mcp-creatio 0.6.2 → 0.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +233 -164
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +22 -10
- package/dist/cli.js.map +1 -1
- package/dist/config-builder.d.ts +8 -0
- package/dist/config-builder.d.ts.map +1 -1
- package/dist/config-builder.js +147 -43
- package/dist/config-builder.js.map +1 -1
- package/dist/consts.d.ts.map +1 -1
- package/dist/consts.js +2 -1
- package/dist/consts.js.map +1 -1
- package/dist/creatio/auth/auth-manager.d.ts.map +1 -1
- package/dist/creatio/auth/auth-manager.js +5 -2
- package/dist/creatio/auth/auth-manager.js.map +1 -1
- package/dist/creatio/auth/auth.d.ts +4 -31
- package/dist/creatio/auth/auth.d.ts.map +1 -1
- package/dist/creatio/auth/auth.js +20 -26
- package/dist/creatio/auth/auth.js.map +1 -1
- package/dist/creatio/auth/constants.d.ts +14 -0
- package/dist/creatio/auth/constants.d.ts.map +1 -0
- package/dist/creatio/auth/constants.js +20 -0
- package/dist/creatio/auth/constants.js.map +1 -0
- package/dist/creatio/auth/contracts.d.ts +15 -0
- package/dist/creatio/auth/contracts.d.ts.map +1 -0
- package/dist/creatio/auth/contracts.js +3 -0
- package/dist/creatio/auth/contracts.js.map +1 -0
- package/dist/creatio/auth/headers.d.ts +3 -0
- package/dist/creatio/auth/headers.d.ts.map +1 -0
- package/dist/creatio/auth/headers.js +15 -0
- package/dist/creatio/auth/headers.js.map +1 -0
- package/dist/creatio/auth/identity.d.ts +8 -0
- package/dist/creatio/auth/identity.d.ts.map +1 -0
- package/dist/creatio/auth/identity.js +18 -0
- package/dist/creatio/auth/identity.js.map +1 -0
- package/dist/creatio/auth/index.d.ts +4 -3
- package/dist/creatio/auth/index.d.ts.map +1 -1
- package/dist/creatio/auth/index.js +5 -3
- package/dist/creatio/auth/index.js.map +1 -1
- package/dist/creatio/auth/providers/base-oauth2-provider.d.ts +13 -7
- package/dist/creatio/auth/providers/base-oauth2-provider.d.ts.map +1 -1
- package/dist/creatio/auth/providers/base-oauth2-provider.js +29 -19
- package/dist/creatio/auth/providers/base-oauth2-provider.js.map +1 -1
- package/dist/creatio/auth/providers/base-provider.js +1 -1
- package/dist/creatio/auth/providers/base-provider.js.map +1 -1
- package/dist/creatio/auth/providers/broker-provider.d.ts +20 -0
- package/dist/creatio/auth/providers/broker-provider.d.ts.map +1 -0
- package/dist/creatio/auth/providers/broker-provider.js +72 -0
- package/dist/creatio/auth/providers/broker-provider.js.map +1 -0
- package/dist/creatio/auth/providers/creatio-oauth-client.d.ts +27 -0
- package/dist/creatio/auth/providers/creatio-oauth-client.d.ts.map +1 -0
- package/dist/creatio/auth/providers/creatio-oauth-client.js +122 -0
- package/dist/creatio/auth/providers/creatio-oauth-client.js.map +1 -0
- package/dist/creatio/auth/providers/index.d.ts +3 -1
- package/dist/creatio/auth/providers/index.d.ts.map +1 -1
- package/dist/creatio/auth/providers/index.js +3 -1
- package/dist/creatio/auth/providers/index.js.map +1 -1
- package/dist/creatio/auth/providers/oauth2-bearer-provider.d.ts +17 -0
- package/dist/creatio/auth/providers/oauth2-bearer-provider.d.ts.map +1 -0
- package/dist/creatio/auth/providers/oauth2-bearer-provider.js +33 -0
- package/dist/creatio/auth/providers/oauth2-bearer-provider.js.map +1 -0
- package/dist/creatio/auth/providers/oauth2-provider.d.ts +2 -2
- package/dist/creatio/auth/providers/oauth2-provider.d.ts.map +1 -1
- package/dist/creatio/auth/providers/oauth2-provider.js +4 -9
- package/dist/creatio/auth/providers/oauth2-provider.js.map +1 -1
- package/dist/creatio/auth/providers/type.d.ts +20 -1
- package/dist/creatio/auth/providers/type.d.ts.map +1 -1
- package/dist/creatio/auth/providers/type.js +22 -2
- package/dist/creatio/auth/providers/type.js.map +1 -1
- package/dist/creatio/client-config.d.ts +26 -5
- package/dist/creatio/client-config.d.ts.map +1 -1
- package/dist/creatio/engines/admin-operation-engine.d.ts +1 -1
- package/dist/creatio/engines/admin-operation-engine.d.ts.map +1 -1
- package/dist/creatio/engines/admin-operation-engine.js +3 -3
- package/dist/creatio/engines/admin-operation-engine.js.map +1 -1
- package/dist/creatio/engines/configuration-engine.d.ts +1 -1
- package/dist/creatio/engines/configuration-engine.d.ts.map +1 -1
- package/dist/creatio/engines/configuration-engine.js +3 -3
- package/dist/creatio/engines/configuration-engine.js.map +1 -1
- package/dist/creatio/engines/crud-engine.d.ts +1 -1
- package/dist/creatio/engines/crud-engine.d.ts.map +1 -1
- package/dist/creatio/engines/crud-engine.js +4 -4
- package/dist/creatio/engines/crud-engine.js.map +1 -1
- package/dist/creatio/engines/engine-manager.d.ts +1 -2
- package/dist/creatio/engines/engine-manager.d.ts.map +1 -1
- package/dist/creatio/engines/engine-manager.js +4 -10
- package/dist/creatio/engines/engine-manager.js.map +1 -1
- package/dist/creatio/engines/engine.d.ts.map +1 -1
- package/dist/creatio/engines/engine.js +12 -1
- package/dist/creatio/engines/engine.js.map +1 -1
- package/dist/creatio/engines/feature-engine.d.ts +1 -1
- package/dist/creatio/engines/feature-engine.d.ts.map +1 -1
- package/dist/creatio/engines/feature-engine.js +3 -3
- package/dist/creatio/engines/feature-engine.js.map +1 -1
- package/dist/creatio/engines/process-engine.d.ts +1 -1
- package/dist/creatio/engines/process-engine.d.ts.map +1 -1
- package/dist/creatio/engines/process-engine.js +3 -3
- package/dist/creatio/engines/process-engine.js.map +1 -1
- package/dist/creatio/engines/sys-settings-engine.d.ts +1 -1
- package/dist/creatio/engines/sys-settings-engine.d.ts.map +1 -1
- package/dist/creatio/engines/sys-settings-engine.js +3 -3
- package/dist/creatio/engines/sys-settings-engine.js.map +1 -1
- package/dist/creatio/engines/user-engine.d.ts +1 -1
- package/dist/creatio/engines/user-engine.d.ts.map +1 -1
- package/dist/creatio/engines/user-engine.js +3 -3
- package/dist/creatio/engines/user-engine.js.map +1 -1
- package/dist/creatio/services/creatio-service-context.d.ts +1 -1
- package/dist/creatio/services/creatio-service-context.d.ts.map +1 -1
- package/dist/creatio/services/crud-provider-factory.d.ts.map +1 -1
- package/dist/creatio/services/crud-provider-factory.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-column-values.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-crud-provider.d.ts +3 -3
- package/dist/creatio/services/dataservice/data-service-crud-provider.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-crud-provider.js +5 -5
- package/dist/creatio/services/dataservice/data-service-crud-provider.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-filter-translator.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-filter-translator.js +7 -2
- package/dist/creatio/services/dataservice/data-service-filter-translator.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-query-builder.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-query-builder.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-schema.d.ts +3 -3
- package/dist/creatio/services/dataservice/data-service-schema.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-schema.js +19 -17
- package/dist/creatio/services/dataservice/data-service-schema.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-transport.d.ts +1 -1
- package/dist/creatio/services/dataservice/data-service-transport.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-transport.js +3 -3
- package/dist/creatio/services/dataservice/data-service-transport.js.map +1 -1
- package/dist/creatio/services/dataservice/data-service-types.d.ts +0 -19
- package/dist/creatio/services/dataservice/data-service-types.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-value-type.d.ts +2 -1
- package/dist/creatio/services/dataservice/data-service-value-type.d.ts.map +1 -1
- package/dist/creatio/services/dataservice/data-service-value-type.js +20 -16
- package/dist/creatio/services/dataservice/data-service-value-type.js.map +1 -1
- package/dist/creatio/services/http-client.d.ts +13 -0
- package/dist/creatio/services/http-client.d.ts.map +1 -1
- package/dist/creatio/services/http-client.js +26 -2
- package/dist/creatio/services/http-client.js.map +1 -1
- package/dist/creatio/services/identifiers.d.ts +10 -0
- package/dist/creatio/services/identifiers.d.ts.map +1 -0
- package/dist/creatio/services/identifiers.js +20 -0
- package/dist/creatio/services/identifiers.js.map +1 -0
- package/dist/creatio/services/odata/metadata-store.d.ts +6 -2
- package/dist/creatio/services/odata/metadata-store.d.ts.map +1 -1
- package/dist/creatio/services/odata/metadata-store.js +30 -34
- package/dist/creatio/services/odata/metadata-store.js.map +1 -1
- package/dist/creatio/services/odata/odata-crud-provider.d.ts.map +1 -1
- package/dist/creatio/services/odata/odata-crud-provider.js +10 -25
- package/dist/creatio/services/odata/odata-crud-provider.js.map +1 -1
- package/dist/creatio/services/odata/odata-query-translator.d.ts +4 -5
- package/dist/creatio/services/odata/odata-query-translator.d.ts.map +1 -1
- package/dist/creatio/services/odata/odata-query-translator.js +32 -20
- package/dist/creatio/services/odata/odata-query-translator.js.map +1 -1
- package/dist/creatio/services/user-info-provider.d.ts.map +1 -1
- package/dist/creatio/services/user-info-provider.js +2 -2
- package/dist/creatio/services/user-info-provider.js.map +1 -1
- package/dist/index.js +30 -4
- package/dist/index.js.map +1 -1
- package/dist/log.d.ts +1 -1
- package/dist/log.d.ts.map +1 -1
- package/dist/log.js +2 -1
- package/dist/log.js.map +1 -1
- package/dist/server/bearer/base-url-guard.d.ts +20 -0
- package/dist/server/bearer/base-url-guard.d.ts.map +1 -0
- package/dist/server/bearer/base-url-guard.js +55 -0
- package/dist/server/bearer/base-url-guard.js.map +1 -0
- package/dist/server/bearer/bearer-edge.d.ts +42 -0
- package/dist/server/bearer/bearer-edge.d.ts.map +1 -0
- package/dist/server/bearer/bearer-edge.js +122 -0
- package/dist/server/bearer/bearer-edge.js.map +1 -0
- package/dist/server/bearer/bearer-token.d.ts +27 -0
- package/dist/server/bearer/bearer-token.d.ts.map +1 -0
- package/dist/server/bearer/bearer-token.js +50 -0
- package/dist/server/bearer/bearer-token.js.map +1 -0
- package/dist/server/bearer/index.d.ts +3 -0
- package/dist/server/bearer/index.d.ts.map +1 -0
- package/dist/server/bearer/index.js +19 -0
- package/dist/server/bearer/index.js.map +1 -0
- package/dist/server/http/auth-edge.d.ts +26 -0
- package/dist/server/http/auth-edge.d.ts.map +1 -0
- package/dist/server/http/auth-edge.js +75 -0
- package/dist/server/http/auth-edge.js.map +1 -0
- package/dist/server/http/broker-handlers.d.ts +45 -0
- package/dist/server/http/broker-handlers.d.ts.map +1 -0
- package/dist/server/http/broker-handlers.js +224 -0
- package/dist/server/http/broker-handlers.js.map +1 -0
- package/dist/server/http/{httpServer.d.ts → http-server.d.ts} +5 -13
- package/dist/server/http/http-server.d.ts.map +1 -0
- package/dist/server/http/{httpServer.js → http-server.js} +19 -53
- package/dist/server/http/http-server.js.map +1 -0
- package/dist/server/http/index.d.ts +1 -3
- package/dist/server/http/index.d.ts.map +1 -1
- package/dist/server/http/index.js +1 -3
- package/dist/server/http/index.js.map +1 -1
- package/dist/server/http/mcp-handlers.d.ts.map +1 -1
- package/dist/server/http/mcp-handlers.js +16 -3
- package/dist/server/http/mcp-handlers.js.map +1 -1
- package/dist/server/http/middleware.d.ts +3 -4
- package/dist/server/http/middleware.d.ts.map +1 -1
- package/dist/server/http/middleware.js +33 -23
- package/dist/server/http/middleware.js.map +1 -1
- package/dist/server/http/public-origin.d.ts +10 -0
- package/dist/server/http/public-origin.d.ts.map +1 -0
- package/dist/server/http/public-origin.js +19 -0
- package/dist/server/http/public-origin.js.map +1 -0
- package/dist/server/http/rate-limiter.d.ts +1 -1
- package/dist/server/http/rate-limiter.d.ts.map +1 -1
- package/dist/server/http/rate-limiter.js +11 -11
- package/dist/server/http/rate-limiter.js.map +1 -1
- package/dist/server/http-agent.d.ts +9 -0
- package/dist/server/http-agent.d.ts.map +1 -0
- package/dist/server/http-agent.js +35 -0
- package/dist/server/http-agent.js.map +1 -0
- package/dist/server/index.d.ts +2 -0
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +2 -0
- package/dist/server/index.js.map +1 -1
- package/dist/server/keepalive.d.ts +26 -0
- package/dist/server/keepalive.d.ts.map +1 -0
- package/dist/server/keepalive.js +64 -0
- package/dist/server/keepalive.js.map +1 -0
- package/dist/server/mcp/creatio-rest.d.ts +6 -0
- package/dist/server/mcp/creatio-rest.d.ts.map +1 -1
- package/dist/server/mcp/creatio-rest.js +21 -3
- package/dist/server/mcp/creatio-rest.js.map +1 -1
- package/dist/server/mcp/crtmcp/crt-mcp-client.d.ts +1 -1
- package/dist/server/mcp/crtmcp/crt-mcp-client.d.ts.map +1 -1
- package/dist/server/mcp/crtmcp/crt-mcp-client.js +16 -13
- package/dist/server/mcp/crtmcp/crt-mcp-client.js.map +1 -1
- package/dist/server/mcp/crtmcp/crt-mcp-tool-preparer.d.ts +2 -2
- package/dist/server/mcp/crtmcp/crt-mcp-tool-preparer.d.ts.map +1 -1
- package/dist/server/mcp/crtmcp/crt-mcp-tool-preparer.js +17 -17
- package/dist/server/mcp/crtmcp/crt-mcp-tool-preparer.js.map +1 -1
- package/dist/server/mcp/dataforge/dataforge-client.d.ts +12 -12
- package/dist/server/mcp/dataforge/dataforge-client.d.ts.map +1 -1
- package/dist/server/mcp/dataforge/dataforge-client.js +40 -47
- package/dist/server/mcp/dataforge/dataforge-client.js.map +1 -1
- package/dist/server/mcp/dataforge/dataforge-tool-preparer.d.ts +2 -2
- package/dist/server/mcp/dataforge/dataforge-tool-preparer.d.ts.map +1 -1
- package/dist/server/mcp/dataforge/dataforge-tool-preparer.js +9 -9
- package/dist/server/mcp/dataforge/dataforge-tool-preparer.js.map +1 -1
- package/dist/server/mcp/filters.d.ts.map +1 -1
- package/dist/server/mcp/filters.js +4 -1
- package/dist/server/mcp/filters.js.map +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-client.d.ts +4 -4
- package/dist/server/mcp/globalsearch/globalsearch-client.d.ts.map +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-client.js +39 -50
- package/dist/server/mcp/globalsearch/globalsearch-client.js.map +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-tool-preparer.d.ts +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-tool-preparer.d.ts.map +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-tool-preparer.js +1 -1
- package/dist/server/mcp/globalsearch/globalsearch-tool-preparer.js.map +1 -1
- package/dist/server/mcp/server.d.ts +35 -8
- package/dist/server/mcp/server.d.ts.map +1 -1
- package/dist/server/mcp/server.js +104 -44
- package/dist/server/mcp/server.js.map +1 -1
- package/dist/server/mcp/tools-data.d.ts +2 -2
- package/dist/server/mcp/tools-data.d.ts.map +1 -1
- package/dist/server/mcp/tools-data.js +1 -1
- package/dist/server/mcp/tools-data.js.map +1 -1
- package/dist/server/oauth/oauth-server.d.ts +41 -10
- package/dist/server/oauth/oauth-server.d.ts.map +1 -1
- package/dist/server/oauth/oauth-server.js +82 -48
- package/dist/server/oauth/oauth-server.js.map +1 -1
- package/dist/server/oauth/storage.d.ts +42 -5
- package/dist/server/oauth/storage.d.ts.map +1 -1
- package/dist/server/oauth/storage.js +81 -18
- package/dist/server/oauth/storage.js.map +1 -1
- package/dist/server/oauth/token-manager.d.ts +21 -4
- package/dist/server/oauth/token-manager.d.ts.map +1 -1
- package/dist/server/oauth/token-manager.js +18 -19
- package/dist/server/oauth/token-manager.js.map +1 -1
- package/dist/server/oauth/types.d.ts +0 -12
- package/dist/server/oauth/types.d.ts.map +1 -1
- package/dist/server/oauth/validators.d.ts.map +1 -1
- package/dist/server/oauth/validators.js +14 -5
- package/dist/server/oauth/validators.js.map +1 -1
- package/dist/sessions/index.d.ts +1 -1
- package/dist/sessions/index.d.ts.map +1 -1
- package/dist/sessions/index.js +1 -1
- package/dist/sessions/index.js.map +1 -1
- package/dist/sessions/redis-token-store.d.ts +22 -0
- package/dist/sessions/redis-token-store.d.ts.map +1 -0
- package/dist/sessions/redis-token-store.js +70 -0
- package/dist/sessions/redis-token-store.js.map +1 -0
- package/dist/sessions/session-context.d.ts +21 -40
- package/dist/sessions/session-context.d.ts.map +1 -1
- package/dist/sessions/session-context.js +25 -105
- package/dist/sessions/session-context.js.map +1 -1
- package/dist/sessions/token-crypto.d.ts +8 -0
- package/dist/sessions/token-crypto.d.ts.map +1 -0
- package/dist/sessions/token-crypto.js +43 -0
- package/dist/sessions/token-crypto.js.map +1 -0
- package/dist/sessions/token-store.d.ts +42 -0
- package/dist/sessions/token-store.d.ts.map +1 -0
- package/dist/sessions/token-store.js +66 -0
- package/dist/sessions/token-store.js.map +1 -0
- package/dist/utils/context.d.ts +12 -0
- package/dist/utils/context.d.ts.map +1 -1
- package/dist/utils/context.js +16 -0
- package/dist/utils/context.js.map +1 -1
- package/dist/utils/env-aliases.d.ts +9 -0
- package/dist/utils/env-aliases.d.ts.map +1 -0
- package/dist/utils/env-aliases.js +61 -0
- package/dist/utils/env-aliases.js.map +1 -0
- package/dist/utils/env.d.ts +5 -0
- package/dist/utils/env.d.ts.map +1 -1
- package/dist/utils/env.js +10 -1
- package/dist/utils/env.js.map +1 -1
- package/package.json +78 -76
- package/dist/creatio/auth/providers/oauth2-code-provider.d.ts +0 -21
- package/dist/creatio/auth/providers/oauth2-code-provider.d.ts.map +0 -1
- package/dist/creatio/auth/providers/oauth2-code-provider.js +0 -251
- package/dist/creatio/auth/providers/oauth2-code-provider.js.map +0 -1
- package/dist/server/http/creatio-oauth-handlers.d.ts +0 -13
- package/dist/server/http/creatio-oauth-handlers.d.ts.map +0 -1
- package/dist/server/http/creatio-oauth-handlers.js +0 -160
- package/dist/server/http/creatio-oauth-handlers.js.map +0 -1
- package/dist/server/http/httpServer.d.ts.map +0 -1
- package/dist/server/http/httpServer.js.map +0 -1
- package/dist/server/http/mcp-oauth-handlers.d.ts +0 -11
- package/dist/server/http/mcp-oauth-handlers.d.ts.map +0 -1
- package/dist/server/http/mcp-oauth-handlers.js +0 -118
- package/dist/server/http/mcp-oauth-handlers.js.map +0 -1
- package/dist/sessions/token-refresh-scheduler.d.ts +0 -16
- package/dist/sessions/token-refresh-scheduler.d.ts.map +0 -1
- package/dist/sessions/token-refresh-scheduler.js +0 -66
- package/dist/sessions/token-refresh-scheduler.js.map +0 -1
package/dist/config-builder.js
CHANGED
|
@@ -1,64 +1,145 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getTokenStoreConfig = getTokenStoreConfig;
|
|
3
7
|
exports.getCreatioClientConfig = getCreatioClientConfig;
|
|
8
|
+
const node_crypto_1 = __importDefault(require("node:crypto"));
|
|
4
9
|
const creatio_1 = require("./creatio");
|
|
10
|
+
const log_1 = __importDefault(require("./log"));
|
|
5
11
|
const utils_1 = require("./utils");
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
12
|
+
/**
|
|
13
|
+
* The single user-facing auth selector (`CREATIO_MCP_AUTH_MODE`). When unset it is INFERRED from
|
|
14
|
+
* the supplied credentials (see {@link resolveAuthConfig}); `delegated`/`gateway` need none.
|
|
15
|
+
*/
|
|
16
|
+
const AUTH_MODES = ['delegated', 'gateway', 'broker', 'client_credentials', 'legacy'];
|
|
17
|
+
const MISSING_CLIENT_CREDENTIALS = 'client_credentials auth requires CREATIO_CLIENT_ID and CREATIO_CLIENT_SECRET';
|
|
18
|
+
const MISSING_LEGACY = 'legacy auth requires CREATIO_LOGIN and CREATIO_PASSWORD';
|
|
19
|
+
const MISSING_BROKER = 'broker auth requires CREATIO_CLIENT_ID';
|
|
20
|
+
function readExplicitMode() {
|
|
21
|
+
const raw = (0, utils_1.env)('CREATIO_MCP_AUTH_MODE')?.toLowerCase();
|
|
22
|
+
if (!raw) {
|
|
23
|
+
return undefined;
|
|
10
24
|
}
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
return oauth2Conf;
|
|
25
|
+
if (AUTH_MODES.includes(raw)) {
|
|
26
|
+
return raw;
|
|
14
27
|
}
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
28
|
+
throw new Error(`unsupported_auth_mode:${raw} (expected one of ${AUTH_MODES.join(', ')})`);
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Infers the mode from supplied credentials when `CREATIO_MCP_AUTH_MODE` is unset:
|
|
32
|
+
* legacy (login/password) → client_credentials (id/secret) → delegated (stateless, no creds).
|
|
33
|
+
*/
|
|
34
|
+
function inferMode() {
|
|
35
|
+
if ((0, utils_1.env)('CREATIO_LOGIN') && (0, utils_1.env)('CREATIO_PASSWORD')) {
|
|
36
|
+
return 'legacy';
|
|
37
|
+
}
|
|
38
|
+
if ((0, utils_1.env)('CREATIO_CLIENT_ID') && (0, utils_1.env)('CREATIO_CLIENT_SECRET')) {
|
|
39
|
+
return 'client_credentials';
|
|
18
40
|
}
|
|
19
|
-
|
|
41
|
+
return 'delegated';
|
|
20
42
|
}
|
|
21
|
-
function
|
|
22
|
-
const
|
|
23
|
-
const
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
kind: creatio_1.AuthProviderType.OAuth2Code,
|
|
29
|
-
clientId: codeClientId,
|
|
30
|
-
clientSecret: codeClientSecret,
|
|
31
|
-
redirectUri: codeRedirectUri,
|
|
32
|
-
scope: codeScope,
|
|
33
|
-
};
|
|
34
|
-
}
|
|
35
|
-
return null;
|
|
43
|
+
function bearerConfig(mode) {
|
|
44
|
+
const conf = { kind: creatio_1.AuthProviderType.OAuth2Bearer, mode };
|
|
45
|
+
const idb = (0, utils_1.env)('CREATIO_ID_BASE_URL');
|
|
46
|
+
if (idb) {
|
|
47
|
+
conf.idBaseUrl = idb;
|
|
48
|
+
}
|
|
49
|
+
return conf;
|
|
36
50
|
}
|
|
37
|
-
function
|
|
51
|
+
function clientCredentialsConfig() {
|
|
38
52
|
const clientId = (0, utils_1.env)('CREATIO_CLIENT_ID');
|
|
39
53
|
const clientSecret = (0, utils_1.env)('CREATIO_CLIENT_SECRET');
|
|
40
|
-
if (clientId
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
54
|
+
if (!clientId || !clientSecret) {
|
|
55
|
+
throw new Error(MISSING_CLIENT_CREDENTIALS);
|
|
56
|
+
}
|
|
57
|
+
const conf = { kind: creatio_1.AuthProviderType.OAuth2, clientId, clientSecret };
|
|
58
|
+
const idb = (0, utils_1.env)('CREATIO_ID_BASE_URL');
|
|
59
|
+
if (idb) {
|
|
60
|
+
conf.idBaseUrl = idb;
|
|
61
|
+
}
|
|
62
|
+
return conf;
|
|
63
|
+
}
|
|
64
|
+
/** HS256 security rests ENTIRELY on the secret's entropy, so a short secret is brute-forceable
|
|
65
|
+
* offline from any issued token. Refuse anything weaker than 32 chars (256 bits of base64). */
|
|
66
|
+
const MIN_JWT_SECRET_LENGTH = 32;
|
|
67
|
+
/**
|
|
68
|
+
* The secret that signs the tokens the broker issues to its OWN clients. A stable secret is
|
|
69
|
+
* required to (a) keep client tokens valid across restarts and (b) validate them across multiple
|
|
70
|
+
* instances. A configured secret must clear the entropy floor; in production an explicit secret is
|
|
71
|
+
* mandatory (fail closed). Outside production an unset secret yields an ephemeral one (with a
|
|
72
|
+
* warning) so local/dev just works — at the cost of both properties above.
|
|
73
|
+
*/
|
|
74
|
+
function resolveBrokerJwtSecret() {
|
|
75
|
+
const configured = (0, utils_1.env)('CREATIO_MCP_JWT_SECRET');
|
|
76
|
+
if (configured) {
|
|
77
|
+
if (configured.length < MIN_JWT_SECRET_LENGTH) {
|
|
78
|
+
throw new Error(`CREATIO_MCP_JWT_SECRET is too weak: it must be at least ${MIN_JWT_SECRET_LENGTH} ` +
|
|
79
|
+
`characters (got ${configured.length}). HS256 token security depends entirely on it.`);
|
|
45
80
|
}
|
|
46
|
-
return
|
|
81
|
+
return configured;
|
|
82
|
+
}
|
|
83
|
+
if ((0, utils_1.env)('NODE_ENV') === 'production') {
|
|
84
|
+
throw new Error('CREATIO_MCP_JWT_SECRET is required in production for broker mode. Set a stable secret ' +
|
|
85
|
+
`of at least ${MIN_JWT_SECRET_LENGTH} characters.`);
|
|
86
|
+
}
|
|
87
|
+
log_1.default.warn('broker.jwt_secret.ephemeral', {
|
|
88
|
+
detail: 'CREATIO_MCP_JWT_SECRET is not set — generated a random one. Tokens issued to clients ' +
|
|
89
|
+
'will be invalidated on restart and will not validate across multiple instances. Set a ' +
|
|
90
|
+
'stable secret for production or horizontal scaling.',
|
|
91
|
+
});
|
|
92
|
+
return node_crypto_1.default.randomBytes(32).toString('base64url');
|
|
93
|
+
}
|
|
94
|
+
function brokerConfig() {
|
|
95
|
+
const clientId = (0, utils_1.env)('CREATIO_CLIENT_ID');
|
|
96
|
+
if (!clientId) {
|
|
97
|
+
throw new Error(MISSING_BROKER);
|
|
47
98
|
}
|
|
48
|
-
|
|
99
|
+
const jwtSecret = resolveBrokerJwtSecret();
|
|
100
|
+
const conf = { kind: creatio_1.AuthProviderType.Broker, clientId, jwtSecret };
|
|
101
|
+
const clientSecret = (0, utils_1.env)('CREATIO_CLIENT_SECRET');
|
|
102
|
+
if (clientSecret) {
|
|
103
|
+
conf.clientSecret = clientSecret;
|
|
104
|
+
}
|
|
105
|
+
const idb = (0, utils_1.env)('CREATIO_ID_BASE_URL');
|
|
106
|
+
if (idb) {
|
|
107
|
+
conf.idBaseUrl = idb;
|
|
108
|
+
}
|
|
109
|
+
return conf;
|
|
49
110
|
}
|
|
50
|
-
function
|
|
111
|
+
function legacyConfig() {
|
|
51
112
|
const login = (0, utils_1.env)('CREATIO_LOGIN');
|
|
52
113
|
const password = (0, utils_1.env)('CREATIO_PASSWORD');
|
|
53
|
-
if (login
|
|
54
|
-
|
|
114
|
+
if (!login || !password) {
|
|
115
|
+
throw new Error(MISSING_LEGACY);
|
|
116
|
+
}
|
|
117
|
+
return { kind: creatio_1.AuthProviderType.Legacy, login, password };
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Resolves the one effective auth config from the unified `CREATIO_MCP_AUTH_MODE` selector
|
|
121
|
+
* (explicit or inferred). Credential-based modes throw a clear error when their inputs are missing;
|
|
122
|
+
* stateless Bearer modes (delegated/gateway) need none.
|
|
123
|
+
*/
|
|
124
|
+
function resolveAuthConfig() {
|
|
125
|
+
const mode = readExplicitMode() ?? inferMode();
|
|
126
|
+
switch (mode) {
|
|
127
|
+
case 'delegated':
|
|
128
|
+
return bearerConfig(creatio_1.BearerAuthMode.Delegated);
|
|
129
|
+
case 'gateway':
|
|
130
|
+
return bearerConfig(creatio_1.BearerAuthMode.Gateway);
|
|
131
|
+
case 'broker':
|
|
132
|
+
return brokerConfig();
|
|
133
|
+
case 'client_credentials':
|
|
134
|
+
return clientCredentialsConfig();
|
|
135
|
+
case 'legacy':
|
|
136
|
+
return legacyConfig();
|
|
55
137
|
}
|
|
56
|
-
return null;
|
|
57
138
|
}
|
|
58
139
|
function getCrudBackend() {
|
|
59
|
-
const raw = (0, utils_1.env)('
|
|
140
|
+
const raw = (0, utils_1.env)('CREATIO_MCP_CRUD_BACKEND')?.toLowerCase();
|
|
60
141
|
// DataService is the default backend (Creatio's native data API, what the UI uses);
|
|
61
|
-
// set
|
|
142
|
+
// set CREATIO_MCP_CRUD_BACKEND=odata to opt into the OData backend instead.
|
|
62
143
|
if (!raw || raw === 'dataservice') {
|
|
63
144
|
return 'dataservice';
|
|
64
145
|
}
|
|
@@ -67,12 +148,35 @@ function getCrudBackend() {
|
|
|
67
148
|
}
|
|
68
149
|
return 'odata';
|
|
69
150
|
}
|
|
70
|
-
function
|
|
151
|
+
function getRequiredBaseUrl() {
|
|
71
152
|
const baseUrl = (0, utils_1.env)('CREATIO_BASE_URL');
|
|
72
153
|
if (!baseUrl) {
|
|
73
154
|
throw new Error('Environment variable CREATIO_BASE_URL is required but not set');
|
|
74
155
|
}
|
|
75
|
-
|
|
76
|
-
|
|
156
|
+
return baseUrl;
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* Broker token-store selection. `memory` (default) keeps tokens in-process (lost on restart, single
|
|
160
|
+
* instance); `redis` makes the broker stateless + restart-durable + multi-instance. The at-rest
|
|
161
|
+
* encryption key derives from `CREATIO_MCP_TOKEN_ENC_KEY` when set, else the (mandatory) broker
|
|
162
|
+
* `CREATIO_MCP_JWT_SECRET`.
|
|
163
|
+
*/
|
|
164
|
+
function getTokenStoreConfig() {
|
|
165
|
+
const kind = (0, utils_1.env)('CREATIO_MCP_TOKEN_STORE')?.toLowerCase() === 'redis' ? 'redis' : 'memory';
|
|
166
|
+
if (kind === 'memory') {
|
|
167
|
+
return { kind };
|
|
168
|
+
}
|
|
169
|
+
return {
|
|
170
|
+
kind,
|
|
171
|
+
redisUrl: (0, utils_1.env)('CREATIO_MCP_REDIS_URL'),
|
|
172
|
+
encryptionSecret: (0, utils_1.env)('CREATIO_MCP_TOKEN_ENC_KEY') || (0, utils_1.env)('CREATIO_MCP_JWT_SECRET'),
|
|
173
|
+
};
|
|
174
|
+
}
|
|
175
|
+
function getCreatioClientConfig() {
|
|
176
|
+
return {
|
|
177
|
+
baseUrl: getRequiredBaseUrl(),
|
|
178
|
+
auth: resolveAuthConfig(),
|
|
179
|
+
crudBackend: getCrudBackend(),
|
|
180
|
+
};
|
|
77
181
|
}
|
|
78
182
|
//# sourceMappingURL=config-builder.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config-builder.js","sourceRoot":"","sources":["../src/config-builder.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"config-builder.js","sourceRoot":"","sources":["../src/config-builder.ts"],"names":[],"mappings":";;;;;AA6LA,kDAUC;AAED,wDAMC;AA/MD,8DAAiC;AAEjC,uCAUmB;AACnB,gDAAwB;AAExB,mCAA8B;AAE9B;;;GAGG;AACH,MAAM,UAAU,GAAG,CAAC,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,oBAAoB,EAAE,QAAQ,CAAU,CAAC;AAG/F,MAAM,0BAA0B,GAC/B,8EAA8E,CAAC;AAChF,MAAM,cAAc,GAAG,yDAAyD,CAAC;AACjF,MAAM,cAAc,GAAG,wCAAwC,CAAC;AAEhE,SAAS,gBAAgB;IACxB,MAAM,GAAG,GAAG,IAAA,WAAG,EAAC,uBAAuB,CAAC,EAAE,WAAW,EAAE,CAAC;IACxD,IAAI,CAAC,GAAG,EAAE,CAAC;QACV,OAAO,SAAS,CAAC;IAClB,CAAC;IACD,IAAK,UAAgC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACrD,OAAO,GAAe,CAAC;IACxB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,qBAAqB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC5F,CAAC;AAED;;;GAGG;AACH,SAAS,SAAS;IACjB,IAAI,IAAA,WAAG,EAAC,eAAe,CAAC,IAAI,IAAA,WAAG,EAAC,kBAAkB,CAAC,EAAE,CAAC;QACrD,OAAO,QAAQ,CAAC;IACjB,CAAC;IACD,IAAI,IAAA,WAAG,EAAC,mBAAmB,CAAC,IAAI,IAAA,WAAG,EAAC,uBAAuB,CAAC,EAAE,CAAC;QAC9D,OAAO,oBAAoB,CAAC;IAC7B,CAAC;IACD,OAAO,WAAW,CAAC;AACpB,CAAC;AAED,SAAS,YAAY,CAAC,IAAoB;IACzC,MAAM,IAAI,GAAqB,EAAE,IAAI,EAAE,0BAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC;IAC7E,MAAM,GAAG,GAAG,IAAA,WAAG,EAAC,qBAAqB,CAAC,CAAC;IACvC,IAAI,GAAG,EAAE,CAAC;QACT,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO,IAAI,CAAC;AACb,CAAC;AAED,SAAS,uBAAuB;IAC/B,MAAM,QAAQ,GAAG,IAAA,WAAG,EAAC,mBAAmB,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,IAAA,WAAG,EAAC,uBAAuB,CAAC,CAAC;IAClD,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC7C,CAAC;IACD,MAAM,IAAI,GAAqB,EAAE,IAAI,EAAE,0BAAgB,CAAC,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzF,MAAM,GAAG,GAAG,IAAA,WAAG,EAAC,qBAAqB,CAAC,CAAC;IACvC,IAAI,GAAG,EAAE,CAAC;QACT,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO,IAAI,CAAC;AACb,CAAC;AAED;gGACgG;AAChG,MAAM,qBAAqB,GAAG,EAAE,CAAC;AAEjC;;;;;;GAMG;AACH,SAAS,sBAAsB;IAC9B,MAAM,UAAU,GAAG,IAAA,WAAG,EAAC,wBAAwB,CAAC,CAAC;IACjD,IAAI,UAAU,EAAE,CAAC;QAChB,IAAI,UAAU,CAAC,MAAM,GAAG,qBAAqB,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACd,2DAA2D,qBAAqB,GAAG;gBAClF,mBAAmB,UAAU,CAAC,MAAM,iDAAiD,CACtF,CAAC;QACH,CAAC;QACD,OAAO,UAAU,CAAC;IACnB,CAAC;IACD,IAAI,IAAA,WAAG,EAAC,UAAU,CAAC,KAAK,YAAY,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACd,wFAAwF;YACvF,eAAe,qBAAqB,cAAc,CACnD,CAAC;IACH,CAAC;IACD,aAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE;QACvC,MAAM,EACL,uFAAuF;YACvF,wFAAwF;YACxF,qDAAqD;KACtD,CAAC,CAAC;IACH,OAAO,qBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,YAAY;IACpB,MAAM,QAAQ,GAAG,IAAA,WAAG,EAAC,mBAAmB,CAAC,CAAC;IAC1C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAqB,EAAE,IAAI,EAAE,0BAAgB,CAAC,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IACtF,MAAM,YAAY,GAAG,IAAA,WAAG,EAAC,uBAAuB,CAAC,CAAC;IAClD,IAAI,YAAY,EAAE,CAAC;QAClB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IAClC,CAAC;IACD,MAAM,GAAG,GAAG,IAAA,WAAG,EAAC,qBAAqB,CAAC,CAAC;IACvC,IAAI,GAAG,EAAE,CAAC;QACT,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;IACtB,CAAC;IACD,OAAO,IAAI,CAAC;AACb,CAAC;AAED,SAAS,YAAY;IACpB,MAAM,KAAK,GAAG,IAAA,WAAG,EAAC,eAAe,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAA,WAAG,EAAC,kBAAkB,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,0BAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AAC3D,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB;IACzB,MAAM,IAAI,GAAG,gBAAgB,EAAE,IAAI,SAAS,EAAE,CAAC;IAC/C,QAAQ,IAAI,EAAE,CAAC;QACd,KAAK,WAAW;YACf,OAAO,YAAY,CAAC,wBAAc,CAAC,SAAS,CAAC,CAAC;QAC/C,KAAK,SAAS;YACb,OAAO,YAAY,CAAC,wBAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,KAAK,QAAQ;YACZ,OAAO,YAAY,EAAE,CAAC;QACvB,KAAK,oBAAoB;YACxB,OAAO,uBAAuB,EAAE,CAAC;QAClC,KAAK,QAAQ;YACZ,OAAO,YAAY,EAAE,CAAC;IACxB,CAAC;AACF,CAAC;AAED,SAAS,cAAc;IACtB,MAAM,GAAG,GAAG,IAAA,WAAG,EAAC,0BAA0B,CAAC,EAAE,WAAW,EAAE,CAAC;IAC3D,oFAAoF;IACpF,4EAA4E;IAC5E,IAAI,CAAC,GAAG,IAAI,GAAG,KAAK,aAAa,EAAE,CAAC;QACnC,OAAO,aAAa,CAAC;IACtB,CAAC;IACD,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,sCAAsC,CAAC,CAAC;IACxF,CAAC;IACD,OAAO,OAAO,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB;IAC1B,MAAM,OAAO,GAAG,IAAA,WAAG,EAAC,kBAAkB,CAAC,CAAC;IACxC,IAAI,CAAC,OAAO,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,OAAO,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB;IAClC,MAAM,IAAI,GAAG,IAAA,WAAG,EAAC,yBAAyB,CAAC,EAAE,WAAW,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC5F,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACvB,OAAO,EAAE,IAAI,EAAE,CAAC;IACjB,CAAC;IACD,OAAO;QACN,IAAI;QACJ,QAAQ,EAAE,IAAA,WAAG,EAAC,uBAAuB,CAAC;QACtC,gBAAgB,EAAE,IAAA,WAAG,EAAC,2BAA2B,CAAC,IAAI,IAAA,WAAG,EAAC,wBAAwB,CAAC;KACnF,CAAC;AACH,CAAC;AAED,SAAgB,sBAAsB;IACrC,OAAO;QACN,OAAO,EAAE,kBAAkB,EAAE;QAC7B,IAAI,EAAE,iBAAiB,EAAE;QACzB,WAAW,EAAE,cAAc,EAAE;KAC7B,CAAC;AACH,CAAC"}
|
package/dist/consts.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consts.d.ts","sourceRoot":"","sources":["../src/consts.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"consts.d.ts","sourceRoot":"","sources":["../src/consts.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,aAAa,QAA0C,CAAC"}
|
package/dist/consts.js
CHANGED
|
@@ -2,5 +2,6 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.HTTP_MCP_PORT = void 0;
|
|
4
4
|
const utils_1 = require("./utils");
|
|
5
|
-
|
|
5
|
+
// Canonical CREATIO_MCP_PORT; env() transparently falls back to the conventional PORT (no warning).
|
|
6
|
+
exports.HTTP_MCP_PORT = Number((0, utils_1.env)('CREATIO_MCP_PORT')) || 3000;
|
|
6
7
|
//# sourceMappingURL=consts.js.map
|
package/dist/consts.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consts.js","sourceRoot":"","sources":["../src/consts.ts"],"names":[],"mappings":";;;AAAA,mCAA8B;
|
|
1
|
+
{"version":3,"file":"consts.js","sourceRoot":"","sources":["../src/consts.ts"],"names":[],"mappings":";;;AAAA,mCAA8B;AAE9B,oGAAoG;AACvF,QAAA,aAAa,GAAG,MAAM,CAAC,IAAA,WAAG,EAAC,kBAAkB,CAAC,CAAC,IAAI,IAAI,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/auth-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/auth-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,QAAQ,CAAC;AAS9C,qBAAa,kBAAkB;IAC9B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAsB;IAC9C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAuB;gBAErC,MAAM,EAAE,mBAAmB;IAgBhC,WAAW,IAAI,oBAAoB;CAG1C"}
|
|
@@ -11,8 +11,11 @@ class CreatioAuthManager {
|
|
|
11
11
|
if (authKind === providers_1.AuthProviderType.OAuth2) {
|
|
12
12
|
this._provider = new providers_1.OAuth2Provider(this._config);
|
|
13
13
|
}
|
|
14
|
-
else if (authKind === providers_1.AuthProviderType.
|
|
15
|
-
this._provider = new providers_1.
|
|
14
|
+
else if (authKind === providers_1.AuthProviderType.OAuth2Bearer) {
|
|
15
|
+
this._provider = new providers_1.OAuth2BearerProvider(this._config);
|
|
16
|
+
}
|
|
17
|
+
else if (authKind === providers_1.AuthProviderType.Broker) {
|
|
18
|
+
this._provider = new providers_1.BrokerProvider(this._config);
|
|
16
19
|
}
|
|
17
20
|
else if (authKind === providers_1.AuthProviderType.Legacy) {
|
|
18
21
|
this._provider = new providers_1.LegacyProvider(this._config);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-manager.js","sourceRoot":"","sources":["../../../src/creatio/auth/auth-manager.ts"],"names":[],"mappings":";;;AAGA,
|
|
1
|
+
{"version":3,"file":"auth-manager.js","sourceRoot":"","sources":["../../../src/creatio/auth/auth-manager.ts"],"names":[],"mappings":";;;AAGA,2CAMqB;AAErB,MAAa,kBAAkB;IACb,OAAO,CAAsB;IAC7B,SAAS,CAAuB;IAEjD,YAAY,MAA2B;QACtC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;QACxC,IAAI,QAAQ,KAAK,4BAAgB,CAAC,MAAM,EAAE,CAAC;YAC1C,IAAI,CAAC,SAAS,GAAG,IAAI,0BAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;aAAM,IAAI,QAAQ,KAAK,4BAAgB,CAAC,YAAY,EAAE,CAAC;YACvD,IAAI,CAAC,SAAS,GAAG,IAAI,gCAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzD,CAAC;aAAM,IAAI,QAAQ,KAAK,4BAAgB,CAAC,MAAM,EAAE,CAAC;YACjD,IAAI,CAAC,SAAS,GAAG,IAAI,0BAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;aAAM,IAAI,QAAQ,KAAK,4BAAgB,CAAC,MAAM,EAAE,CAAC;YACjD,IAAI,CAAC,SAAS,GAAG,IAAI,0BAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;IACF,CAAC;IAEM,WAAW;QACjB,OAAO,IAAI,CAAC,SAAS,CAAC;IACvB,CAAC;CACD;AAvBD,gDAuBC"}
|
|
@@ -1,32 +1,5 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
*
|
|
4
|
-
*
|
|
5
|
-
* the interactive authorization-code dance are separate, optional capabilities below, so
|
|
6
|
-
* a provider is never forced to stub methods it does not support.
|
|
7
|
-
*/
|
|
8
|
-
export interface ICreatioAuthProvider {
|
|
9
|
-
type: AuthProviderType;
|
|
10
|
-
getHeaders(accept: string, isJson?: boolean): Promise<Record<string, string>>;
|
|
11
|
-
refresh(): Promise<void>;
|
|
12
|
-
/** Cancels any background token-refresh timers. Safe no-op for providers without them. */
|
|
13
|
-
cancelAllRefresh(): void;
|
|
14
|
-
}
|
|
15
|
-
/** A provider whose tokens can be explicitly revoked (OAuth2 variants). */
|
|
16
|
-
export interface IRevocableAuthProvider extends ICreatioAuthProvider {
|
|
17
|
-
revoke(): Promise<void>;
|
|
18
|
-
}
|
|
19
|
-
/** A provider that drives the interactive OAuth2 authorization-code flow. */
|
|
20
|
-
export interface IInteractiveAuthProvider extends ICreatioAuthProvider {
|
|
21
|
-
getAuthorizeUrl(state: string): Promise<string>;
|
|
22
|
-
finishAuthorization(code: string): Promise<void>;
|
|
23
|
-
}
|
|
24
|
-
export declare function supportsRevoke(provider: ICreatioAuthProvider): provider is IRevocableAuthProvider;
|
|
25
|
-
export declare function supportsInteractiveAuth(provider: ICreatioAuthProvider): provider is IInteractiveAuthProvider;
|
|
26
|
-
export declare function buildHeaders(accept: string, isJson?: boolean, token?: string): Record<string, string>;
|
|
27
|
-
export declare const TOKEN_ENDPOINT = "/connect/token";
|
|
28
|
-
export declare const AUTHORIZE_ENDPOINT = "/connect/authorize";
|
|
29
|
-
export declare const REVOCATION_ENDPOINT = "/connect/revocation";
|
|
30
|
-
export declare const TOKEN_BODY_SNIPPET_MAX = 1024;
|
|
31
|
-
export declare const EXPIRES_MARGIN_SECONDS = 30;
|
|
1
|
+
export * from './contracts';
|
|
2
|
+
export * from './headers';
|
|
3
|
+
export * from './identity';
|
|
4
|
+
export * from './constants';
|
|
32
5
|
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/auth.ts"],"names":[],"mappings":"AAEA,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC"}
|
|
@@ -1,29 +1,23 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
Object.
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
function supportsRevoke(provider) {
|
|
8
|
-
return typeof provider.revoke === 'function';
|
|
9
|
-
}
|
|
10
|
-
function supportsInteractiveAuth(provider) {
|
|
11
|
-
const p = provider;
|
|
12
|
-
return typeof p.getAuthorizeUrl === 'function' && typeof p.finishAuthorization === 'function';
|
|
13
|
-
}
|
|
14
|
-
function buildHeaders(accept, isJson, token) {
|
|
15
|
-
const headers = { Accept: accept };
|
|
16
|
-
if (isJson) {
|
|
17
|
-
headers['Content-Type'] = 'application/json';
|
|
18
|
-
}
|
|
19
|
-
if (token) {
|
|
20
|
-
headers['Authorization'] = `Bearer ${token}`;
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
21
7
|
}
|
|
22
|
-
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
exports
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
// Internal barrel for the auth core, split by concern (SRP): provider contract, header building,
|
|
18
|
+
// identity-base resolution, and protocol constants. Providers import from here ('../auth').
|
|
19
|
+
__exportStar(require("./contracts"), exports);
|
|
20
|
+
__exportStar(require("./headers"), exports);
|
|
21
|
+
__exportStar(require("./identity"), exports);
|
|
22
|
+
__exportStar(require("./constants"), exports);
|
|
29
23
|
//# sourceMappingURL=auth.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/creatio/auth/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/creatio/auth/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iGAAiG;AACjG,4FAA4F;AAC5F,8CAA4B;AAC5B,4CAA0B;AAC1B,6CAA2B;AAC3B,8CAA4B"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
/** Creatio Identity endpoints, relative to the identity base (see {@link resolveIdentityBase}). */
|
|
2
|
+
export declare const TOKEN_ENDPOINT = "/connect/token";
|
|
3
|
+
export declare const AUTHORIZE_ENDPOINT = "/connect/authorize";
|
|
4
|
+
export declare const REVOCATION_ENDPOINT = "/connect/revocation";
|
|
5
|
+
/** Max bytes of a token-endpoint error body to log, so diagnostics never dump huge payloads. */
|
|
6
|
+
export declare const TOKEN_BODY_SNIPPET_MAX = 1024;
|
|
7
|
+
/** Safety margin (seconds) subtracted from a token's lifetime so it is refreshed before it expires. */
|
|
8
|
+
export declare const EXPIRES_MARGIN_SECONDS = 30;
|
|
9
|
+
/** PKCE challenge method the broker always uses on the Creatio leg. */
|
|
10
|
+
export declare const PKCE_S256 = "S256";
|
|
11
|
+
/** Absolute expiry (epoch ms) for a token living `expiresInSeconds`, minus the safety margin so it
|
|
12
|
+
* is refreshed before it actually expires. The single source of truth for token-expiry math. */
|
|
13
|
+
export declare function computeTokenExpiryMs(expiresInSeconds: number, minSeconds?: number): number;
|
|
14
|
+
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/constants.ts"],"names":[],"mappings":"AAAA,mGAAmG;AACnG,eAAO,MAAM,cAAc,mBAAmB,CAAC;AAC/C,eAAO,MAAM,kBAAkB,uBAAuB,CAAC;AACvD,eAAO,MAAM,mBAAmB,wBAAwB,CAAC;AACzD,gGAAgG;AAChG,eAAO,MAAM,sBAAsB,OAAO,CAAC;AAC3C,uGAAuG;AACvG,eAAO,MAAM,sBAAsB,KAAK,CAAC;AACzC,uEAAuE;AACvE,eAAO,MAAM,SAAS,SAAS,CAAC;AAEhC;iGACiG;AACjG,wBAAgB,oBAAoB,CAAC,gBAAgB,EAAE,MAAM,EAAE,UAAU,SAAI,GAAG,MAAM,CAErF"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PKCE_S256 = exports.EXPIRES_MARGIN_SECONDS = exports.TOKEN_BODY_SNIPPET_MAX = exports.REVOCATION_ENDPOINT = exports.AUTHORIZE_ENDPOINT = exports.TOKEN_ENDPOINT = void 0;
|
|
4
|
+
exports.computeTokenExpiryMs = computeTokenExpiryMs;
|
|
5
|
+
/** Creatio Identity endpoints, relative to the identity base (see {@link resolveIdentityBase}). */
|
|
6
|
+
exports.TOKEN_ENDPOINT = '/connect/token';
|
|
7
|
+
exports.AUTHORIZE_ENDPOINT = '/connect/authorize';
|
|
8
|
+
exports.REVOCATION_ENDPOINT = '/connect/revocation';
|
|
9
|
+
/** Max bytes of a token-endpoint error body to log, so diagnostics never dump huge payloads. */
|
|
10
|
+
exports.TOKEN_BODY_SNIPPET_MAX = 1024;
|
|
11
|
+
/** Safety margin (seconds) subtracted from a token's lifetime so it is refreshed before it expires. */
|
|
12
|
+
exports.EXPIRES_MARGIN_SECONDS = 30;
|
|
13
|
+
/** PKCE challenge method the broker always uses on the Creatio leg. */
|
|
14
|
+
exports.PKCE_S256 = 'S256';
|
|
15
|
+
/** Absolute expiry (epoch ms) for a token living `expiresInSeconds`, minus the safety margin so it
|
|
16
|
+
* is refreshed before it actually expires. The single source of truth for token-expiry math. */
|
|
17
|
+
function computeTokenExpiryMs(expiresInSeconds, minSeconds = 1) {
|
|
18
|
+
return Date.now() + Math.max(minSeconds, expiresInSeconds - exports.EXPIRES_MARGIN_SECONDS) * 1000;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../src/creatio/auth/constants.ts"],"names":[],"mappings":";;;AAaA,oDAEC;AAfD,mGAAmG;AACtF,QAAA,cAAc,GAAG,gBAAgB,CAAC;AAClC,QAAA,kBAAkB,GAAG,oBAAoB,CAAC;AAC1C,QAAA,mBAAmB,GAAG,qBAAqB,CAAC;AACzD,gGAAgG;AACnF,QAAA,sBAAsB,GAAG,IAAI,CAAC;AAC3C,uGAAuG;AAC1F,QAAA,sBAAsB,GAAG,EAAE,CAAC;AACzC,uEAAuE;AAC1D,QAAA,SAAS,GAAG,MAAM,CAAC;AAEhC;iGACiG;AACjG,SAAgB,oBAAoB,CAAC,gBAAwB,EAAE,UAAU,GAAG,CAAC;IAC5E,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,gBAAgB,GAAG,8BAAsB,CAAC,GAAG,IAAI,CAAC;AAC5F,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { AuthProviderType } from './providers';
|
|
2
|
+
/**
|
|
3
|
+
* The single capability every auth provider has: attach auth headers, refresh on 401, and a safe
|
|
4
|
+
* cancel hook for background timers. Deliberately small (ISP) — the stateless Bearer, client-
|
|
5
|
+
* credentials and legacy providers all fit this one shape; there is no longer any token-issuing or
|
|
6
|
+
* interactive-flow surface on the MCP (clients authenticate against Creatio Identity directly).
|
|
7
|
+
*/
|
|
8
|
+
export interface ICreatioAuthProvider {
|
|
9
|
+
type: AuthProviderType;
|
|
10
|
+
getHeaders(accept: string, isJson?: boolean): Promise<Record<string, string>>;
|
|
11
|
+
refresh(): Promise<void>;
|
|
12
|
+
/** Cancels any background timers. Safe no-op for providers without them. */
|
|
13
|
+
cancelAllRefresh(): void;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=contracts.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"contracts.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/contracts.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACpC,IAAI,EAAE,gBAAgB,CAAC;IACvB,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC9E,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,4EAA4E;IAC5E,gBAAgB,IAAI,IAAI,CAAC;CACzB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../../src/creatio/auth/contracts.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/headers.ts"],"names":[],"mappings":"AAAA,2GAA2G;AAC3G,wBAAgB,YAAY,CAC3B,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,OAAO,EAChB,KAAK,CAAC,EAAE,MAAM,GACZ,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CASxB"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.buildHeaders = buildHeaders;
|
|
4
|
+
/** Builds the standard Creatio request headers, optionally with a JSON content-type and a Bearer token. */
|
|
5
|
+
function buildHeaders(accept, isJson, token) {
|
|
6
|
+
const headers = { Accept: accept };
|
|
7
|
+
if (isJson) {
|
|
8
|
+
headers['Content-Type'] = 'application/json';
|
|
9
|
+
}
|
|
10
|
+
if (token) {
|
|
11
|
+
headers['Authorization'] = `Bearer ${token}`;
|
|
12
|
+
}
|
|
13
|
+
return headers;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=headers.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"headers.js","sourceRoot":"","sources":["../../../src/creatio/auth/headers.ts"],"names":[],"mappings":";;AACA,oCAaC;AAdD,2GAA2G;AAC3G,SAAgB,YAAY,CAC3B,MAAc,EACd,MAAgB,EAChB,KAAc;IAEd,MAAM,OAAO,GAA2B,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IAC3D,IAAI,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAC9C,CAAC;IACD,IAAI,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;IAC9C,CAAC;IACD,OAAO,OAAO,CAAC;AAChB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Canonical Creatio identity base: an explicit `idBaseUrl` when given, otherwise the instance base
|
|
3
|
+
* URL, in both cases normalized to end with the `/0` workspace segment (where Creatio hosts the
|
|
4
|
+
* OAuth/OIDC endpoints, e.g. `/0/connect/token`, `/0/.well-known/openid-configuration`). Shared by
|
|
5
|
+
* the client-credentials provider and the delegated-mode JWKS validator so they target the same host.
|
|
6
|
+
*/
|
|
7
|
+
export declare function resolveIdentityBase(baseUrl: string, idBaseUrl?: string): string;
|
|
8
|
+
//# sourceMappingURL=identity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/identity.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAO/E"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.resolveIdentityBase = resolveIdentityBase;
|
|
4
|
+
/**
|
|
5
|
+
* Canonical Creatio identity base: an explicit `idBaseUrl` when given, otherwise the instance base
|
|
6
|
+
* URL, in both cases normalized to end with the `/0` workspace segment (where Creatio hosts the
|
|
7
|
+
* OAuth/OIDC endpoints, e.g. `/0/connect/token`, `/0/.well-known/openid-configuration`). Shared by
|
|
8
|
+
* the client-credentials provider and the delegated-mode JWKS validator so they target the same host.
|
|
9
|
+
*/
|
|
10
|
+
function resolveIdentityBase(baseUrl, idBaseUrl) {
|
|
11
|
+
const raw = idBaseUrl ? String(idBaseUrl) : baseUrl;
|
|
12
|
+
let base = raw.replace(/\/$/, '');
|
|
13
|
+
if (!/\/0$/.test(base)) {
|
|
14
|
+
base = base + '/0';
|
|
15
|
+
}
|
|
16
|
+
return base;
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../../src/creatio/auth/identity.ts"],"names":[],"mappings":";;AAMA,kDAOC;AAbD;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,OAAe,EAAE,SAAkB;IACtE,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACpD,IAAI,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;IACpB,CAAC;IACD,OAAO,IAAI,CAAC;AACb,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
export * from './auth-manager';
|
|
2
|
-
export type { ICreatioAuthProvider
|
|
3
|
-
export {
|
|
4
|
-
export {
|
|
2
|
+
export type { ICreatioAuthProvider } from './auth';
|
|
3
|
+
export { resolveIdentityBase } from './auth';
|
|
4
|
+
export { CreatioOAuthClient } from './providers';
|
|
5
|
+
export { AuthProviderType, BearerAuthMode } from './providers/type';
|
|
5
6
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,YAAY,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/creatio/auth/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAC;AAC/B,YAAY,EAAE,oBAAoB,EAAE,MAAM,QAAQ,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC"}
|
|
@@ -14,11 +14,13 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
exports.AuthProviderType = exports.
|
|
17
|
+
exports.BearerAuthMode = exports.AuthProviderType = exports.CreatioOAuthClient = exports.resolveIdentityBase = void 0;
|
|
18
18
|
__exportStar(require("./auth-manager"), exports);
|
|
19
19
|
var auth_1 = require("./auth");
|
|
20
|
-
Object.defineProperty(exports, "
|
|
21
|
-
|
|
20
|
+
Object.defineProperty(exports, "resolveIdentityBase", { enumerable: true, get: function () { return auth_1.resolveIdentityBase; } });
|
|
21
|
+
var providers_1 = require("./providers");
|
|
22
|
+
Object.defineProperty(exports, "CreatioOAuthClient", { enumerable: true, get: function () { return providers_1.CreatioOAuthClient; } });
|
|
22
23
|
var type_1 = require("./providers/type");
|
|
23
24
|
Object.defineProperty(exports, "AuthProviderType", { enumerable: true, get: function () { return type_1.AuthProviderType; } });
|
|
25
|
+
Object.defineProperty(exports, "BearerAuthMode", { enumerable: true, get: function () { return type_1.BearerAuthMode; } });
|
|
24
26
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/creatio/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iDAA+B;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/creatio/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iDAA+B;AAE/B,+BAA6C;AAApC,2GAAA,mBAAmB,OAAA;AAC5B,yCAAiD;AAAxC,+GAAA,kBAAkB,OAAA;AAC3B,yCAAoE;AAA3D,wGAAA,gBAAgB,OAAA;AAAE,sGAAA,cAAc,OAAA"}
|
|
@@ -1,17 +1,23 @@
|
|
|
1
|
-
import { OAuth2AuthConfig
|
|
1
|
+
import { OAuth2AuthConfig } from '../../client-config';
|
|
2
2
|
import { BaseProvider } from './base-provider';
|
|
3
|
-
|
|
4
|
-
export
|
|
3
|
+
/** The raw result of a token fetch — caching and expiry math live in the base. */
|
|
4
|
+
export interface FetchedToken {
|
|
5
|
+
accessToken: string;
|
|
6
|
+
expiresInSeconds: number;
|
|
7
|
+
}
|
|
8
|
+
export declare abstract class BaseOAuth2Provider<T extends OAuth2AuthConfig = OAuth2AuthConfig> extends BaseProvider<T> {
|
|
5
9
|
protected abstract readonly authErrorCode: string;
|
|
10
|
+
private _inflight;
|
|
6
11
|
protected accessToken: string | undefined;
|
|
7
12
|
protected accessTokenExpiryMs: number | undefined;
|
|
8
|
-
|
|
9
|
-
protected
|
|
13
|
+
/** Raw token acquisition (the network call only); returns undefined on failure. */
|
|
14
|
+
protected abstract fetchToken(): Promise<FetchedToken | undefined>;
|
|
15
|
+
private _isFresh;
|
|
16
|
+
private _acquireToken;
|
|
10
17
|
protected getIdentityBase(): string;
|
|
11
|
-
protected storageKey(userKey: string): string;
|
|
12
18
|
protected throwNoTokenError(): void;
|
|
19
|
+
protected ensureAccessToken(force?: boolean): Promise<string | undefined>;
|
|
13
20
|
getHeaders(accept: string, isJson?: boolean): Promise<Record<string, string>>;
|
|
14
21
|
refresh(): Promise<void>;
|
|
15
22
|
}
|
|
16
|
-
export {};
|
|
17
23
|
//# sourceMappingURL=base-oauth2-provider.d.ts.map
|