npm - mcp-coordinator - Versions diffs - 0.6.1 → 0.7.0 - Mend

mcp-coordinator 0.6.1 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/README.md +24 -0
package/dist/src/agent-activity.d.ts +13 -9
package/dist/src/agent-activity.js +45 -24
package/dist/src/agent-registry.d.ts +7 -7
package/dist/src/agent-registry.js +19 -18
package/dist/src/announce-workflow.d.ts +1 -0
package/dist/src/announce-workflow.js +13 -12
package/dist/src/auth/providers/registry.d.ts +4 -0
package/dist/src/auth/providers/registry.js +7 -0
package/dist/src/auth/providers/types.d.ts +11 -0
package/dist/src/auth/providers/types.js +1 -0
package/dist/src/auth.d.ts +24 -5
package/dist/src/auth.js +172 -23
package/dist/src/conflict-detector.d.ts +1 -0
package/dist/src/conflict-detector.js +4 -4
package/dist/src/consultation.d.ts +28 -14
package/dist/src/consultation.js +101 -68
package/dist/src/context-provider.d.ts +2 -2
package/dist/src/context-provider.js +3 -4
package/dist/src/database.js +203 -4
package/dist/src/dependency-map.d.ts +25 -4
package/dist/src/dependency-map.js +49 -11
package/dist/src/file-tracker.d.ts +5 -4
package/dist/src/file-tracker.js +16 -14
package/dist/src/git-cochange-builder.d.ts +11 -2
package/dist/src/git-cochange-builder.js +15 -7
package/dist/src/http/handle-health.d.ts +9 -5
package/dist/src/http/handle-health.js +22 -8
package/dist/src/http/handle-rest.d.ts +3 -0
package/dist/src/http/handle-rest.js +56 -55
package/dist/src/http/utils.d.ts +4 -0
package/dist/src/http/utils.js +7 -1
package/dist/src/impact-scorer.d.ts +3 -0
package/dist/src/impact-scorer.js +65 -51
package/dist/src/introspection.d.ts +13 -7
package/dist/src/introspection.js +34 -11
package/dist/src/metrics.js +2 -1
package/dist/src/mqtt-bridge.d.ts +3 -2
package/dist/src/mqtt-bridge.js +33 -23
package/dist/src/mqtt-broker.d.ts +16 -7
package/dist/src/mqtt-broker.js +57 -15
package/dist/src/security/audit.d.ts +11 -0
package/dist/src/security/audit.js +7 -0
package/dist/src/security/encryption.d.ts +17 -0
package/dist/src/security/encryption.js +5 -0
package/dist/src/serve-http.js +136 -57
package/dist/src/server-setup.d.ts +12 -2
package/dist/src/server-setup.js +33 -15
package/dist/src/sse-emitter.d.ts +7 -4
package/dist/src/sse-emitter.js +27 -21
package/dist/src/tools/agents-tools.d.ts +2 -1
package/dist/src/tools/agents-tools.js +36 -12
package/dist/src/tools/consultation-tools.d.ts +2 -1
package/dist/src/tools/consultation-tools.js +102 -36
package/dist/src/tools/dependencies-tools.d.ts +2 -1
package/dist/src/tools/dependencies-tools.js +25 -7
package/dist/src/tools/files-tools.d.ts +2 -1
package/dist/src/tools/files-tools.js +25 -7
package/dist/src/tools/mqtt-tools.d.ts +7 -1
package/dist/src/tools/mqtt-tools.js +27 -4
package/dist/src/tools/status-tools.d.ts +7 -1
package/dist/src/tools/status-tools.js +26 -9
package/dist/src/types.d.ts +2 -0
package/dist/src/working-files-tracker.d.ts +21 -11
package/dist/src/working-files-tracker.js +32 -21
package/package.json +1 -1

package/dist/src/auth.js CHANGED Viewed

@@ -3,56 +3,143 @@ import { randomUUID } from "crypto";
 import { getDb } from "./database.js";
 import { silentLogger } from "./logger.js";
 let signingKey;
+let prevKey = null;
 let defaultExpiry = "24h";
 let log = silentLogger;
 export function setAuthLogger(logger) {
     log = logger;
 }
-export function initAuth(secret, expiry) {
+export function initAuth(secret, expiry, options = {}) {
     signingKey = new TextEncoder().encode(secret);
+    prevKey = options.prevSecret ? new TextEncoder().encode(options.prevSecret) : null;
     if (expiry)
         defaultExpiry = expiry;
 }
-export async function createToken(agentId, role, expiry) {
-    return new SignJWT({ role })
+export async function createToken(agentId, role, expiry, options = {}) {
+    const jti = randomUUID();
+    return new SignJWT({
+        role,
+        user_id: options.user_id ?? agentId,
+        org: options.org ?? "default",
+    })
         .setProtectedHeader({ alg: "HS256" })
         .setSubject(agentId)
-        .setJti(randomUUID())
+        .setJti(jti)
         .setIssuedAt()
         .setExpirationTime(expiry || defaultExpiry)
         .sign(signingKey);
 }
 export async function verifyToken(token) {
-    const { payload } = await jwtVerify(token, signingKey);
+    let payload;
+    try {
+        ({ payload } = await jwtVerify(token, signingKey, { algorithms: ["HS256"] }));
+    }
+    catch (err) {
+        if (prevKey && err instanceof errors.JWSSignatureVerificationFailed) {
+            ({ payload } = await jwtVerify(token, prevKey, { algorithms: ["HS256"] }));
+        }
+        else {
+            throw err;
+        }
+    }
     if (!payload.sub)
         throw new Error("Missing sub claim in token");
     const role = payload.role;
-    if (role !== "agent" && role !== "admin")
+    if (role !== "agent" && role !== "admin" && role !== "member") {
         throw new Error("Invalid role in token");
-    return { sub: payload.sub, role };
+    }
+    return {
+        sub: payload.sub,
+        role,
+        user_id: typeof payload.user_id === "string" ? payload.user_id : "legacy",
+        org: typeof payload.org === "string" ? payload.org : "default",
+        jti: typeof payload.jti === "string" ? payload.jti : randomUUID(),
+    };
+}
+export async function verifyTokenStrict(token) {
+    let payload;
+    try {
+        ({ payload } = await jwtVerify(token, signingKey, { algorithms: ["HS256"] }));
+    }
+    catch (err) {
+        if (prevKey && err instanceof errors.JWSSignatureVerificationFailed) {
+            ({ payload } = await jwtVerify(token, prevKey, { algorithms: ["HS256"] }));
+        }
+        else {
+            throw err;
+        }
+    }
+    if (!payload.sub)
+        throw new Error("Missing sub claim in token");
+    // Tolerate missing/unknown role on v0.6 tokens. Default to 'member' (LEAST PRIVILEGE).
+    const rawRole = payload.role;
+    const role = rawRole === "agent" || rawRole === "admin" || rawRole === "member"
+        ? rawRole
+        : "member";
+    // v0.7 detection: BOTH user_id AND org must be present strings.
+    const hasV07 = typeof payload.user_id === "string" && typeof payload.org === "string";
+    return {
+        claims: {
+            sub: payload.sub, role,
+            user_id: typeof payload.user_id === "string" ? payload.user_id : "legacy",
+            org: typeof payload.org === "string" ? payload.org : "default",
+            jti: typeof payload.jti === "string" ? payload.jti : randomUUID(),
+        },
+        wasLegacy: !hasV07,
+    };
 }
-export async function refreshToken(token, gracePeriod = "1h") {
+export async function refreshToken(token, options, gracePeriod) {
+    const authEnabled = options.authEnabled;
+    const grace = gracePeriod ?? "1h";
     let claims;
     try {
-        claims = await verifyToken(token);
+        const { claims: c, wasLegacy } = await verifyTokenStrict(token);
+        if (wasLegacy && authEnabled) {
+            throw new Error("v0.6 token rejected: upgrade required (AUTH_ENABLED=true)");
+        }
+        claims = c;
     }
     catch (err) {
         if (err instanceof errors.JWTExpired) {
-            const { payload } = await jwtVerify(token, signingKey, {
-                clockTolerance: gracePeriod,
-            });
+            const verifyWith = async (key) => jwtVerify(token, key, { clockTolerance: grace, algorithms: ["HS256"] });
+            let payload;
+            try {
+                ({ payload } = await verifyWith(signingKey));
+            }
+            catch (err2) {
+                if (prevKey && err2 instanceof errors.JWSSignatureVerificationFailed) {
+                    ({ payload } = await verifyWith(prevKey));
+                }
+                else {
+                    throw err2;
+                }
+            }
             if (!payload.sub)
                 throw new Error("Missing sub claim in token");
-            const role = payload.role;
-            if (role !== "agent" && role !== "admin")
-                throw new Error("Invalid role in token");
-            claims = { sub: payload.sub, role };
+            // Tolerate missing/unknown role on v0.6 tokens. Default to 'member' (LEAST PRIVILEGE).
+            const rawRole = payload.role;
+            const role = rawRole === "agent" || rawRole === "admin" || rawRole === "member"
+                ? rawRole
+                : "member";
+            const hasV07 = typeof payload.user_id === "string" && typeof payload.org === "string";
+            if (!hasV07 && authEnabled) {
+                throw new Error("v0.6 token rejected: upgrade required (AUTH_ENABLED=true)");
+            }
+            claims = {
+                sub: payload.sub, role,
+                user_id: typeof payload.user_id === "string" ? payload.user_id : "legacy",
+                org: typeof payload.org === "string" ? payload.org : "default",
+                jti: typeof payload.jti === "string" ? payload.jti : randomUUID(),
+            };
         }
         else {
             throw err;
         }
     }
-    return createToken(claims.sub, claims.role);
+    return createToken(claims.sub, claims.role, undefined, {
+        user_id: claims.user_id,
+        org: claims.org,
+    });
 }
 export function isRevoked(agentId) {
     const db = getDb();
@@ -61,23 +148,85 @@ export function isRevoked(agentId) {
 }
 export function revokeAgent(agentId, revokedBy) {
     const db = getDb();
+    // INTENTIONALLY cross-org: revoked_agents is a global blocklist by design.
+    // A revocation issued by an admin must be effective across every org where
+    // that agent_id appears — there is no per-org revocation in Phase 1.
     db.prepare("INSERT OR IGNORE INTO revoked_agents (agent_id, revoked_by) VALUES (?, ?)").run(agentId, revokedBy);
 }
 const ADMIN_ONLY_ROUTES = ["/api/auth/revoke", "/api/reset"];
-export async function authenticateRequest(req) {
+export async function authenticateRequest(req, options = { authEnabled: true }) {
+    const { authEnabled } = options;
     const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith("Bearer ")) {
-        return { ok: false, status: 401, error: "Missing or invalid Authorization header" };
+    // EventSource-compatible token transport: allow ?token=<JWT> on GET requests.
+    // POST/PUT/PATCH are excluded (smuggling defense: POST endpoints use the body
+    // as a credential channel, so hoisting a query param to auth would let an
+    // attacker lure a victim's browser into a CSRF-authenticated POST).
+    // Authorization header always takes precedence when both are present.
+    let effectiveAuthHeader = authHeader;
+    if (!effectiveAuthHeader && req.method === "GET") {
+        try {
+            // req.url may be relative (e.g. "/api/events?token=…") — prepend a dummy
+            // base so URL can parse it. Attacker-controlled, so we wrap in try/catch.
+            const parsed = new URL(req.url ?? "", "http://localhost");
+            const qToken = parsed.searchParams.get("token");
+            if (qToken) {
+                effectiveAuthHeader = `Bearer ${qToken}`;
+            }
+        }
+        catch {
+            // Malformed URL — no fallback, fall through to scenario (b) 401.
+        }
     }
-    const token = authHeader.slice(7);
+    // Scenario (a)/(b): No Authorization header (and no ?token= fallback)
+    if (!effectiveAuthHeader || !effectiveAuthHeader.startsWith("Bearer ")) {
+        if (!authEnabled) {
+            // Scenario (a): AUTH_ENABLED=false → inject synthetic legacy claims
+            return {
+                ok: true,
+                claims: {
+                    sub: "legacy",
+                    user_id: "legacy",
+                    org: "default",
+                    role: "admin",
+                    jti: randomUUID(),
+                },
+            };
+        }
+        // Scenario (b): AUTH_ENABLED=true → 401 with WWW-Authenticate
+        return {
+            ok: false,
+            status: 401,
+            error: "Missing or invalid Authorization header",
+            wwwAuthenticate: 'Bearer realm="mcp-coordinator", error="invalid_token"',
+        };
+    }
+    // Has a Bearer token — verify it
+    const token = effectiveAuthHeader.slice(7);
     let claims;
+    let wasLegacy;
     try {
-        claims = await verifyToken(token);
+        ({ claims, wasLegacy } = await verifyTokenStrict(token));
     }
     catch (err) {
         log.error({ err }, "JWT verification error");
-        return { ok: false, status: 401, error: "Invalid or expired token" };
+        const isExpired = err instanceof errors.JWTExpired;
+        return {
+            ok: false,
+            status: 401,
+            error: isExpired ? "Token expired" : "Invalid or expired token",
+            wwwAuthenticate: `Bearer realm="mcp-coordinator", error="${isExpired ? "expired_token" : "invalid_token"}"`,
+        };
+    }
+    // Scenario (c): v0.6 token (wasLegacy=true) under AUTH_ENABLED=true → reject
+    if (wasLegacy && authEnabled) {
+        return {
+            ok: false,
+            status: 401,
+            error: "v0.6 token rejected: upgrade required (AUTH_ENABLED=true)",
+            wwwAuthenticate: 'Bearer realm="mcp-coordinator", error="invalid_token"',
+        };
     }
+    // Scenario (c) AUTH_ENABLED=false or Scenario (d): proceed with claims
     if (isRevoked(claims.sub)) {
         return { ok: false, status: 403, error: "Agent has been revoked" };
     }

package/dist/src/conflict-detector.d.ts CHANGED Viewed

@@ -10,6 +10,7 @@ export declare class ConflictDetector {
     private log;
     constructor(consultation: Consultation, depMap: DependencyMapper, fileTracker: FileTracker, logger?: Logger);
     detect(params: {
+        org_id: string;
         agent_id: string;
         target_modules: string[];
         target_files: string[];

package/dist/src/conflict-detector.js CHANGED Viewed

@@ -13,7 +13,7 @@ export class ConflictDetector {
     detect(params) {
         const conflicts = [];
         // Include open, resolving, and recently resolved (auto-quorum) threads — exclude only cancelled
-        const allThreads = this.consultation.listThreads({});
+        const allThreads = this.consultation.listThreads(params.org_id, {});
         const activeThreads = allThreads.filter((t) => t.status !== "cancelled");
         for (const thread of activeThreads) {
             if (thread.initiator_id === params.agent_id)
@@ -46,7 +46,7 @@ export class ConflictDetector {
             }
             // 3. Dependency chain
             for (const targetModule of params.target_modules) {
-                const info = this.depMap.getModuleInfo(targetModule);
+                const info = this.depMap.getModuleInfo(params.org_id, targetModule);
                 if (!info)
                     continue;
                 for (const dep of info.depends_on) {
@@ -62,7 +62,7 @@ export class ConflictDetector {
                     }
                 }
                 // Reverse: someone depends on what we're modifying
-                const radius = this.depMap.getBlastRadius(targetModule);
+                const radius = this.depMap.getBlastRadius(params.org_id, targetModule);
                 this.log.debug({
                     module_id: targetModule,
                     direct_dependents: radius.direct_dependents,
@@ -84,7 +84,7 @@ export class ConflictDetector {
         }
         // 4. Hot file overlap (from actual file activity, not just declared files)
         for (const targetFile of params.target_files) {
-            const activity = this.fileTracker.checkFileConflict(targetFile, params.agent_id, 60);
+            const activity = this.fileTracker.checkFileConflict(params.org_id, targetFile, params.agent_id, 60);
             if (activity.conflict) {
                 for (const otherAgent of activity.agents) {
                     // Avoid duplicating with file_overlap already detected

package/dist/src/consultation.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@ import { type Logger } from "./logger.js";
 import type { Thread, ThreadMessage, ActionSummary, MessageType, ResolutionType } from "./types.js";
 export interface ResolutionEvent {
     thread_id: string;
+    org_id: string;
     resolution_type: ResolutionType;
     resolution_summary: string | null;
     created_at: string;
@@ -30,7 +31,7 @@ export declare class Consultation {
     startTimeoutSweeper(intervalMs?: number): void;
     stopTimeoutSweeper(): void;
     emitResolution(threadId: string, type: ResolutionType, approvedBy?: string, approvedByName?: string): void;
-    announceWork(params: {
+    announceWork(orgId: string, params: {
         agent_id: string;
         subject: string;
         plan?: string;
@@ -41,7 +42,7 @@ export declare class Consultation {
         keep_open?: boolean;
         assigned_to?: string | null;
     }): Thread;
-    postToThread(params: {
+    postToThread(orgId: string, params: {
         thread_id: string;
         agent_id: string;
         agent_name?: string;
@@ -50,19 +51,27 @@ export declare class Consultation {
         context_snapshot?: string;
         in_reply_to?: string;
     }): ThreadMessage;
-    proposeResolution(threadId: string, agentId: string, summary: string): void;
-    approveResolution(threadId: string, agentId: string, agentName?: string): void;
-    contestResolution(threadId: string, agentId: string, reason: string): void;
-    cancelThread(threadId: string, agentId: string, reason?: string): void;
-    closeThread(threadId: string, agentId: string, summary: string): void;
+    proposeResolution(orgId: string, threadId: string, agentId: string, summary: string): void;
+    approveResolution(orgId: string, threadId: string, agentId: string, agentName?: string): void;
+    contestResolution(orgId: string, threadId: string, agentId: string, reason: string): void;
+    cancelThread(orgId: string, threadId: string, agentId: string, reason?: string): void;
+    closeThread(orgId: string, threadId: string, agentId: string, summary: string): void;
+    /**
+     * Cross-org maintenance sweep — stays at v0.6 signature per Phase 1 plan.
+     * handleAgentDeparture iterates ALL orgs (internal maintenance only).
+     */
     handleAgentDeparture(agentId: string): void;
+    /**
+     * Cross-org sweeper — stays at v0.6 signature per Phase 1 plan.
+     * checkTimeouts scans ALL orgs (internal maintenance only).
+     */
     checkTimeouts(): void;
-    getThread(threadId: string): Thread | null;
-    getThreadWithMessages(threadId: string): {
+    getThread(orgId: string, threadId: string): Thread | null;
+    getThreadWithMessages(orgId: string, threadId: string): {
         thread: Thread;
         messages: ThreadMessage[];
     } | null;
-    listThreads(filters: {
+    listThreads(orgId: string, filters: {
         status?: string;
         agent_id?: string;
         module?: string;
@@ -83,15 +92,20 @@ export declare class Consultation {
          */
         since_minutes?: number;
     }): Thread[];
-    getThreadUpdates(agentId: string, since?: string): ThreadMessage[];
-    logActionSummary(params: {
+    getThreadUpdates(orgId: string, agentId: string, since?: string): ThreadMessage[];
+    logActionSummary(orgId: string, params: {
         session_id: string;
         agent_id: string;
         file_path?: string;
         summary: string;
     }): ActionSummary;
-    getActionSummaries(agentId: string, since?: string): ActionSummary[];
-    getActionSummariesBySession(sessionId: string): ActionSummary[];
+    getActionSummaries(orgId: string, agentId: string, since?: string): ActionSummary[];
+    getActionSummariesBySession(orgId: string, sessionId: string): ActionSummary[];
+    /**
+     * Cross-org thread lookup for internal sweepers/departure handlers.
+     * Do NOT call from public methods — use getThread(orgId, id) instead.
+     */
+    private getThreadCrossOrg;
     private postResolutionMessage;
     private allRespondentsApproved;
 }