+  server.tool(
+    "llng_oidc_rp_list",
+    "List configured OIDC Relying Parties with their clientID and displayName",
+    {
+      instance: z.string().optional().describe("LLNG instance name (uses default if omitted)"),
+    },
+    async (args) => {
+      try {
+        const transport = registry.getTransport(args.instance, "manager");
+        const data = await transport.configGet(["oidcRPMetaDataOptions"]);
+        const options = data["oidcRPMetaDataOptions"];
+        if (!options || typeof options !== "object") {
+          return {
+            content: [{ type: "text", text: JSON.stringify([], null, 2) }],
+          };
+        }
+        const list = Object.entries(options).map(([confKey, opts]: [string, any]) => ({
+          confKey,
+          clientID: opts?.oidcRPMetaDataOptionsClientID || "",
+          displayName: opts?.oidcRPMetaDataOptionsDisplayName || "",
+        }));
+        return {
+          content: [{ type: "text", text: JSON.stringify(list, null, 2) }],
+        };
+      } catch (error) {
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Error: ${error instanceof Error ? error.message : String(error)}`,
+            },
+          ],
+          isError: true,
+        };
+      }
+    },
+  );
+  // 2. llng_oidc_rp_get - Get details of an OIDC RP
+  server.tool(
+    "llng_oidc_rp_get",
+    "Get full details of an OIDC Relying Party by confKey",
+    {
+      confKey: z.string().describe("The RP configuration key (internal identifier)"),
+      instance: z.string().optional().describe("LLNG instance name (uses default if omitted)"),
+    },
+    async (args) => {
+      try {
+        const transport = registry.getTransport(args.instance, "manager");
+        const data = await transport.configGet([...RP_CONFIG_KEYS]);
+        const result: Record<string, any> = {};
+        for (const key of RP_CONFIG_KEYS) {
+          const container = data[key];
+          if (container && typeof container === "object" && args.confKey in container) {
+            result[key] = (container as Record<string, unknown>)[args.confKey];
+          }
+        }
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
+        };
+      } catch (error) {
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Error: ${error instanceof Error ? error.message : String(error)}`,
+            },
+          ],
+          isError: true,
+        };
+      }
+    },
+  );
+  // 3. llng_oidc_rp_add - Add a new OIDC RP
+  server.tool(
+    "llng_oidc_rp_add",
+    "Add a new OIDC Relying Party",
+    {
+      confKey: z.string().describe("Internal identifier for the RP"),
+      clientId: z.string().describe("OAuth2 client ID"),
+      redirectUris: z.string().describe("Redirect URIs (space or newline separated)"),
+      clientSecret: z.string().optional().describe("OAuth2 client secret"),
+      displayName: z.string().optional().describe("Display name for the RP"),
+      exportedVars: z
+        .record(z.string(), z.string())
+        .optional()
+        .describe(
+          'Claim-to-attribute mappings (default: {"name":"cn","preferred_username":"uid","email":"mail"})',
+        ),
+      extraClaims: z.record(z.string(), z.string()).optional().describe("Extra claims mappings"),
+      options: z
+        .record(z.string(), z.union([z.string(), z.number(), z.boolean()]))
+        .optional()
+        .describe("Additional raw OIDC RP options"),
+      instance: z.string().optional().describe("LLNG instance name (uses default if omitted)"),
+    },
+    async (args) => {
+      try {
+        const transport = registry.getTransport(args.instance, "manager");
+        // Check OIDC issuer prerequisites
+        const issuerConfig = await transport.configGet([
+          "issuerDBOpenIDConnectActivation",
+          "oidcServicePrivateKeySig",
+        ]);
+        const isActivated =
+          issuerConfig["issuerDBOpenIDConnectActivation"] === 1 ||
+          issuerConfig["issuerDBOpenIDConnectActivation"] === "1";
+        const hasKey =
+          typeof issuerConfig["oidcServicePrivateKeySig"] === "string" &&
+          issuerConfig["oidcServicePrivateKeySig"].length > 0;
+        if (!isActivated || !hasKey) {
+          return {
+            content: [
+              {
+                type: "text" as const,
+                text: "Error: OIDC issuer is not enabled or signing keys are missing. Use llng_oidc_issuer_enable first.",
+              },
+            ],
+            isError: true,
+          };
+        }
+        const rpOptions: Record<string, string | number | boolean> = {
+          oidcRPMetaDataOptionsClientID: args.clientId,
+          oidcRPMetaDataOptionsRedirectUris: args.redirectUris,
+          oidcRPMetaDataOptionsIDTokenSignAlg: "RS256",
+          oidcRPMetaDataOptionsAccessTokenClaims: 1,
+          ...(args.options || {}),
+        };
+        if (args.clientSecret) {
+          rpOptions.oidcRPMetaDataOptionsClientSecret = args.clientSecret;
+        }
+        if (args.displayName) {
+          rpOptions.oidcRPMetaDataOptionsDisplayName = args.displayName;
+        }
+        const exportedVars = args.exportedVars || {
+          name: "cn",
+          preferred_username: "uid",
+          email: "mail",
+        };
+        const mergeData: Record<string, any> = {
+          oidcRPMetaDataOptions: {
+            [args.confKey]: rpOptions,
+          },
+          oidcRPMetaDataExportedVars: {
+            [args.confKey]: exportedVars,
+          },
+        };
+        if (args.extraClaims) {
+          mergeData.oidcRPMetaDataOptionsExtraClaims = {
+            [args.confKey]: args.extraClaims,
+          };
+        }
+        await transport.configMerge(JSON.stringify(mergeData));
+        return {
+          content: [
+            {
+              type: "text",
+              text: `OIDC RP '${args.confKey}' added successfully with clientId '${args.clientId}'.`,
+            },
+          ],
+        };
+      } catch (error) {
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Error: ${error instanceof Error ? error.message : String(error)}`,
+            },
+          ],
+          isError: true,
+        };
+      }
+    },
+  );
+  // 4. llng_oidc_rp_delete - Delete an OIDC RP
+  server.tool(
+    "llng_oidc_rp_delete",
+    "Delete an OIDC Relying Party by confKey",
+    {
+      confKey: z.string().describe("The RP configuration key to delete"),
+      instance: z.string().optional().describe("LLNG instance name (uses default if omitted)"),
+    },
+    async (args) => {
+      try {
+        const transport = registry.getTransport(args.instance, "manager");
+        for (const key of RP_CONFIG_KEYS) {
+          await transport.configDelKey(key, args.confKey);
+        }
+        return {
+          content: [
+            {
+              type: "text",
+              text: `OIDC RP '${args.confKey}' deleted successfully.`,
+            },
+          ],
+        };
+      } catch (error) {
+        return {
+          content: [
+            {
+              type: "text",
+              text: `Error: ${error instanceof Error ? error.message : String(error)}`,
+            },
+          ],
+          isError: true,
+        };
+      }
+    },
+  );
+}