opalserve 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +19 -0
- package/AGENTS.md +23 -0
- package/README.md +109 -0
- package/config/servers.example.yaml +67 -0
- package/config/servers.yaml +2 -0
- package/dist/cli/discover.d.ts +3 -0
- package/dist/cli/discover.d.ts.map +1 -0
- package/dist/cli/discover.js +160 -0
- package/dist/cli/discover.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +32 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/connectors/base.d.ts +49 -0
- package/dist/connectors/base.d.ts.map +1 -0
- package/dist/connectors/base.js +45 -0
- package/dist/connectors/base.js.map +1 -0
- package/dist/connectors/custom.d.ts +19 -0
- package/dist/connectors/custom.d.ts.map +1 -0
- package/dist/connectors/custom.js +129 -0
- package/dist/connectors/custom.js.map +1 -0
- package/dist/connectors/github.d.ts +18 -0
- package/dist/connectors/github.d.ts.map +1 -0
- package/dist/connectors/github.js +188 -0
- package/dist/connectors/github.js.map +1 -0
- package/dist/connectors/google-drive.d.ts +18 -0
- package/dist/connectors/google-drive.d.ts.map +1 -0
- package/dist/connectors/google-drive.js +209 -0
- package/dist/connectors/google-drive.js.map +1 -0
- package/dist/connectors/index.d.ts +11 -0
- package/dist/connectors/index.d.ts.map +1 -0
- package/dist/connectors/index.js +76 -0
- package/dist/connectors/index.js.map +1 -0
- package/dist/connectors/postgres.d.ts +18 -0
- package/dist/connectors/postgres.d.ts.map +1 -0
- package/dist/connectors/postgres.js +140 -0
- package/dist/connectors/postgres.js.map +1 -0
- package/dist/connectors/slack.d.ts +18 -0
- package/dist/connectors/slack.d.ts.map +1 -0
- package/dist/connectors/slack.js +181 -0
- package/dist/connectors/slack.js.map +1 -0
- package/dist/core/auth.d.ts +26 -0
- package/dist/core/auth.d.ts.map +1 -0
- package/dist/core/auth.js +81 -0
- package/dist/core/auth.js.map +1 -0
- package/dist/core/registry.d.ts +33 -0
- package/dist/core/registry.d.ts.map +1 -0
- package/dist/core/registry.js +237 -0
- package/dist/core/registry.js.map +1 -0
- package/dist/core/tokenizer.d.ts +16 -0
- package/dist/core/tokenizer.d.ts.map +1 -0
- package/dist/core/tokenizer.js +29 -0
- package/dist/core/tokenizer.js.map +1 -0
- package/dist/governance/audit.d.ts +27 -0
- package/dist/governance/audit.d.ts.map +1 -0
- package/dist/governance/audit.js +149 -0
- package/dist/governance/audit.js.map +1 -0
- package/dist/governance/index.d.ts +5 -0
- package/dist/governance/index.d.ts.map +1 -0
- package/dist/governance/index.js +5 -0
- package/dist/governance/index.js.map +1 -0
- package/dist/governance/policy.d.ts +20 -0
- package/dist/governance/policy.d.ts.map +1 -0
- package/dist/governance/policy.js +162 -0
- package/dist/governance/policy.js.map +1 -0
- package/dist/governance/rate-limiter.d.ts +20 -0
- package/dist/governance/rate-limiter.d.ts.map +1 -0
- package/dist/governance/rate-limiter.js +73 -0
- package/dist/governance/rate-limiter.js.map +1 -0
- package/dist/governance/types.d.ts +246 -0
- package/dist/governance/types.d.ts.map +1 -0
- package/dist/governance/types.js +72 -0
- package/dist/governance/types.js.map +1 -0
- package/dist/identity/access-control.d.ts +15 -0
- package/dist/identity/access-control.d.ts.map +1 -0
- package/dist/identity/access-control.js +81 -0
- package/dist/identity/access-control.js.map +1 -0
- package/dist/identity/index.d.ts +4 -0
- package/dist/identity/index.d.ts.map +1 -0
- package/dist/identity/index.js +4 -0
- package/dist/identity/index.js.map +1 -0
- package/dist/identity/manager.d.ts +29 -0
- package/dist/identity/manager.d.ts.map +1 -0
- package/dist/identity/manager.js +167 -0
- package/dist/identity/manager.js.map +1 -0
- package/dist/identity/types.d.ts +237 -0
- package/dist/identity/types.d.ts.map +1 -0
- package/dist/identity/types.js +80 -0
- package/dist/identity/types.js.map +1 -0
- package/dist/index.d.ts +13 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +10 -0
- package/dist/index.js.map +1 -0
- package/dist/registry/server.d.ts +14 -0
- package/dist/registry/server.d.ts.map +1 -0
- package/dist/registry/server.js +173 -0
- package/dist/registry/server.js.map +1 -0
- package/dist/types/index.d.ts +639 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +76 -0
- package/dist/types/index.js.map +1 -0
- package/dist/utils/config.d.ts +29 -0
- package/dist/utils/config.d.ts.map +1 -0
- package/dist/utils/config.js +47 -0
- package/dist/utils/config.js.map +1 -0
- package/dist/utils/index.d.ts +7 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/index.js +44 -0
- package/dist/utils/index.js.map +1 -0
- package/dist/workflow/engine.d.ts +18 -0
- package/dist/workflow/engine.d.ts.map +1 -0
- package/dist/workflow/engine.js +155 -0
- package/dist/workflow/engine.js.map +1 -0
- package/dist/workflow/index.d.ts +4 -0
- package/dist/workflow/index.d.ts.map +1 -0
- package/dist/workflow/index.js +4 -0
- package/dist/workflow/index.js.map +1 -0
- package/dist/workflow/templates.d.ts +4 -0
- package/dist/workflow/templates.d.ts.map +1 -0
- package/dist/workflow/templates.js +218 -0
- package/dist/workflow/templates.js.map +1 -0
- package/dist/workflow/types.d.ts +255 -0
- package/dist/workflow/types.d.ts.map +1 -0
- package/dist/workflow/types.js +48 -0
- package/dist/workflow/types.js.map +1 -0
- package/eslint.config.js +25 -0
- package/package.json +78 -0
- package/src/cli/discover.ts +223 -0
- package/src/cli/index.ts +40 -0
- package/src/connectors/base.ts +75 -0
- package/src/connectors/custom.ts +139 -0
- package/src/connectors/github.ts +195 -0
- package/src/connectors/google-drive.ts +217 -0
- package/src/connectors/index.ts +86 -0
- package/src/connectors/postgres.ts +148 -0
- package/src/connectors/slack.ts +188 -0
- package/src/core/auth.ts +109 -0
- package/src/core/registry.ts +301 -0
- package/src/core/tokenizer.ts +40 -0
- package/src/governance/audit.ts +182 -0
- package/src/governance/index.ts +4 -0
- package/src/governance/policy.ts +187 -0
- package/src/governance/rate-limiter.ts +95 -0
- package/src/governance/types.ts +100 -0
- package/src/identity/access-control.ts +119 -0
- package/src/identity/index.ts +3 -0
- package/src/identity/manager.ts +207 -0
- package/src/identity/types.ts +91 -0
- package/src/index.ts +16 -0
- package/src/registry/server.ts +195 -0
- package/src/types/index.ts +128 -0
- package/src/utils/config.ts +78 -0
- package/src/utils/index.ts +47 -0
- package/src/workflow/engine.ts +187 -0
- package/src/workflow/index.ts +3 -0
- package/src/workflow/templates.ts +220 -0
- package/src/workflow/types.ts +89 -0
- package/tsconfig.json +25 -0
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
export class AccessControl {
|
|
2
|
+
checkToolAccess(context, tool) {
|
|
3
|
+
if (context.permissions.includes('admin')) {
|
|
4
|
+
return { allowed: true, reason: 'Admin has full access' };
|
|
5
|
+
}
|
|
6
|
+
const toolId = tool.id;
|
|
7
|
+
if (context.constraints.deniedTools?.some((pattern) => toolId === pattern || (typeof pattern === 'string' && toolId.includes(pattern.replace('*', ''))))) {
|
|
8
|
+
return { allowed: false, reason: 'Tool is explicitly denied' };
|
|
9
|
+
}
|
|
10
|
+
if (context.constraints.allowedTools?.length &&
|
|
11
|
+
!context.constraints.allowedTools.some((pattern) => toolId === pattern || (typeof pattern === 'string' && toolId.includes(pattern.replace('*', ''))))) {
|
|
12
|
+
return { allowed: false, reason: 'Tool not in allowed list' };
|
|
13
|
+
}
|
|
14
|
+
const serverAccess = this.checkServerAccess(context, { id: tool.serverId });
|
|
15
|
+
if (!serverAccess.allowed) {
|
|
16
|
+
return { allowed: false, reason: `Server access denied: ${serverAccess.reason}` };
|
|
17
|
+
}
|
|
18
|
+
const hasCapability = tool.capabilities.some(cap => context.permissions.includes(`tools:${cap}`) ||
|
|
19
|
+
context.permissions.includes('tools:execute'));
|
|
20
|
+
if (!hasCapability) {
|
|
21
|
+
return { allowed: false, reason: 'Missing required capability' };
|
|
22
|
+
}
|
|
23
|
+
return {
|
|
24
|
+
allowed: true,
|
|
25
|
+
reason: 'Access granted',
|
|
26
|
+
constraints: {
|
|
27
|
+
maxTools: context.constraints.maxToolsPerRequest,
|
|
28
|
+
timeout: tool.contextRequirements?.maxTokens ? tool.contextRequirements.maxTokens * 10 : 60000,
|
|
29
|
+
},
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
checkServerAccess(context, server) {
|
|
33
|
+
if (context.permissions.includes('admin')) {
|
|
34
|
+
return { allowed: true, reason: 'Admin has full access' };
|
|
35
|
+
}
|
|
36
|
+
const serverId = server.id;
|
|
37
|
+
if (context.constraints.deniedServers?.includes(serverId)) {
|
|
38
|
+
return { allowed: false, reason: 'Server is explicitly denied' };
|
|
39
|
+
}
|
|
40
|
+
if (context.constraints.allowedServers?.length &&
|
|
41
|
+
!context.constraints.allowedServers.includes(serverId)) {
|
|
42
|
+
return { allowed: false, reason: 'Server not in allowed list' };
|
|
43
|
+
}
|
|
44
|
+
return { allowed: true, reason: 'Server access granted' };
|
|
45
|
+
}
|
|
46
|
+
checkPermission(context, permission) {
|
|
47
|
+
if (context.permissions.includes('admin') || context.permissions.includes(permission)) {
|
|
48
|
+
return { allowed: true, reason: 'Permission granted' };
|
|
49
|
+
}
|
|
50
|
+
return { allowed: false, reason: `Missing permission: ${permission}` };
|
|
51
|
+
}
|
|
52
|
+
checkRateLimit(context, currentCount, window) {
|
|
53
|
+
const limit = window === 'minute'
|
|
54
|
+
? context.constraints.rateLimitPerMinute
|
|
55
|
+
: context.constraints.rateLimitPerHour;
|
|
56
|
+
if (!limit) {
|
|
57
|
+
return { allowed: true, reason: 'No rate limit configured' };
|
|
58
|
+
}
|
|
59
|
+
if (currentCount >= limit) {
|
|
60
|
+
return {
|
|
61
|
+
allowed: false,
|
|
62
|
+
reason: `Rate limit exceeded: ${currentCount}/${limit} per ${window}`,
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
return { allowed: true, reason: 'Within rate limit' };
|
|
66
|
+
}
|
|
67
|
+
sanitizeContext(context, tool) {
|
|
68
|
+
const sanitized = {
|
|
69
|
+
agentId: context.agentId,
|
|
70
|
+
agentName: context.agentName,
|
|
71
|
+
agentType: context.agentType,
|
|
72
|
+
permissions: context.permissions.filter((p) => tool.capabilities.some(c => p.includes(c) || p === 'admin' || p === 'tools:execute')),
|
|
73
|
+
constraints: {
|
|
74
|
+
maxToolsPerRequest: Math.min(context.constraints.maxToolsPerRequest || 10, tool.contextRequirements?.maxTokens ? 5 : 10),
|
|
75
|
+
},
|
|
76
|
+
metadata: {},
|
|
77
|
+
};
|
|
78
|
+
return sanitized;
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=access-control.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"access-control.js","sourceRoot":"","sources":["../../src/identity/access-control.ts"],"names":[],"mappings":"AASA,MAAM,OAAO,aAAa;IACxB,eAAe,CAAC,OAAwB,EAAE,IAAU;QAClD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;QAEvB,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,OAAgB,EAAE,EAAE,CAC7D,MAAM,KAAK,OAAO,IAAI,CAAC,OAAO,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CACjG,EAAE,CAAC;YACF,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;QACjE,CAAC;QAED,IAAI,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM;YACxC,CAAC,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,OAAgB,EAAE,EAAE,CAC1D,MAAM,KAAK,OAAO,IAAI,CAAC,OAAO,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CACjG,EAAE,CAAC;YACN,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;QAChE,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAY,CAAC,CAAC;QACtF,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,YAAY,CAAC,MAAM,EAAE,EAAE,CAAC;QACpF,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACjD,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,GAAG,EAAgB,CAAC;YAC1D,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,eAAe,CAAC,CAC9C,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;QACnE,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,gBAAgB;YACxB,WAAW,EAAE;gBACX,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC,kBAAkB;gBAChD,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;aAC/F;SACF,CAAC;IACJ,CAAC;IAED,iBAAiB,CAAC,OAAwB,EAAE,MAAc;QACxD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,CAAC;QAE3B,IAAI,OAAO,CAAC,WAAW,CAAC,aAAa,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;QACnE,CAAC;QAED,IAAI,OAAO,CAAC,WAAW,CAAC,cAAc,EAAE,MAAM;YAC1C,CAAC,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,4BAA4B,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;IAC5D,CAAC;IAED,eAAe,CAAC,OAAwB,EAAE,UAAsB;QAC9D,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACtF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACzD,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,UAAU,EAAE,EAAE,CAAC;IACzE,CAAC;IAED,cAAc,CAAC,OAAwB,EAAE,YAAoB,EAAE,MAAyB;QACtF,MAAM,KAAK,GAAG,MAAM,KAAK,QAAQ;YAC/B,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB;YACxC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC;QAEzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,IAAI,YAAY,IAAI,KAAK,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,wBAAwB,YAAY,IAAI,KAAK,QAAQ,MAAM,EAAE;aACtE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IACxD,CAAC;IAED,eAAe,CAAC,OAAwB,EAAE,IAAU;QAClD,MAAM,SAAS,GAA4B;YACzC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAa,EAAE,EAAE,CACxD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,eAAe,CAAC,CACrF;YACD,WAAW,EAAE;gBACX,kBAAkB,EAAE,IAAI,CAAC,GAAG,CAC1B,OAAO,CAAC,WAAW,CAAC,kBAA4B,IAAI,EAAE,EACtD,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAC7C;aACF;YACD,QAAQ,EAAE,EAAE;SACb,CAAC;QAEF,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACzE,cAAc,YAAY,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAuB,MAAM,qBAAqB,CAAC;AACzE,cAAc,YAAY,CAAC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import type { Identity, Role, Permission, IdentityContext } from './types.js';
|
|
2
|
+
export declare class IdentityManager {
|
|
3
|
+
private identities;
|
|
4
|
+
private roles;
|
|
5
|
+
private jwtSecret;
|
|
6
|
+
constructor(jwtSecret: string);
|
|
7
|
+
private initializeDefaultRoles;
|
|
8
|
+
registerIdentity(identity: Identity): void;
|
|
9
|
+
getIdentity(id: string): Identity | undefined;
|
|
10
|
+
getAllIdentities(): Identity[];
|
|
11
|
+
deleteIdentity(id: string): boolean;
|
|
12
|
+
registerRole(role: Role): void;
|
|
13
|
+
getRole(id: string): Role | undefined;
|
|
14
|
+
getAllRoles(): Role[];
|
|
15
|
+
getEffectivePermissions(identityId: string): Permission[];
|
|
16
|
+
hasPermission(identityId: string, permission: Permission): boolean;
|
|
17
|
+
canAccessTool(identityId: string, toolId: string): boolean;
|
|
18
|
+
canAccessServer(identityId: string, serverId: string): boolean;
|
|
19
|
+
createContext(identityId: string, options?: {
|
|
20
|
+
sessionId?: string;
|
|
21
|
+
requestId?: string;
|
|
22
|
+
}): IdentityContext | null;
|
|
23
|
+
generateToken(identityId: string, options?: {
|
|
24
|
+
sessionId?: string;
|
|
25
|
+
expiresInSeconds?: number;
|
|
26
|
+
}): string | null;
|
|
27
|
+
verifyToken(token: string): IdentityContext | null;
|
|
28
|
+
}
|
|
29
|
+
//# sourceMappingURL=manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../src/identity/manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE9E,qBAAa,eAAe;IAC1B,OAAO,CAAC,UAAU,CAAoC;IACtD,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,SAAS,CAAS;gBAEd,SAAS,EAAE,MAAM;IAK7B,OAAO,CAAC,sBAAsB;IAyC9B,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;IAI1C,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,QAAQ,GAAG,SAAS;IAI7C,gBAAgB,IAAI,QAAQ,EAAE;IAI9B,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAInC,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI;IAI9B,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS;IAIrC,WAAW,IAAI,IAAI,EAAE;IAIrB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,EAAE;IAkBzD,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAMlE,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO;IAmB1D,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAe9D,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,eAAe,GAAG,IAAI;IAoB/G,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,gBAAgB,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,MAAM,GAAG,IAAI;IAoB7G,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI;CA0BnD"}
|
|
@@ -0,0 +1,167 @@
|
|
|
1
|
+
import jwt from 'jsonwebtoken';
|
|
2
|
+
export class IdentityManager {
|
|
3
|
+
identities = new Map();
|
|
4
|
+
roles = new Map();
|
|
5
|
+
jwtSecret;
|
|
6
|
+
constructor(jwtSecret) {
|
|
7
|
+
this.jwtSecret = jwtSecret;
|
|
8
|
+
this.initializeDefaultRoles();
|
|
9
|
+
}
|
|
10
|
+
initializeDefaultRoles() {
|
|
11
|
+
const defaultRoles = [
|
|
12
|
+
{
|
|
13
|
+
id: 'admin',
|
|
14
|
+
name: 'Administrator',
|
|
15
|
+
description: 'Full access to all resources',
|
|
16
|
+
permissions: ['admin', 'tools:read', 'tools:write', 'tools:execute', 'servers:read', 'servers:write', 'workflows:read', 'workflows:write', 'workflows:execute'],
|
|
17
|
+
createdAt: new Date().toISOString(),
|
|
18
|
+
updatedAt: new Date().toISOString(),
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
id: 'developer',
|
|
22
|
+
name: 'Developer',
|
|
23
|
+
description: 'Can read and execute tools, manage workflows',
|
|
24
|
+
permissions: ['tools:read', 'tools:execute', 'servers:read', 'workflows:read', 'workflows:write', 'workflows:execute'],
|
|
25
|
+
createdAt: new Date().toISOString(),
|
|
26
|
+
updatedAt: new Date().toISOString(),
|
|
27
|
+
},
|
|
28
|
+
{
|
|
29
|
+
id: 'viewer',
|
|
30
|
+
name: 'Viewer',
|
|
31
|
+
description: 'Read-only access to tools and workflows',
|
|
32
|
+
permissions: ['tools:read', 'servers:read', 'workflows:read'],
|
|
33
|
+
createdAt: new Date().toISOString(),
|
|
34
|
+
updatedAt: new Date().toISOString(),
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
id: 'service',
|
|
38
|
+
name: 'Service Account',
|
|
39
|
+
description: 'Automated service with limited permissions',
|
|
40
|
+
permissions: ['tools:read', 'tools:execute', 'workflows:read', 'workflows:execute'],
|
|
41
|
+
createdAt: new Date().toISOString(),
|
|
42
|
+
updatedAt: new Date().toISOString(),
|
|
43
|
+
},
|
|
44
|
+
];
|
|
45
|
+
for (const role of defaultRoles) {
|
|
46
|
+
this.roles.set(role.id, role);
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
registerIdentity(identity) {
|
|
50
|
+
this.identities.set(identity.id, identity);
|
|
51
|
+
}
|
|
52
|
+
getIdentity(id) {
|
|
53
|
+
return this.identities.get(id);
|
|
54
|
+
}
|
|
55
|
+
getAllIdentities() {
|
|
56
|
+
return Array.from(this.identities.values());
|
|
57
|
+
}
|
|
58
|
+
deleteIdentity(id) {
|
|
59
|
+
return this.identities.delete(id);
|
|
60
|
+
}
|
|
61
|
+
registerRole(role) {
|
|
62
|
+
this.roles.set(role.id, role);
|
|
63
|
+
}
|
|
64
|
+
getRole(id) {
|
|
65
|
+
return this.roles.get(id);
|
|
66
|
+
}
|
|
67
|
+
getAllRoles() {
|
|
68
|
+
return Array.from(this.roles.values());
|
|
69
|
+
}
|
|
70
|
+
getEffectivePermissions(identityId) {
|
|
71
|
+
const identity = this.identities.get(identityId);
|
|
72
|
+
if (!identity)
|
|
73
|
+
return [];
|
|
74
|
+
const permissions = new Set(identity.permissions);
|
|
75
|
+
for (const roleId of identity.roleIds) {
|
|
76
|
+
const role = this.roles.get(roleId);
|
|
77
|
+
if (role) {
|
|
78
|
+
for (const permission of role.permissions) {
|
|
79
|
+
permissions.add(permission);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
return Array.from(permissions);
|
|
84
|
+
}
|
|
85
|
+
hasPermission(identityId, permission) {
|
|
86
|
+
const permissions = this.getEffectivePermissions(identityId);
|
|
87
|
+
if (permissions.includes('admin'))
|
|
88
|
+
return true;
|
|
89
|
+
return permissions.includes(permission);
|
|
90
|
+
}
|
|
91
|
+
canAccessTool(identityId, toolId) {
|
|
92
|
+
const identity = this.identities.get(identityId);
|
|
93
|
+
if (!identity)
|
|
94
|
+
return false;
|
|
95
|
+
if (identity.constraints.allowedTools?.length) {
|
|
96
|
+
return identity.constraints.allowedTools.some(pattern => toolId === pattern || toolId.includes(pattern.replace('*', '')));
|
|
97
|
+
}
|
|
98
|
+
if (identity.constraints.deniedTools?.length) {
|
|
99
|
+
return !identity.constraints.deniedTools.some(pattern => toolId === pattern || toolId.includes(pattern.replace('*', '')));
|
|
100
|
+
}
|
|
101
|
+
return true;
|
|
102
|
+
}
|
|
103
|
+
canAccessServer(identityId, serverId) {
|
|
104
|
+
const identity = this.identities.get(identityId);
|
|
105
|
+
if (!identity)
|
|
106
|
+
return false;
|
|
107
|
+
if (identity.constraints.allowedServers?.length) {
|
|
108
|
+
return identity.constraints.allowedServers.includes(serverId);
|
|
109
|
+
}
|
|
110
|
+
if (identity.constraints.deniedServers?.length) {
|
|
111
|
+
return !identity.constraints.deniedServers.includes(serverId);
|
|
112
|
+
}
|
|
113
|
+
return true;
|
|
114
|
+
}
|
|
115
|
+
createContext(identityId, options) {
|
|
116
|
+
const identity = this.identities.get(identityId);
|
|
117
|
+
if (!identity)
|
|
118
|
+
return null;
|
|
119
|
+
const permissions = this.getEffectivePermissions(identityId);
|
|
120
|
+
const now = new Date().toISOString();
|
|
121
|
+
return {
|
|
122
|
+
agentId: identity.id,
|
|
123
|
+
agentName: identity.name,
|
|
124
|
+
agentType: identity.type,
|
|
125
|
+
requestId: options?.requestId || `req-${Date.now()}`,
|
|
126
|
+
permissions,
|
|
127
|
+
constraints: identity.constraints,
|
|
128
|
+
metadata: identity.metadata,
|
|
129
|
+
issuedAt: now,
|
|
130
|
+
expiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString(),
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
generateToken(identityId, options) {
|
|
134
|
+
const context = this.createContext(identityId, { sessionId: options?.sessionId });
|
|
135
|
+
if (!context)
|
|
136
|
+
return null;
|
|
137
|
+
const expiresIn = options?.expiresInSeconds || 86400;
|
|
138
|
+
return jwt.sign({
|
|
139
|
+
agentId: context.agentId,
|
|
140
|
+
agentName: context.agentName,
|
|
141
|
+
agentType: context.agentType,
|
|
142
|
+
permissions: context.permissions,
|
|
143
|
+
constraints: context.constraints,
|
|
144
|
+
metadata: context.metadata,
|
|
145
|
+
}, this.jwtSecret, { expiresIn });
|
|
146
|
+
}
|
|
147
|
+
verifyToken(token) {
|
|
148
|
+
try {
|
|
149
|
+
const payload = jwt.verify(token, this.jwtSecret);
|
|
150
|
+
return {
|
|
151
|
+
agentId: payload.agentId,
|
|
152
|
+
agentName: payload.agentName,
|
|
153
|
+
agentType: payload.agentType,
|
|
154
|
+
requestId: payload.iat ? `req-${payload.iat}` : `req-${Date.now()}`,
|
|
155
|
+
permissions: payload.permissions,
|
|
156
|
+
constraints: payload.constraints,
|
|
157
|
+
metadata: payload.metadata,
|
|
158
|
+
issuedAt: new Date(payload.iat * 1000).toISOString(),
|
|
159
|
+
expiresAt: new Date(payload.exp * 1000).toISOString(),
|
|
160
|
+
};
|
|
161
|
+
}
|
|
162
|
+
catch {
|
|
163
|
+
return null;
|
|
164
|
+
}
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
//# sourceMappingURL=manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/identity/manager.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,cAAc,CAAC;AAG/B,MAAM,OAAO,eAAe;IAClB,UAAU,GAA0B,IAAI,GAAG,EAAE,CAAC;IAC9C,KAAK,GAAsB,IAAI,GAAG,EAAE,CAAC;IACrC,SAAS,CAAS;IAE1B,YAAY,SAAiB;QAC3B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,sBAAsB,EAAE,CAAC;IAChC,CAAC;IAEO,sBAAsB;QAC5B,MAAM,YAAY,GAAW;YAC3B;gBACE,EAAE,EAAE,OAAO;gBACX,IAAI,EAAE,eAAe;gBACrB,WAAW,EAAE,8BAA8B;gBAC3C,WAAW,EAAE,CAAC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC;gBAC/J,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,WAAW;gBACjB,WAAW,EAAE,8CAA8C;gBAC3D,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC;gBACtH,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,QAAQ;gBACZ,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;gBACtD,WAAW,EAAE,CAAC,YAAY,EAAE,cAAc,EAAE,gBAAgB,CAAC;gBAC7D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,SAAS;gBACb,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,4CAA4C;gBACzD,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,CAAC;gBACnF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,QAAkB;QACjC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,WAAW,CAAC,EAAU;QACpB,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACjC,CAAC;IAED,gBAAgB;QACd,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,CAAC;IAED,cAAc,CAAC,EAAU;QACvB,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAED,YAAY,CAAC,IAAU;QACrB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,CAAC,EAAU;QAChB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5B,CAAC;IAED,WAAW;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,uBAAuB,CAAC,UAAkB;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,EAAE,CAAC;QAEzB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAa,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE9D,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,IAAI,EAAE,CAAC;gBACT,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC1C,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBAC9B,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACjC,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,UAAsB;QACtD,MAAM,WAAW,GAAG,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAC7D,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;QAC/C,OAAO,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,MAAc;QAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5B,IAAI,QAAQ,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;YAC9C,OAAO,QAAQ,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACtD,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAChE,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;YAC7C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACtD,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAChE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,eAAe,CAAC,UAAkB,EAAE,QAAgB;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5B,IAAI,QAAQ,CAAC,WAAW,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;YAChD,OAAO,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YAC/C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,OAAoD;QACpF,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE3B,MAAM,WAAW,GAAG,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,OAAO;YACL,OAAO,EAAE,QAAQ,CAAC,EAAE;YACpB,SAAS,EAAE,QAAQ,CAAC,IAAI;YACxB,SAAS,EAAE,QAAQ,CAAC,IAAI;YACxB,SAAS,EAAE,OAAO,EAAE,SAAS,IAAI,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE;YACpD,WAAW;YACX,WAAW,EAAE,QAAQ,CAAC,WAA6C;YACnE,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,QAAQ,EAAE,GAAG;YACb,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SACpE,CAAC;IACJ,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,OAA2D;QAC3F,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,MAAM,SAAS,GAAG,OAAO,EAAE,gBAAgB,IAAI,KAAK,CAAC;QAErD,OAAO,GAAG,CAAC,IAAI,CACb;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,EACD,IAAI,CAAC,SAAS,EACd,EAAE,SAAS,EAAE,CACd,CAAC;IACJ,CAAC;IAED,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAO/C,CAAC;YAEF,OAAO;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE;gBACnE,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,WAAW,EAAE,OAAO,CAAC,WAA6C;gBAClE,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;gBACnD,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;aACzD,CAAC;QACF,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,237 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export declare const PermissionSchema: z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>;
|
|
3
|
+
export declare const RoleSchema: z.ZodObject<{
|
|
4
|
+
id: z.ZodString;
|
|
5
|
+
name: z.ZodString;
|
|
6
|
+
description: z.ZodString;
|
|
7
|
+
permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
|
|
8
|
+
parentRoleId: z.ZodOptional<z.ZodString>;
|
|
9
|
+
createdAt: z.ZodString;
|
|
10
|
+
updatedAt: z.ZodString;
|
|
11
|
+
}, "strip", z.ZodTypeAny, {
|
|
12
|
+
id: string;
|
|
13
|
+
name: string;
|
|
14
|
+
description: string;
|
|
15
|
+
createdAt: string;
|
|
16
|
+
updatedAt: string;
|
|
17
|
+
permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
|
|
18
|
+
parentRoleId?: string | undefined;
|
|
19
|
+
}, {
|
|
20
|
+
id: string;
|
|
21
|
+
name: string;
|
|
22
|
+
description: string;
|
|
23
|
+
createdAt: string;
|
|
24
|
+
updatedAt: string;
|
|
25
|
+
permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
|
|
26
|
+
parentRoleId?: string | undefined;
|
|
27
|
+
}>;
|
|
28
|
+
export declare const AgentIdentitySchema: z.ZodObject<{
|
|
29
|
+
id: z.ZodString;
|
|
30
|
+
name: z.ZodString;
|
|
31
|
+
type: z.ZodEnum<["user", "agent", "service", "system"]>;
|
|
32
|
+
description: z.ZodOptional<z.ZodString>;
|
|
33
|
+
roleIds: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
34
|
+
permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
|
|
35
|
+
constraints: z.ZodDefault<z.ZodObject<{
|
|
36
|
+
maxToolsPerRequest: z.ZodDefault<z.ZodNumber>;
|
|
37
|
+
maxConcurrentExecutions: z.ZodDefault<z.ZodNumber>;
|
|
38
|
+
allowedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
39
|
+
deniedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
40
|
+
allowedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
41
|
+
deniedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
42
|
+
rateLimitPerMinute: z.ZodOptional<z.ZodNumber>;
|
|
43
|
+
rateLimitPerHour: z.ZodOptional<z.ZodNumber>;
|
|
44
|
+
}, "strip", z.ZodTypeAny, {
|
|
45
|
+
maxToolsPerRequest: number;
|
|
46
|
+
maxConcurrentExecutions: number;
|
|
47
|
+
allowedServers?: string[] | undefined;
|
|
48
|
+
deniedServers?: string[] | undefined;
|
|
49
|
+
allowedTools?: string[] | undefined;
|
|
50
|
+
deniedTools?: string[] | undefined;
|
|
51
|
+
rateLimitPerMinute?: number | undefined;
|
|
52
|
+
rateLimitPerHour?: number | undefined;
|
|
53
|
+
}, {
|
|
54
|
+
maxToolsPerRequest?: number | undefined;
|
|
55
|
+
maxConcurrentExecutions?: number | undefined;
|
|
56
|
+
allowedServers?: string[] | undefined;
|
|
57
|
+
deniedServers?: string[] | undefined;
|
|
58
|
+
allowedTools?: string[] | undefined;
|
|
59
|
+
deniedTools?: string[] | undefined;
|
|
60
|
+
rateLimitPerMinute?: number | undefined;
|
|
61
|
+
rateLimitPerHour?: number | undefined;
|
|
62
|
+
}>>;
|
|
63
|
+
metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
|
|
64
|
+
trustLevel: z.ZodDefault<z.ZodEnum<["untrusted", "low", "medium", "high", "fully-trusted"]>>;
|
|
65
|
+
createdAt: z.ZodString;
|
|
66
|
+
updatedAt: z.ZodString;
|
|
67
|
+
lastActiveAt: z.ZodOptional<z.ZodString>;
|
|
68
|
+
}, "strip", z.ZodTypeAny, {
|
|
69
|
+
id: string;
|
|
70
|
+
name: string;
|
|
71
|
+
type: "user" | "agent" | "service" | "system";
|
|
72
|
+
metadata: Record<string, any>;
|
|
73
|
+
createdAt: string;
|
|
74
|
+
updatedAt: string;
|
|
75
|
+
permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
|
|
76
|
+
roleIds: string[];
|
|
77
|
+
constraints: {
|
|
78
|
+
maxToolsPerRequest: number;
|
|
79
|
+
maxConcurrentExecutions: number;
|
|
80
|
+
allowedServers?: string[] | undefined;
|
|
81
|
+
deniedServers?: string[] | undefined;
|
|
82
|
+
allowedTools?: string[] | undefined;
|
|
83
|
+
deniedTools?: string[] | undefined;
|
|
84
|
+
rateLimitPerMinute?: number | undefined;
|
|
85
|
+
rateLimitPerHour?: number | undefined;
|
|
86
|
+
};
|
|
87
|
+
trustLevel: "untrusted" | "low" | "medium" | "high" | "fully-trusted";
|
|
88
|
+
description?: string | undefined;
|
|
89
|
+
lastActiveAt?: string | undefined;
|
|
90
|
+
}, {
|
|
91
|
+
id: string;
|
|
92
|
+
name: string;
|
|
93
|
+
type: "user" | "agent" | "service" | "system";
|
|
94
|
+
createdAt: string;
|
|
95
|
+
updatedAt: string;
|
|
96
|
+
description?: string | undefined;
|
|
97
|
+
metadata?: Record<string, any> | undefined;
|
|
98
|
+
permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
|
|
99
|
+
roleIds?: string[] | undefined;
|
|
100
|
+
constraints?: {
|
|
101
|
+
maxToolsPerRequest?: number | undefined;
|
|
102
|
+
maxConcurrentExecutions?: number | undefined;
|
|
103
|
+
allowedServers?: string[] | undefined;
|
|
104
|
+
deniedServers?: string[] | undefined;
|
|
105
|
+
allowedTools?: string[] | undefined;
|
|
106
|
+
deniedTools?: string[] | undefined;
|
|
107
|
+
rateLimitPerMinute?: number | undefined;
|
|
108
|
+
rateLimitPerHour?: number | undefined;
|
|
109
|
+
} | undefined;
|
|
110
|
+
trustLevel?: "untrusted" | "low" | "medium" | "high" | "fully-trusted" | undefined;
|
|
111
|
+
lastActiveAt?: string | undefined;
|
|
112
|
+
}>;
|
|
113
|
+
export declare const IdentityContextSchema: z.ZodObject<{
|
|
114
|
+
agentId: z.ZodString;
|
|
115
|
+
agentName: z.ZodString;
|
|
116
|
+
agentType: z.ZodEnum<["user", "agent", "service", "system"]>;
|
|
117
|
+
sessionId: z.ZodOptional<z.ZodString>;
|
|
118
|
+
requestId: z.ZodString;
|
|
119
|
+
permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
|
|
120
|
+
constraints: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
|
|
121
|
+
metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
|
|
122
|
+
issuedAt: z.ZodString;
|
|
123
|
+
expiresAt: z.ZodOptional<z.ZodString>;
|
|
124
|
+
}, "strip", z.ZodTypeAny, {
|
|
125
|
+
metadata: Record<string, any>;
|
|
126
|
+
agentId: string;
|
|
127
|
+
permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
|
|
128
|
+
constraints: Record<string, any>;
|
|
129
|
+
agentName: string;
|
|
130
|
+
agentType: "user" | "agent" | "service" | "system";
|
|
131
|
+
requestId: string;
|
|
132
|
+
issuedAt: string;
|
|
133
|
+
sessionId?: string | undefined;
|
|
134
|
+
expiresAt?: string | undefined;
|
|
135
|
+
}, {
|
|
136
|
+
agentId: string;
|
|
137
|
+
agentName: string;
|
|
138
|
+
agentType: "user" | "agent" | "service" | "system";
|
|
139
|
+
requestId: string;
|
|
140
|
+
issuedAt: string;
|
|
141
|
+
metadata?: Record<string, any> | undefined;
|
|
142
|
+
permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
|
|
143
|
+
constraints?: Record<string, any> | undefined;
|
|
144
|
+
sessionId?: string | undefined;
|
|
145
|
+
expiresAt?: string | undefined;
|
|
146
|
+
}>;
|
|
147
|
+
export type Permission = z.infer<typeof PermissionSchema>;
|
|
148
|
+
export type Role = z.infer<typeof RoleSchema>;
|
|
149
|
+
export type AgentIdentity = z.infer<typeof IdentitySchema>;
|
|
150
|
+
export type IdentityContext = z.infer<typeof IdentityContextSchema>;
|
|
151
|
+
export declare const IdentitySchema: z.ZodObject<{
|
|
152
|
+
id: z.ZodString;
|
|
153
|
+
name: z.ZodString;
|
|
154
|
+
type: z.ZodEnum<["user", "agent", "service", "system"]>;
|
|
155
|
+
description: z.ZodOptional<z.ZodString>;
|
|
156
|
+
roleIds: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
157
|
+
permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
|
|
158
|
+
constraints: z.ZodDefault<z.ZodObject<{
|
|
159
|
+
maxToolsPerRequest: z.ZodDefault<z.ZodNumber>;
|
|
160
|
+
maxConcurrentExecutions: z.ZodDefault<z.ZodNumber>;
|
|
161
|
+
allowedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
162
|
+
deniedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
163
|
+
allowedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
164
|
+
deniedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
165
|
+
rateLimitPerMinute: z.ZodOptional<z.ZodNumber>;
|
|
166
|
+
rateLimitPerHour: z.ZodOptional<z.ZodNumber>;
|
|
167
|
+
}, "strip", z.ZodTypeAny, {
|
|
168
|
+
maxToolsPerRequest: number;
|
|
169
|
+
maxConcurrentExecutions: number;
|
|
170
|
+
allowedServers?: string[] | undefined;
|
|
171
|
+
deniedServers?: string[] | undefined;
|
|
172
|
+
allowedTools?: string[] | undefined;
|
|
173
|
+
deniedTools?: string[] | undefined;
|
|
174
|
+
rateLimitPerMinute?: number | undefined;
|
|
175
|
+
rateLimitPerHour?: number | undefined;
|
|
176
|
+
}, {
|
|
177
|
+
maxToolsPerRequest?: number | undefined;
|
|
178
|
+
maxConcurrentExecutions?: number | undefined;
|
|
179
|
+
allowedServers?: string[] | undefined;
|
|
180
|
+
deniedServers?: string[] | undefined;
|
|
181
|
+
allowedTools?: string[] | undefined;
|
|
182
|
+
deniedTools?: string[] | undefined;
|
|
183
|
+
rateLimitPerMinute?: number | undefined;
|
|
184
|
+
rateLimitPerHour?: number | undefined;
|
|
185
|
+
}>>;
|
|
186
|
+
metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
|
|
187
|
+
trustLevel: z.ZodDefault<z.ZodEnum<["untrusted", "low", "medium", "high", "fully-trusted"]>>;
|
|
188
|
+
createdAt: z.ZodString;
|
|
189
|
+
updatedAt: z.ZodString;
|
|
190
|
+
lastActiveAt: z.ZodOptional<z.ZodString>;
|
|
191
|
+
}, "strip", z.ZodTypeAny, {
|
|
192
|
+
id: string;
|
|
193
|
+
name: string;
|
|
194
|
+
type: "user" | "agent" | "service" | "system";
|
|
195
|
+
metadata: Record<string, any>;
|
|
196
|
+
createdAt: string;
|
|
197
|
+
updatedAt: string;
|
|
198
|
+
permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
|
|
199
|
+
roleIds: string[];
|
|
200
|
+
constraints: {
|
|
201
|
+
maxToolsPerRequest: number;
|
|
202
|
+
maxConcurrentExecutions: number;
|
|
203
|
+
allowedServers?: string[] | undefined;
|
|
204
|
+
deniedServers?: string[] | undefined;
|
|
205
|
+
allowedTools?: string[] | undefined;
|
|
206
|
+
deniedTools?: string[] | undefined;
|
|
207
|
+
rateLimitPerMinute?: number | undefined;
|
|
208
|
+
rateLimitPerHour?: number | undefined;
|
|
209
|
+
};
|
|
210
|
+
trustLevel: "untrusted" | "low" | "medium" | "high" | "fully-trusted";
|
|
211
|
+
description?: string | undefined;
|
|
212
|
+
lastActiveAt?: string | undefined;
|
|
213
|
+
}, {
|
|
214
|
+
id: string;
|
|
215
|
+
name: string;
|
|
216
|
+
type: "user" | "agent" | "service" | "system";
|
|
217
|
+
createdAt: string;
|
|
218
|
+
updatedAt: string;
|
|
219
|
+
description?: string | undefined;
|
|
220
|
+
metadata?: Record<string, any> | undefined;
|
|
221
|
+
permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
|
|
222
|
+
roleIds?: string[] | undefined;
|
|
223
|
+
constraints?: {
|
|
224
|
+
maxToolsPerRequest?: number | undefined;
|
|
225
|
+
maxConcurrentExecutions?: number | undefined;
|
|
226
|
+
allowedServers?: string[] | undefined;
|
|
227
|
+
deniedServers?: string[] | undefined;
|
|
228
|
+
allowedTools?: string[] | undefined;
|
|
229
|
+
deniedTools?: string[] | undefined;
|
|
230
|
+
rateLimitPerMinute?: number | undefined;
|
|
231
|
+
rateLimitPerHour?: number | undefined;
|
|
232
|
+
} | undefined;
|
|
233
|
+
trustLevel?: "untrusted" | "low" | "medium" | "high" | "fully-trusted" | undefined;
|
|
234
|
+
lastActiveAt?: string | undefined;
|
|
235
|
+
}>;
|
|
236
|
+
export type Identity = z.infer<typeof IdentitySchema>;
|
|
237
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/identity/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,gBAAgB,+JAU3B,CAAC;AAEH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;EAQrB,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAsB9B,CAAC;AAEH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWhC,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC1D,MAAM,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,UAAU,CAAC,CAAC;AAC9C,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAC3D,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAsBzB,CAAC;AAEH,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC"}
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export const PermissionSchema = z.enum([
|
|
3
|
+
'tools:read',
|
|
4
|
+
'tools:write',
|
|
5
|
+
'tools:execute',
|
|
6
|
+
'servers:read',
|
|
7
|
+
'servers:write',
|
|
8
|
+
'workflows:read',
|
|
9
|
+
'workflows:write',
|
|
10
|
+
'workflows:execute',
|
|
11
|
+
'admin',
|
|
12
|
+
]);
|
|
13
|
+
export const RoleSchema = z.object({
|
|
14
|
+
id: z.string(),
|
|
15
|
+
name: z.string(),
|
|
16
|
+
description: z.string(),
|
|
17
|
+
permissions: z.array(PermissionSchema).default([]),
|
|
18
|
+
parentRoleId: z.string().optional(),
|
|
19
|
+
createdAt: z.string(),
|
|
20
|
+
updatedAt: z.string(),
|
|
21
|
+
});
|
|
22
|
+
export const AgentIdentitySchema = z.object({
|
|
23
|
+
id: z.string(),
|
|
24
|
+
name: z.string(),
|
|
25
|
+
type: z.enum(['user', 'agent', 'service', 'system']),
|
|
26
|
+
description: z.string().optional(),
|
|
27
|
+
roleIds: z.array(z.string()).default([]),
|
|
28
|
+
permissions: z.array(PermissionSchema).default([]),
|
|
29
|
+
constraints: z.object({
|
|
30
|
+
maxToolsPerRequest: z.number().default(10),
|
|
31
|
+
maxConcurrentExecutions: z.number().default(5),
|
|
32
|
+
allowedServers: z.array(z.string()).optional(),
|
|
33
|
+
deniedServers: z.array(z.string()).optional(),
|
|
34
|
+
allowedTools: z.array(z.string()).optional(),
|
|
35
|
+
deniedTools: z.array(z.string()).optional(),
|
|
36
|
+
rateLimitPerMinute: z.number().optional(),
|
|
37
|
+
rateLimitPerHour: z.number().optional(),
|
|
38
|
+
}).default({}),
|
|
39
|
+
metadata: z.record(z.any()).default({}),
|
|
40
|
+
trustLevel: z.enum(['untrusted', 'low', 'medium', 'high', 'fully-trusted']).default('medium'),
|
|
41
|
+
createdAt: z.string(),
|
|
42
|
+
updatedAt: z.string(),
|
|
43
|
+
lastActiveAt: z.string().optional(),
|
|
44
|
+
});
|
|
45
|
+
export const IdentityContextSchema = z.object({
|
|
46
|
+
agentId: z.string(),
|
|
47
|
+
agentName: z.string(),
|
|
48
|
+
agentType: z.enum(['user', 'agent', 'service', 'system']),
|
|
49
|
+
sessionId: z.string().optional(),
|
|
50
|
+
requestId: z.string(),
|
|
51
|
+
permissions: z.array(PermissionSchema).default([]),
|
|
52
|
+
constraints: z.record(z.any()).default({}),
|
|
53
|
+
metadata: z.record(z.any()).default({}),
|
|
54
|
+
issuedAt: z.string(),
|
|
55
|
+
expiresAt: z.string().optional(),
|
|
56
|
+
});
|
|
57
|
+
export const IdentitySchema = z.object({
|
|
58
|
+
id: z.string(),
|
|
59
|
+
name: z.string(),
|
|
60
|
+
type: z.enum(['user', 'agent', 'service', 'system']),
|
|
61
|
+
description: z.string().optional(),
|
|
62
|
+
roleIds: z.array(z.string()).default([]),
|
|
63
|
+
permissions: z.array(PermissionSchema).default([]),
|
|
64
|
+
constraints: z.object({
|
|
65
|
+
maxToolsPerRequest: z.number().default(10),
|
|
66
|
+
maxConcurrentExecutions: z.number().default(5),
|
|
67
|
+
allowedServers: z.array(z.string()).optional(),
|
|
68
|
+
deniedServers: z.array(z.string()).optional(),
|
|
69
|
+
allowedTools: z.array(z.string()).optional(),
|
|
70
|
+
deniedTools: z.array(z.string()).optional(),
|
|
71
|
+
rateLimitPerMinute: z.number().optional(),
|
|
72
|
+
rateLimitPerHour: z.number().optional(),
|
|
73
|
+
}).default({}),
|
|
74
|
+
metadata: z.record(z.any()).default({}),
|
|
75
|
+
trustLevel: z.enum(['untrusted', 'low', 'medium', 'high', 'fully-trusted']).default('medium'),
|
|
76
|
+
createdAt: z.string(),
|
|
77
|
+
updatedAt: z.string(),
|
|
78
|
+
lastActiveAt: z.string().optional(),
|
|
79
|
+
});
|
|
80
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/identity/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,IAAI,CAAC;IACrC,YAAY;IACZ,aAAa;IACb,eAAe;IACf,cAAc;IACd,eAAe;IACf,gBAAgB;IAChB,iBAAiB;IACjB,mBAAmB;IACnB,OAAO;CACR,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACpD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1C,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9C,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC9C,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC7C,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACzC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACxC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC7F,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACzD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACjC,CAAC,CAAC;AAOH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACpD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1C,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9C,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC9C,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC7C,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACzC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACxC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC7F,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC"}
|