opalserve 0.1.2 → 2.0.0

package/dist/identity/access-control.js

@@ -1,81 +0,0 @@
-export class AccessControl {
-    checkToolAccess(context, tool) {
-        if (context.permissions.includes('admin')) {
-            return { allowed: true, reason: 'Admin has full access' };
-        }
-        const toolId = tool.id;
-        if (context.constraints.deniedTools?.some((pattern) => toolId === pattern || (typeof pattern === 'string' && toolId.includes(pattern.replace('*', ''))))) {
-            return { allowed: false, reason: 'Tool is explicitly denied' };
-        }
-        if (context.constraints.allowedTools?.length &&
-            !context.constraints.allowedTools.some((pattern) => toolId === pattern || (typeof pattern === 'string' && toolId.includes(pattern.replace('*', ''))))) {
-            return { allowed: false, reason: 'Tool not in allowed list' };
-        }
-        const serverAccess = this.checkServerAccess(context, { id: tool.serverId });
-        if (!serverAccess.allowed) {
-            return { allowed: false, reason: `Server access denied: ${serverAccess.reason}` };
-        }
-        const hasCapability = tool.capabilities.some(cap => context.permissions.includes(`tools:${cap}`) ||
-            context.permissions.includes('tools:execute'));
-        if (!hasCapability) {
-            return { allowed: false, reason: 'Missing required capability' };
-        }
-        return {
-            allowed: true,
-            reason: 'Access granted',
-            constraints: {
-                maxTools: context.constraints.maxToolsPerRequest,
-                timeout: tool.contextRequirements?.maxTokens ? tool.contextRequirements.maxTokens * 10 : 60000,
-            },
-        };
-    }
-    checkServerAccess(context, server) {
-        if (context.permissions.includes('admin')) {
-            return { allowed: true, reason: 'Admin has full access' };
-        }
-        const serverId = server.id;
-        if (context.constraints.deniedServers?.includes(serverId)) {
-            return { allowed: false, reason: 'Server is explicitly denied' };
-        }
-        if (context.constraints.allowedServers?.length &&
-            !context.constraints.allowedServers.includes(serverId)) {
-            return { allowed: false, reason: 'Server not in allowed list' };
-        }
-        return { allowed: true, reason: 'Server access granted' };
-    }
-    checkPermission(context, permission) {
-        if (context.permissions.includes('admin') || context.permissions.includes(permission)) {
-            return { allowed: true, reason: 'Permission granted' };
-        }
-        return { allowed: false, reason: `Missing permission: ${permission}` };
-    }
-    checkRateLimit(context, currentCount, window) {
-        const limit = window === 'minute'
-            ? context.constraints.rateLimitPerMinute
-            : context.constraints.rateLimitPerHour;
-        if (!limit) {
-            return { allowed: true, reason: 'No rate limit configured' };
-        }
-        if (currentCount >= limit) {
-            return {
-                allowed: false,
-                reason: `Rate limit exceeded: ${currentCount}/${limit} per ${window}`,
-            };
-        }
-        return { allowed: true, reason: 'Within rate limit' };
-    }
-    sanitizeContext(context, tool) {
-        const sanitized = {
-            agentId: context.agentId,
-            agentName: context.agentName,
-            agentType: context.agentType,
-            permissions: context.permissions.filter((p) => tool.capabilities.some(c => p.includes(c) || p === 'admin' || p === 'tools:execute')),
-            constraints: {
-                maxToolsPerRequest: Math.min(context.constraints.maxToolsPerRequest || 10, tool.contextRequirements?.maxTokens ? 5 : 10),
-            },
-            metadata: {},
-        };
-        return sanitized;
-    }
-}
-//# sourceMappingURL=access-control.js.map

package/dist/identity/access-control.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"access-control.js","sourceRoot":"","sources":["../../src/identity/access-control.ts"],"names":[],"mappings":"AASA,MAAM,OAAO,aAAa;IACxB,eAAe,CAAC,OAAwB,EAAE,IAAU;QAClD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;QAEvB,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,OAAgB,EAAE,EAAE,CAC7D,MAAM,KAAK,OAAO,IAAI,CAAC,OAAO,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CACjG,EAAE,CAAC;YACF,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;QACjE,CAAC;QAED,IAAI,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM;YACxC,CAAC,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,OAAgB,EAAE,EAAE,CAC1D,MAAM,KAAK,OAAO,IAAI,CAAC,OAAO,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CACjG,EAAE,CAAC;YACN,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;QAChE,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAY,CAAC,CAAC;QACtF,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,YAAY,CAAC,MAAM,EAAE,EAAE,CAAC;QACpF,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACjD,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,SAAS,GAAG,EAAgB,CAAC;YAC1D,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,eAAe,CAAC,CAC9C,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;QACnE,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,gBAAgB;YACxB,WAAW,EAAE;gBACX,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC,kBAAkB;gBAChD,OAAO,EAAE,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK;aAC/F;SACF,CAAC;IACJ,CAAC;IAED,iBAAiB,CAAC,OAAwB,EAAE,MAAc;QACxD,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,EAAE,CAAC;QAE3B,IAAI,OAAO,CAAC,WAAW,CAAC,aAAa,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;QACnE,CAAC;QAED,IAAI,OAAO,CAAC,WAAW,CAAC,cAAc,EAAE,MAAM;YAC1C,CAAC,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,4BAA4B,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;IAC5D,CAAC;IAED,eAAe,CAAC,OAAwB,EAAE,UAAsB;QAC9D,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACtF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACzD,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,uBAAuB,UAAU,EAAE,EAAE,CAAC;IACzE,CAAC;IAED,cAAc,CAAC,OAAwB,EAAE,YAAoB,EAAE,MAAyB;QACtF,MAAM,KAAK,GAAG,MAAM,KAAK,QAAQ;YAC/B,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB;YACxC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC;QAEzC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,IAAI,YAAY,IAAI,KAAK,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,wBAAwB,YAAY,IAAI,KAAK,QAAQ,MAAM,EAAE;aACtE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;IACxD,CAAC;IAED,eAAe,CAAC,OAAwB,EAAE,IAAU;QAClD,MAAM,SAAS,GAA4B;YACzC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAa,EAAE,EAAE,CACxD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,eAAe,CAAC,CACrF;YACD,WAAW,EAAE;gBACX,kBAAkB,EAAE,IAAI,CAAC,GAAG,CAC1B,OAAO,CAAC,WAAW,CAAC,kBAA4B,IAAI,EAAE,EACtD,IAAI,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAC7C;aACF;YACD,QAAQ,EAAE,EAAE;SACb,CAAC;QAEF,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}

package/dist/identity/index.d.ts

@@ -1,4 +0,0 @@
-export { IdentityManager } from './manager.js';
-export { AccessControl, type AccessDecision } from './access-control.js';
-export * from './types.js';
-//# sourceMappingURL=index.d.ts.map

package/dist/identity/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACzE,cAAc,YAAY,CAAC"}

package/dist/identity/index.js

@@ -1,4 +0,0 @@
-export { IdentityManager } from './manager.js';
-export { AccessControl } from './access-control.js';
-export * from './types.js';
-//# sourceMappingURL=index.js.map

package/dist/identity/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAuB,MAAM,qBAAqB,CAAC;AACzE,cAAc,YAAY,CAAC"}

package/dist/identity/manager.d.ts

@@ -1,29 +0,0 @@
-import type { Identity, Role, Permission, IdentityContext } from './types.js';
-export declare class IdentityManager {
-    private identities;
-    private roles;
-    private jwtSecret;
-    constructor(jwtSecret: string);
-    private initializeDefaultRoles;
-    registerIdentity(identity: Identity): void;
-    getIdentity(id: string): Identity | undefined;
-    getAllIdentities(): Identity[];
-    deleteIdentity(id: string): boolean;
-    registerRole(role: Role): void;
-    getRole(id: string): Role | undefined;
-    getAllRoles(): Role[];
-    getEffectivePermissions(identityId: string): Permission[];
-    hasPermission(identityId: string, permission: Permission): boolean;
-    canAccessTool(identityId: string, toolId: string): boolean;
-    canAccessServer(identityId: string, serverId: string): boolean;
-    createContext(identityId: string, options?: {
-        sessionId?: string;
-        requestId?: string;
-    }): IdentityContext | null;
-    generateToken(identityId: string, options?: {
-        sessionId?: string;
-        expiresInSeconds?: number;
-    }): string | null;
-    verifyToken(token: string): IdentityContext | null;
-}
-//# sourceMappingURL=manager.d.ts.map

package/dist/identity/manager.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"manager.d.ts","sourceRoot":"","sources":["../../src/identity/manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE9E,qBAAa,eAAe;IAC1B,OAAO,CAAC,UAAU,CAAoC;IACtD,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,SAAS,CAAS;gBAEd,SAAS,EAAE,MAAM;IAK7B,OAAO,CAAC,sBAAsB;IAyC9B,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;IAI1C,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,QAAQ,GAAG,SAAS;IAI7C,gBAAgB,IAAI,QAAQ,EAAE;IAI9B,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAInC,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI;IAI9B,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS;IAIrC,WAAW,IAAI,IAAI,EAAE;IAIrB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,EAAE;IAkBzD,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAMlE,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO;IAmB1D,eAAe,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAe9D,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,eAAe,GAAG,IAAI;IAoB/G,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,gBAAgB,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,MAAM,GAAG,IAAI;IAoB7G,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI;CA0BnD"}

package/dist/identity/manager.js

@@ -1,167 +0,0 @@
-import jwt from 'jsonwebtoken';
-export class IdentityManager {
-    identities = new Map();
-    roles = new Map();
-    jwtSecret;
-    constructor(jwtSecret) {
-        this.jwtSecret = jwtSecret;
-        this.initializeDefaultRoles();
-    }
-    initializeDefaultRoles() {
-        const defaultRoles = [
-            {
-                id: 'admin',
-                name: 'Administrator',
-                description: 'Full access to all resources',
-                permissions: ['admin', 'tools:read', 'tools:write', 'tools:execute', 'servers:read', 'servers:write', 'workflows:read', 'workflows:write', 'workflows:execute'],
-                createdAt: new Date().toISOString(),
-                updatedAt: new Date().toISOString(),
-            },
-            {
-                id: 'developer',
-                name: 'Developer',
-                description: 'Can read and execute tools, manage workflows',
-                permissions: ['tools:read', 'tools:execute', 'servers:read', 'workflows:read', 'workflows:write', 'workflows:execute'],
-                createdAt: new Date().toISOString(),
-                updatedAt: new Date().toISOString(),
-            },
-            {
-                id: 'viewer',
-                name: 'Viewer',
-                description: 'Read-only access to tools and workflows',
-                permissions: ['tools:read', 'servers:read', 'workflows:read'],
-                createdAt: new Date().toISOString(),
-                updatedAt: new Date().toISOString(),
-            },
-            {
-                id: 'service',
-                name: 'Service Account',
-                description: 'Automated service with limited permissions',
-                permissions: ['tools:read', 'tools:execute', 'workflows:read', 'workflows:execute'],
-                createdAt: new Date().toISOString(),
-                updatedAt: new Date().toISOString(),
-            },
-        ];
-        for (const role of defaultRoles) {
-            this.roles.set(role.id, role);
-        }
-    }
-    registerIdentity(identity) {
-        this.identities.set(identity.id, identity);
-    }
-    getIdentity(id) {
-        return this.identities.get(id);
-    }
-    getAllIdentities() {
-        return Array.from(this.identities.values());
-    }
-    deleteIdentity(id) {
-        return this.identities.delete(id);
-    }
-    registerRole(role) {
-        this.roles.set(role.id, role);
-    }
-    getRole(id) {
-        return this.roles.get(id);
-    }
-    getAllRoles() {
-        return Array.from(this.roles.values());
-    }
-    getEffectivePermissions(identityId) {
-        const identity = this.identities.get(identityId);
-        if (!identity)
-            return [];
-        const permissions = new Set(identity.permissions);
-        for (const roleId of identity.roleIds) {
-            const role = this.roles.get(roleId);
-            if (role) {
-                for (const permission of role.permissions) {
-                    permissions.add(permission);
-                }
-            }
-        }
-        return Array.from(permissions);
-    }
-    hasPermission(identityId, permission) {
-        const permissions = this.getEffectivePermissions(identityId);
-        if (permissions.includes('admin'))
-            return true;
-        return permissions.includes(permission);
-    }
-    canAccessTool(identityId, toolId) {
-        const identity = this.identities.get(identityId);
-        if (!identity)
-            return false;
-        if (identity.constraints.allowedTools?.length) {
-            return identity.constraints.allowedTools.some(pattern => toolId === pattern || toolId.includes(pattern.replace('*', '')));
-        }
-        if (identity.constraints.deniedTools?.length) {
-            return !identity.constraints.deniedTools.some(pattern => toolId === pattern || toolId.includes(pattern.replace('*', '')));
-        }
-        return true;
-    }
-    canAccessServer(identityId, serverId) {
-        const identity = this.identities.get(identityId);
-        if (!identity)
-            return false;
-        if (identity.constraints.allowedServers?.length) {
-            return identity.constraints.allowedServers.includes(serverId);
-        }
-        if (identity.constraints.deniedServers?.length) {
-            return !identity.constraints.deniedServers.includes(serverId);
-        }
-        return true;
-    }
-    createContext(identityId, options) {
-        const identity = this.identities.get(identityId);
-        if (!identity)
-            return null;
-        const permissions = this.getEffectivePermissions(identityId);
-        const now = new Date().toISOString();
-        return {
-            agentId: identity.id,
-            agentName: identity.name,
-            agentType: identity.type,
-            requestId: options?.requestId || `req-${Date.now()}`,
-            permissions,
-            constraints: identity.constraints,
-            metadata: identity.metadata,
-            issuedAt: now,
-            expiresAt: new Date(Date.now() + 24 * 60 * 60 * 1000).toISOString(),
-        };
-    }
-    generateToken(identityId, options) {
-        const context = this.createContext(identityId, { sessionId: options?.sessionId });
-        if (!context)
-            return null;
-        const expiresIn = options?.expiresInSeconds || 86400;
-        return jwt.sign({
-            agentId: context.agentId,
-            agentName: context.agentName,
-            agentType: context.agentType,
-            permissions: context.permissions,
-            constraints: context.constraints,
-            metadata: context.metadata,
-        }, this.jwtSecret, { expiresIn });
-    }
-    verifyToken(token) {
-        try {
-            const payload = jwt.verify(token, this.jwtSecret);
-            return {
-                agentId: payload.agentId,
-                agentName: payload.agentName,
-                agentType: payload.agentType,
-                requestId: payload.iat ? `req-${payload.iat}` : `req-${Date.now()}`,
-                permissions: payload.permissions,
-                constraints: payload.constraints,
-                metadata: payload.metadata,
-                issuedAt: new Date(payload.iat * 1000).toISOString(),
-                expiresAt: new Date(payload.exp * 1000).toISOString(),
-            };
-        }
-        catch {
-            return null;
-        }
-    }
-}
-//# sourceMappingURL=manager.js.map

package/dist/identity/manager.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"manager.js","sourceRoot":"","sources":["../../src/identity/manager.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,cAAc,CAAC;AAG/B,MAAM,OAAO,eAAe;IAClB,UAAU,GAA0B,IAAI,GAAG,EAAE,CAAC;IAC9C,KAAK,GAAsB,IAAI,GAAG,EAAE,CAAC;IACrC,SAAS,CAAS;IAE1B,YAAY,SAAiB;QAC3B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,sBAAsB,EAAE,CAAC;IAChC,CAAC;IAEO,sBAAsB;QAC5B,MAAM,YAAY,GAAW;YAC3B;gBACE,EAAE,EAAE,OAAO;gBACX,IAAI,EAAE,eAAe;gBACrB,WAAW,EAAE,8BAA8B;gBAC3C,WAAW,EAAE,CAAC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC;gBAC/J,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,WAAW;gBACjB,WAAW,EAAE,8CAA8C;gBAC3D,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC;gBACtH,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,QAAQ;gBACZ,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;gBACtD,WAAW,EAAE,CAAC,YAAY,EAAE,cAAc,EAAE,gBAAgB,CAAC;gBAC7D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;YACD;gBACE,EAAE,EAAE,SAAS;gBACb,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,4CAA4C;gBACzD,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,CAAC;gBACnF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,QAAkB;QACjC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,WAAW,CAAC,EAAU;QACpB,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACjC,CAAC;IAED,gBAAgB;QACd,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,CAAC;IAED,cAAc,CAAC,EAAU;QACvB,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAED,YAAY,CAAC,IAAU;QACrB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,CAAC,EAAU;QAChB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5B,CAAC;IAED,WAAW;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,uBAAuB,CAAC,UAAkB;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,EAAE,CAAC;QAEzB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAa,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE9D,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,IAAI,EAAE,CAAC;gBACT,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC1C,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBAC9B,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACjC,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,UAAsB;QACtD,MAAM,WAAW,GAAG,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAC7D,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;QAC/C,OAAO,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,MAAc;QAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5B,IAAI,QAAQ,CAAC,WAAW,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;YAC9C,OAAO,QAAQ,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACtD,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAChE,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;YAC7C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACtD,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAChE,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,eAAe,CAAC,UAAkB,EAAE,QAAgB;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5B,IAAI,QAAQ,CAAC,WAAW,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;YAChD,OAAO,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,QAAQ,CAAC,WAAW,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YAC/C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,OAAoD;QACpF,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE3B,MAAM,WAAW,GAAG,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,OAAO;YACL,OAAO,EAAE,QAAQ,CAAC,EAAE;YACpB,SAAS,EAAE,QAAQ,CAAC,IAAI;YACxB,SAAS,EAAE,QAAQ,CAAC,IAAI;YACxB,SAAS,EAAE,OAAO,EAAE,SAAS,IAAI,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE;YACpD,WAAW;YACX,WAAW,EAAE,QAAQ,CAAC,WAA6C;YACnE,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,QAAQ,EAAE,GAAG;YACb,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SACpE,CAAC;IACJ,CAAC;IAED,aAAa,CAAC,UAAkB,EAAE,OAA2D;QAC3F,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,MAAM,SAAS,GAAG,OAAO,EAAE,gBAAgB,IAAI,KAAK,CAAC;QAErD,OAAO,GAAG,CAAC,IAAI,CACb;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,EACD,IAAI,CAAC,SAAS,EACd,EAAE,SAAS,EAAE,CACd,CAAC;IACJ,CAAC;IAED,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAO/C,CAAC;YAEF,OAAO;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE;gBACnE,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,WAAW,EAAE,OAAO,CAAC,WAA6C;gBAClE,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;gBACnD,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;aACzD,CAAC;QACF,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF"}

package/dist/identity/types.d.ts

@@ -1,237 +0,0 @@
-import { z } from 'zod';
-export declare const PermissionSchema: z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>;
-export declare const RoleSchema: z.ZodObject<{
-    id: z.ZodString;
-    name: z.ZodString;
-    description: z.ZodString;
-    permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
-    parentRoleId: z.ZodOptional<z.ZodString>;
-    createdAt: z.ZodString;
-    updatedAt: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    id: string;
-    name: string;
-    description: string;
-    createdAt: string;
-    updatedAt: string;
-    permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
-    parentRoleId?: string | undefined;
-}, {
-    id: string;
-    name: string;
-    description: string;
-    createdAt: string;
-    updatedAt: string;
-    permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
-    parentRoleId?: string | undefined;
-}>;
-export declare const AgentIdentitySchema: z.ZodObject<{
-    id: z.ZodString;
-    name: z.ZodString;
-    type: z.ZodEnum<["user", "agent", "service", "system"]>;
-    description: z.ZodOptional<z.ZodString>;
-    roleIds: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
-    permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
-    constraints: z.ZodDefault<z.ZodObject<{
-        maxToolsPerRequest: z.ZodDefault<z.ZodNumber>;
-        maxConcurrentExecutions: z.ZodDefault<z.ZodNumber>;
-        allowedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        deniedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        allowedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        deniedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        rateLimitPerMinute: z.ZodOptional<z.ZodNumber>;
-        rateLimitPerHour: z.ZodOptional<z.ZodNumber>;
-    }, "strip", z.ZodTypeAny, {
-        maxToolsPerRequest: number;
-        maxConcurrentExecutions: number;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    }, {
-        maxToolsPerRequest?: number | undefined;
-        maxConcurrentExecutions?: number | undefined;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    }>>;
-    metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
-    trustLevel: z.ZodDefault<z.ZodEnum<["untrusted", "low", "medium", "high", "fully-trusted"]>>;
-    createdAt: z.ZodString;
-    updatedAt: z.ZodString;
-    lastActiveAt: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    id: string;
-    name: string;
-    type: "user" | "agent" | "service" | "system";
-    metadata: Record<string, any>;
-    createdAt: string;
-    updatedAt: string;
-    permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
-    roleIds: string[];
-    constraints: {
-        maxToolsPerRequest: number;
-        maxConcurrentExecutions: number;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    };
-    trustLevel: "untrusted" | "low" | "medium" | "high" | "fully-trusted";
-    description?: string | undefined;
-    lastActiveAt?: string | undefined;
-}, {
-    id: string;
-    name: string;
-    type: "user" | "agent" | "service" | "system";
-    createdAt: string;
-    updatedAt: string;
-    description?: string | undefined;
-    metadata?: Record<string, any> | undefined;
-    permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
-    roleIds?: string[] | undefined;
-    constraints?: {
-        maxToolsPerRequest?: number | undefined;
-        maxConcurrentExecutions?: number | undefined;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    } | undefined;
-    trustLevel?: "untrusted" | "low" | "medium" | "high" | "fully-trusted" | undefined;
-    lastActiveAt?: string | undefined;
-}>;
-export declare const IdentityContextSchema: z.ZodObject<{
-    agentId: z.ZodString;
-    agentName: z.ZodString;
-    agentType: z.ZodEnum<["user", "agent", "service", "system"]>;
-    sessionId: z.ZodOptional<z.ZodString>;
-    requestId: z.ZodString;
-    permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
-    constraints: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
-    metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
-    issuedAt: z.ZodString;
-    expiresAt: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    metadata: Record<string, any>;
-    agentId: string;
-    permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
-    constraints: Record<string, any>;
-    agentName: string;
-    agentType: "user" | "agent" | "service" | "system";
-    requestId: string;
-    issuedAt: string;
-    sessionId?: string | undefined;
-    expiresAt?: string | undefined;
-}, {
-    agentId: string;
-    agentName: string;
-    agentType: "user" | "agent" | "service" | "system";
-    requestId: string;
-    issuedAt: string;
-    metadata?: Record<string, any> | undefined;
-    permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
-    constraints?: Record<string, any> | undefined;
-    sessionId?: string | undefined;
-    expiresAt?: string | undefined;
-}>;
-export type Permission = z.infer<typeof PermissionSchema>;
-export type Role = z.infer<typeof RoleSchema>;
-export type AgentIdentity = z.infer<typeof IdentitySchema>;
-export type IdentityContext = z.infer<typeof IdentityContextSchema>;
-export declare const IdentitySchema: z.ZodObject<{
-    id: z.ZodString;
-    name: z.ZodString;
-    type: z.ZodEnum<["user", "agent", "service", "system"]>;
-    description: z.ZodOptional<z.ZodString>;
-    roleIds: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
-    permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["tools:read", "tools:write", "tools:execute", "servers:read", "servers:write", "workflows:read", "workflows:write", "workflows:execute", "admin"]>, "many">>;
-    constraints: z.ZodDefault<z.ZodObject<{
-        maxToolsPerRequest: z.ZodDefault<z.ZodNumber>;
-        maxConcurrentExecutions: z.ZodDefault<z.ZodNumber>;
-        allowedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        deniedServers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        allowedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        deniedTools: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        rateLimitPerMinute: z.ZodOptional<z.ZodNumber>;
-        rateLimitPerHour: z.ZodOptional<z.ZodNumber>;
-    }, "strip", z.ZodTypeAny, {
-        maxToolsPerRequest: number;
-        maxConcurrentExecutions: number;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    }, {
-        maxToolsPerRequest?: number | undefined;
-        maxConcurrentExecutions?: number | undefined;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    }>>;
-    metadata: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodAny>>;
-    trustLevel: z.ZodDefault<z.ZodEnum<["untrusted", "low", "medium", "high", "fully-trusted"]>>;
-    createdAt: z.ZodString;
-    updatedAt: z.ZodString;
-    lastActiveAt: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    id: string;
-    name: string;
-    type: "user" | "agent" | "service" | "system";
-    metadata: Record<string, any>;
-    createdAt: string;
-    updatedAt: string;
-    permissions: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[];
-    roleIds: string[];
-    constraints: {
-        maxToolsPerRequest: number;
-        maxConcurrentExecutions: number;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    };
-    trustLevel: "untrusted" | "low" | "medium" | "high" | "fully-trusted";
-    description?: string | undefined;
-    lastActiveAt?: string | undefined;
-}, {
-    id: string;
-    name: string;
-    type: "user" | "agent" | "service" | "system";
-    createdAt: string;
-    updatedAt: string;
-    description?: string | undefined;
-    metadata?: Record<string, any> | undefined;
-    permissions?: ("admin" | "tools:read" | "tools:write" | "tools:execute" | "servers:read" | "servers:write" | "workflows:read" | "workflows:write" | "workflows:execute")[] | undefined;
-    roleIds?: string[] | undefined;
-    constraints?: {
-        maxToolsPerRequest?: number | undefined;
-        maxConcurrentExecutions?: number | undefined;
-        allowedServers?: string[] | undefined;
-        deniedServers?: string[] | undefined;
-        allowedTools?: string[] | undefined;
-        deniedTools?: string[] | undefined;
-        rateLimitPerMinute?: number | undefined;
-        rateLimitPerHour?: number | undefined;
-    } | undefined;
-    trustLevel?: "untrusted" | "low" | "medium" | "high" | "fully-trusted" | undefined;
-    lastActiveAt?: string | undefined;
-}>;
-export type Identity = z.infer<typeof IdentitySchema>;
-//# sourceMappingURL=types.d.ts.map

package/dist/identity/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/identity/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,gBAAgB,+JAU3B,CAAC;AAEH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;EAQrB,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAsB9B,CAAC;AAEH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAWhC,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC1D,MAAM,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,UAAU,CAAC,CAAC;AAC9C,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAC3D,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAsBzB,CAAC;AAEH,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC"}

package/dist/identity/types.js

@@ -1,80 +0,0 @@
-import { z } from 'zod';
-export const PermissionSchema = z.enum([
-    'tools:read',
-    'tools:write',
-    'tools:execute',
-    'servers:read',
-    'servers:write',
-    'workflows:read',
-    'workflows:write',
-    'workflows:execute',
-    'admin',
-]);
-export const RoleSchema = z.object({
-    id: z.string(),
-    name: z.string(),
-    description: z.string(),
-    permissions: z.array(PermissionSchema).default([]),
-    parentRoleId: z.string().optional(),
-    createdAt: z.string(),
-    updatedAt: z.string(),
-});
-export const AgentIdentitySchema = z.object({
-    id: z.string(),
-    name: z.string(),
-    type: z.enum(['user', 'agent', 'service', 'system']),
-    description: z.string().optional(),
-    roleIds: z.array(z.string()).default([]),
-    permissions: z.array(PermissionSchema).default([]),
-    constraints: z.object({
-        maxToolsPerRequest: z.number().default(10),
-        maxConcurrentExecutions: z.number().default(5),
-        allowedServers: z.array(z.string()).optional(),
-        deniedServers: z.array(z.string()).optional(),
-        allowedTools: z.array(z.string()).optional(),
-        deniedTools: z.array(z.string()).optional(),
-        rateLimitPerMinute: z.number().optional(),
-        rateLimitPerHour: z.number().optional(),
-    }).default({}),
-    metadata: z.record(z.any()).default({}),
-    trustLevel: z.enum(['untrusted', 'low', 'medium', 'high', 'fully-trusted']).default('medium'),
-    createdAt: z.string(),
-    updatedAt: z.string(),
-    lastActiveAt: z.string().optional(),
-});
-export const IdentityContextSchema = z.object({
-    agentId: z.string(),
-    agentName: z.string(),
-    agentType: z.enum(['user', 'agent', 'service', 'system']),
-    sessionId: z.string().optional(),
-    requestId: z.string(),
-    permissions: z.array(PermissionSchema).default([]),
-    constraints: z.record(z.any()).default({}),
-    metadata: z.record(z.any()).default({}),
-    issuedAt: z.string(),
-    expiresAt: z.string().optional(),
-});
-export const IdentitySchema = z.object({
-    id: z.string(),
-    name: z.string(),
-    type: z.enum(['user', 'agent', 'service', 'system']),
-    description: z.string().optional(),
-    roleIds: z.array(z.string()).default([]),
-    permissions: z.array(PermissionSchema).default([]),
-    constraints: z.object({
-        maxToolsPerRequest: z.number().default(10),
-        maxConcurrentExecutions: z.number().default(5),
-        allowedServers: z.array(z.string()).optional(),
-        deniedServers: z.array(z.string()).optional(),
-        allowedTools: z.array(z.string()).optional(),
-        deniedTools: z.array(z.string()).optional(),
-        rateLimitPerMinute: z.number().optional(),
-        rateLimitPerHour: z.number().optional(),
-    }).default({}),
-    metadata: z.record(z.any()).default({}),
-    trustLevel: z.enum(['untrusted', 'low', 'medium', 'high', 'fully-trusted']).default('medium'),
-    createdAt: z.string(),
-    updatedAt: z.string(),
-    lastActiveAt: z.string().optional(),
-});
-//# sourceMappingURL=types.js.map

package/dist/identity/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/identity/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,IAAI,CAAC;IACrC,YAAY;IACZ,aAAa;IACb,eAAe;IACf,cAAc;IACd,eAAe;IACf,gBAAgB;IAChB,iBAAiB;IACjB,mBAAmB;IACnB,OAAO;CACR,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACpD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1C,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9C,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC9C,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC7C,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACzC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACxC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC7F,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACzD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAChC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACjC,CAAC,CAAC;AAOH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IACpD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxC,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;QACpB,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1C,uBAAuB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9C,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC9C,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC7C,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC5C,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QAC3C,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACzC,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KACxC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACd,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACvC,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;IAC7F,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC"}